Re: [qmailtoaster] dkim1._domainkey record not found
On 1/21/2019 3:47 PM, Eric Broch wrote: I figured it out at least on my host as to why one would get 'record not found'. My mail host has entry in resolv.conf 'nameserver 127.0.0.1' I have named config file for my domain to resolve to this mail host, 192.168.x.x running # opendkim-testkey -vvv -d whitehorsetc.com -k /var/qmail/control/dkim/whitehorsetc.com.key -s dkim1 yields 'record not found' when I change resolv.conf to external nameserver (8.8.8.8) # opendkim-testkey -vvv -d whitehorsetc.com -k /var/qmail/control/dkim/whitehorsetc.com.key -s dkim1 yields 'key OK' You must add a TXT record to whichever DNS server your mail host is using. I added proper text record to my name server 'localhost' and now I get 'key OK' On 1/21/2019 10:41 AM, Eric Broch wrote: Maybe restart your named server. On 1/21/2019 4:58 AM, Leonardo Porto wrote: Looks like I was checking it the wrong way, the correct is: # dig dkim1._domainkey.iwtelecom.com.br TXT ;; ANSWER SECTION: dkim1._domainkey.iwtelecom.com.br. 86400 IN TXT "v=DKIM1\; k=rsa\; p=blabla...blabla" Checking the key at https://dkimcore.org/tools/ looks fine also. The opendkim-testkey still shows the error though. Em 17/01/2019 18:30, Leonardo Porto escreveu: Hi everyone, I'm doing the DKIM step for a new server and when I test my DKIM signature I receive the error: # opendkim-testkey - -d iwtelecom.com.br -k /var/qmail/control/dkim/global.key -s dkim1 opendkim-testkey: using default configfile /etc/opendkim.conf opendkim-testkey: /var/qmail/control/dkim/global.key: WARNING: unsafe permissions opendkim-testkey: key loaded from /var/qmail/control/dkim/global.key opendkim-testkey: checking key 'dkim1._domainkey.iwtelecom.com.br' *opendkim-testkey: 'dkim1._domainkey.iwtelecom.com.br' record not found* I created the record in the domain zone like bellow: dkim1._domainkey IN TXT "v=DKIM1; k=rsa; p=bla...bla" But it does not work when I try to resolve it: dig dkim1._domainkey.iwtelecom.com.br And it is not shown when I try: dig +noall +answer iwtelecom.com.br any Only the SPF record... I used the named-checkzone and everything looks fine, what am I doind wrong? -- Eric Broch White Horse Technical Consulting (WHTC) -- Eric Broch White Horse Technical Consulting (WHTC) -- Eric Broch White Horse Technical Consulting (WHTC)
Re: [qmailtoaster] dkim1._domainkey record not found
I figured it out at least on my host as to why one would get 'record not found'. My mail host has entry in resolv.conf 'nameserver 127.0.0.1' I have named config file for my domain to resolve to this mail host, 192.168.x.x running # opendkim-testkey -vvv -d whitehorsetc.com -k /var/qmail/control/dkim/whitehorsetc.com.key -s dkim1 yields 'record not found' when I change resolv.conf to external nameserver (8.8.8.8) # opendkim-testkey -vvv -d whitehorsetc.com -k /var/qmail/control/dkim/whitehorsetc.com.key -s dkim1 yields 'key OK' You must add a TXT record to whichever DNS server your mail host is using. On 1/21/2019 10:41 AM, Eric Broch wrote: Maybe restart your named server. On 1/21/2019 4:58 AM, Leonardo Porto wrote: Looks like I was checking it the wrong way, the correct is: # dig dkim1._domainkey.iwtelecom.com.br TXT ;; ANSWER SECTION: dkim1._domainkey.iwtelecom.com.br. 86400 IN TXT "v=DKIM1\; k=rsa\; p=blabla...blabla" Checking the key at https://dkimcore.org/tools/ looks fine also. The opendkim-testkey still shows the error though. Em 17/01/2019 18:30, Leonardo Porto escreveu: Hi everyone, I'm doing the DKIM step for a new server and when I test my DKIM signature I receive the error: # opendkim-testkey - -d iwtelecom.com.br -k /var/qmail/control/dkim/global.key -s dkim1 opendkim-testkey: using default configfile /etc/opendkim.conf opendkim-testkey: /var/qmail/control/dkim/global.key: WARNING: unsafe permissions opendkim-testkey: key loaded from /var/qmail/control/dkim/global.key opendkim-testkey: checking key 'dkim1._domainkey.iwtelecom.com.br' *opendkim-testkey: 'dkim1._domainkey.iwtelecom.com.br' record not found* I created the record in the domain zone like bellow: dkim1._domainkey IN TXT "v=DKIM1; k=rsa; p=bla...bla" But it does not work when I try to resolve it: dig dkim1._domainkey.iwtelecom.com.br And it is not shown when I try: dig +noall +answer iwtelecom.com.br any Only the SPF record... I used the named-checkzone and everything looks fine, what am I doind wrong? -- Eric Broch White Horse Technical Consulting (WHTC) -- Eric Broch White Horse Technical Consulting (WHTC)
Re: [qmailtoaster] dkim1._domainkey record not found
Maybe restart your named server. On 1/21/2019 4:58 AM, Leonardo Porto wrote: Looks like I was checking it the wrong way, the correct is: # dig dkim1._domainkey.iwtelecom.com.br TXT ;; ANSWER SECTION: dkim1._domainkey.iwtelecom.com.br. 86400 IN TXT "v=DKIM1\; k=rsa\; p=blabla...blabla" Checking the key at https://dkimcore.org/tools/ looks fine also. The opendkim-testkey still shows the error though. Em 17/01/2019 18:30, Leonardo Porto escreveu: Hi everyone, I'm doing the DKIM step for a new server and when I test my DKIM signature I receive the error: # opendkim-testkey - -d iwtelecom.com.br -k /var/qmail/control/dkim/global.key -s dkim1 opendkim-testkey: using default configfile /etc/opendkim.conf opendkim-testkey: /var/qmail/control/dkim/global.key: WARNING: unsafe permissions opendkim-testkey: key loaded from /var/qmail/control/dkim/global.key opendkim-testkey: checking key 'dkim1._domainkey.iwtelecom.com.br' *opendkim-testkey: 'dkim1._domainkey.iwtelecom.com.br' record not found* I created the record in the domain zone like bellow: dkim1._domainkey IN TXT "v=DKIM1; k=rsa; p=bla...bla" But it does not work when I try to resolve it: dig dkim1._domainkey.iwtelecom.com.br And it is not shown when I try: dig +noall +answer iwtelecom.com.br any Only the SPF record... I used the named-checkzone and everything looks fine, what am I doind wrong? -- Eric Broch White Horse Technical Consulting (WHTC)
Re: [qmailtoaster] dkim1._domainkey record not found
Looks like I was checking it the wrong way, the correct is: # dig dkim1._domainkey.iwtelecom.com.br TXT ;; ANSWER SECTION: dkim1._domainkey.iwtelecom.com.br. 86400 IN TXT "v=DKIM1\; k=rsa\; p=blabla...blabla" Checking the key at https://dkimcore.org/tools/ looks fine also. The opendkim-testkey still shows the error though. Em 17/01/2019 18:30, Leonardo Porto escreveu: Hi everyone, I'm doing the DKIM step for a new server and when I test my DKIM signature I receive the error: # opendkim-testkey - -d iwtelecom.com.br -k /var/qmail/control/dkim/global.key -s dkim1 opendkim-testkey: using default configfile /etc/opendkim.conf opendkim-testkey: /var/qmail/control/dkim/global.key: WARNING: unsafe permissions opendkim-testkey: key loaded from /var/qmail/control/dkim/global.key opendkim-testkey: checking key 'dkim1._domainkey.iwtelecom.com.br' *opendkim-testkey: 'dkim1._domainkey.iwtelecom.com.br' record not found* I created the record in the domain zone like bellow: dkim1._domainkey IN TXT "v=DKIM1; k=rsa; p=bla...bla" But it does not work when I try to resolve it: dig dkim1._domainkey.iwtelecom.com.br And it is not shown when I try: dig +noall +answer iwtelecom.com.br any Only the SPF record... I used the named-checkzone and everything looks fine, what am I doind wrong?