subject:"\[qmailtoaster\] dkim1._domainkey record not found"

Re: [qmailtoaster] dkim1._domainkey record not found

2019-01-22 Thread Leonardo Porto

I updated the defaultdomain and defaulthost files in /var/qmail/control/ 
to iwtelecom.com.br and restarted qmailtoaster.

Gmail it is still checking dkim for app1.iw.net.br (hostname).
Any idea what more files to check?

Here it is some part of the headers:

ARC-Authentication-Results: i=1; mx.google.com;
   dkim=pass header.i=@app1.iw.net.br header.s=dkim1 header.b=KdM7MJMS;
   spf=pass (google.com: domain of sender at iwtelecom.com.br designates 
187.0.147.206 as permitted sender) smtp.mailfrom=sender at iwtelecom.com.br;
   dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=iwtelecom.com.br
Return-Path: 
Received: from app1.iw.net.br (mail.iwtelecom.com.br. [187.0.147.206])
by mx.google.com with ESMTPS id a76si2719168qkg.65.2019.01.22.12.18.56
for 
(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
Tue, 22 Jan 2019 12:18:57 -0800 (PST)


Em 22/01/2019 13:01, Remo Mattei escreveu:

I am pretty sure you have something miss-configured.

I have this working but you also need to see if you have the default 
correct. I will share what I have done and I know it works since I 
have done it in 2 servers now.


Remo

On Jan 22, 2019, at 03:36, Leonardo Porto > wrote:


Bingo.

This machine was using my authoritative slave and for some reason it 
did not update the zone yet.

I changed the resolver then:

opendkim-testkey: checking key 'dkim1._domainkey.iwtelecom.com.br 
'

opendkim-testkey: key OK

But I found something else: when I send a message the destination 
server is not checking my sender's domain key, it is checking my 
server's hostname instead, wich is app1.iw.net.br 
.


So I had to create to more records: dkim1._domainkey.iw.net.br 
 and dkim1._domainkey.app1.iw.net.br 



Now Gmail says DKIM is ok:

DKIM:    'PASS' com o domínio app1.iw.net.br 


Em 21/01/2019 20:47, Eric Broch escreveu:


I figured it out at least on my host as to why one would get 'record 
not found'.


My mail host has entry in resolv.conf 'nameserver 127.0.0.1'

I have named config file for my domain to resolve to this mail host, 
192.168.x.x


running

# opendkim-testkey -vvv -d whitehorsetc.com 
  -k 
/var/qmail/control/dkim/whitehorsetc.com.key -s dkim1


yields 'record not found'

when I change resolv.conf to external nameserver (8.8.8.8)

# opendkim-testkey -vvv -d whitehorsetc.com 
  -k 
/var/qmail/control/dkim/whitehorsetc.com.key -s dkim1


yields 'key OK'

You must add a TXT record to whichever DNS server your mail host is 
using.


On 1/21/2019 10:41 AM, Eric Broch wrote:


Maybe restart your named server.

On 1/21/2019 4:58 AM, Leonardo Porto wrote:


Looks like I was checking it the wrong way, the correct is:

# dig dkim1._domainkey.iwtelecom.com.br 
 TXT

;; ANSWER SECTION:
dkim1._domainkey.iwtelecom.com.br 
. 86400 IN TXT "v=DKIM1\; 
k=rsa\; p=blabla...blabla"


Checking the key at https://dkimcore.org/tools/ looks fine also.

The opendkim-testkey still shows the error though.


Em 17/01/2019 18:30, Leonardo Porto escreveu:


Hi everyone,

I'm doing the DKIM step for a new server and when I test my DKIM 
signature I receive the error:


# opendkim-testkey - -d iwtelecom.com.br 
 -k /var/qmail/control/dkim/global.key 
-s dkim1

opendkim-testkey: using default configfile /etc/opendkim.conf
opendkim-testkey: /var/qmail/control/dkim/global.key: WARNING: 
unsafe permissions

opendkim-testkey: key loaded from /var/qmail/control/dkim/global.key
opendkim-testkey: checking key 'dkim1._domainkey.iwtelecom.com.br 
'
*opendkim-testkey: 'dkim1._domainkey.iwtelecom.com.br 
' record not found*


I created the record in the domain zone like bellow:

dkim1._domainkey IN  TXT "v=DKIM1; k=rsa; p=bla...bla"

But it does not work when I try to resolve it:

dig dkim1._domainkey.iwtelecom.com.br 



And it is not shown when I try:

dig +noall +answer iwtelecom.com.br  any

Only the SPF record... I used the named-checkzone and everything 
looks fine, what am I doind wrong?




--
Eric Broch
White Horse Technical Consulting (WHTC)

--
Eric Broch
White Horse Technical Consulting (WHTC)

Re: [qmailtoaster] dkim1._domainkey record not found

2019-01-22 Thread Remo Mattei

I am pretty sure you have something miss-configured. 

I have this working but you also need to see if you have the default correct. I 
will share what I have done and I know it works since I have done it in 2 
servers now.

Remo 

> On Jan 22, 2019, at 03:36, Leonardo Porto  wrote:
> 
> Bingo.
> 
> This machine was using my authoritative slave and for some reason it did not 
> update the zone yet.
> I changed the resolver then:
> 
> opendkim-testkey: checking key 'dkim1._domainkey.iwtelecom.com.br'
> opendkim-testkey: key OK
> 
> But I found something else: when I send a message the destination server is 
> not checking my sender's domain key, it is checking my server's hostname 
> instead, wich is app1.iw.net.br.
> 
> So I had to create to more records: dkim1._domainkey.iw.net.br and 
> dkim1._domainkey.app1.iw.net.br
> 
> Now Gmail says DKIM is ok: 
> 
> DKIM:'PASS' com o domínio app1.iw.net.br
> 
> 
> 
> Em 21/01/2019 20:47, Eric Broch escreveu:
>> I figured it out at least on my host as to why one would get 'record not 
>> found'.
>> 
>> My mail host has entry in resolv.conf 'nameserver 127.0.0.1'
>> 
>> I have named config file for my domain to resolve to this mail host, 
>> 192.168.x.x
>> 
>> running 
>> 
>> # opendkim-testkey -vvv -d whitehorsetc.com  -k 
>> /var/qmail/control/dkim/whitehorsetc.com.key -s dkim1
>> 
>> yields 'record not found'
>> 
>> when I change resolv.conf to external nameserver (8.8.8.8)
>> 
>> # opendkim-testkey -vvv -d whitehorsetc.com  -k 
>> /var/qmail/control/dkim/whitehorsetc.com.key -s dkim1
>> 
>> yields 'key OK'
>> 
>> You must add a TXT record to whichever DNS server your mail host is using.
>> 
>> On 1/21/2019 10:41 AM, Eric Broch wrote:
>>> Maybe restart your named server.
>>> 
>>> On 1/21/2019 4:58 AM, Leonardo Porto wrote:
 Looks like I was checking it the wrong way, the correct is:
 
 # dig dkim1._domainkey.iwtelecom.com.br TXT
 ;; ANSWER SECTION:
 dkim1._domainkey.iwtelecom.com.br. 86400 IN TXT "v=DKIM1\; k=rsa\; 
 p=blabla...blabla"
 
 Checking the key at https://dkimcore.org/tools/ 
  looks fine also.
 
 The opendkim-testkey still shows the error though.
 
 
 
 Em 17/01/2019 18:30, Leonardo Porto escreveu:
> Hi everyone,
> 
> I'm doing the DKIM step for a new server and when I test my DKIM 
> signature I receive the error:
> 
> # opendkim-testkey - -d iwtelecom.com.br  -k 
> /var/qmail/control/dkim/global.key -s dkim1
> opendkim-testkey: using default configfile /etc/opendkim.conf
> opendkim-testkey: /var/qmail/control/dkim/global.key: WARNING: unsafe 
> permissions
> opendkim-testkey: key loaded from /var/qmail/control/dkim/global.key
> opendkim-testkey: checking key 'dkim1._domainkey.iwtelecom.com.br'
> opendkim-testkey: 'dkim1._domainkey.iwtelecom.com.br' record not found
> 
> I created the record in the domain zone like bellow:
> 
> dkim1._domainkeyIN  TXT "v=DKIM1; k=rsa; 
> p=bla...bla"
> 
> But it does not work when I try to resolve it:
> 
> dig dkim1._domainkey.iwtelecom.com.br
> 
> And it is not shown when I try:
> 
> dig +noall +answer iwtelecom.com.br any
> 
> Only the SPF record... I used the named-checkzone and everything looks 
> fine, what am I doind wrong?
> 
> 
> 
>>> -- 
>>> Eric Broch
>>> White Horse Technical Consulting (WHTC)
>> -- 
>> Eric Broch
>> White Horse Technical Consulting (WHTC)

Re: [qmailtoaster] dkim1._domainkey record not found

2019-01-22 Thread Leonardo Porto


Bingo.

This machine was using my authoritative slave and for some reason it did 
not update the zone yet.

I changed the resolver then:

opendkim-testkey: checking key 'dkim1._domainkey.iwtelecom.com.br'
opendkim-testkey: key OK

But I found something else: when I send a message the destination server 
is not checking my sender's domain key, it is checking my server's 
hostname instead, wich is app1.iw.net.br.


So I had to create to more records: dkim1._domainkey.iw.net.br and 
dkim1._domainkey.app1.iw.net.br


Now Gmail says DKIM is ok:

DKIM:    'PASS' com o domínio app1.iw.net.br


Em 21/01/2019 20:47, Eric Broch escreveu:


I figured it out at least on my host as to why one would get 'record 
not found'.


My mail host has entry in resolv.conf 'nameserver 127.0.0.1'

I have named config file for my domain to resolve to this mail host, 
192.168.x.x


running

# opendkim-testkey -vvv -d whitehorsetc.com  -k 
/var/qmail/control/dkim/whitehorsetc.com.key -s dkim1


yields 'record not found'

when I change resolv.conf to external nameserver (8.8.8.8)

# opendkim-testkey -vvv -d whitehorsetc.com  -k 
/var/qmail/control/dkim/whitehorsetc.com.key -s dkim1


yields 'key OK'

You must add a TXT record to whichever DNS server your mail host is using.

On 1/21/2019 10:41 AM, Eric Broch wrote:


Maybe restart your named server.

On 1/21/2019 4:58 AM, Leonardo Porto wrote:


Looks like I was checking it the wrong way, the correct is:

# dig dkim1._domainkey.iwtelecom.com.br TXT
;; ANSWER SECTION:
dkim1._domainkey.iwtelecom.com.br. 86400 IN TXT "v=DKIM1\; k=rsa\; 
p=blabla...blabla"


Checking the key at https://dkimcore.org/tools/ looks fine also.

The opendkim-testkey still shows the error though.


Em 17/01/2019 18:30, Leonardo Porto escreveu:


Hi everyone,

I'm doing the DKIM step for a new server and when I test my DKIM 
signature I receive the error:


# opendkim-testkey - -d iwtelecom.com.br  -k 
/var/qmail/control/dkim/global.key -s dkim1

opendkim-testkey: using default configfile /etc/opendkim.conf
opendkim-testkey: /var/qmail/control/dkim/global.key: WARNING: 
unsafe permissions

opendkim-testkey: key loaded from /var/qmail/control/dkim/global.key
opendkim-testkey: checking key 'dkim1._domainkey.iwtelecom.com.br'
*opendkim-testkey: 'dkim1._domainkey.iwtelecom.com.br' record not 
found*


I created the record in the domain zone like bellow:

dkim1._domainkey IN  TXT "v=DKIM1; k=rsa; p=bla...bla"

But it does not work when I try to resolve it:

dig dkim1._domainkey.iwtelecom.com.br

And it is not shown when I try:

dig +noall +answer iwtelecom.com.br any

Only the SPF record... I used the named-checkzone and everything 
looks fine, what am I doind wrong?




--
Eric Broch
White Horse Technical Consulting (WHTC)

--
Eric Broch
White Horse Technical Consulting (WHTC)

Re: [qmailtoaster] dkim1._domainkey record not found

2019-01-21 Thread Eric Broch



On 1/21/2019 3:47 PM, Eric Broch wrote:


I figured it out at least on my host as to why one would get 'record 
not found'.


My mail host has entry in resolv.conf 'nameserver 127.0.0.1'

I have named config file for my domain to resolve to this mail host, 
192.168.x.x


running

# opendkim-testkey -vvv -d whitehorsetc.com  -k 
/var/qmail/control/dkim/whitehorsetc.com.key -s dkim1


yields 'record not found'

when I change resolv.conf to external nameserver (8.8.8.8)

# opendkim-testkey -vvv -d whitehorsetc.com  -k 
/var/qmail/control/dkim/whitehorsetc.com.key -s dkim1


yields 'key OK'

You must add a TXT record to whichever DNS server your mail host is using.

I added proper text record to my name server 'localhost' and now I get 
'key OK'


On 1/21/2019 10:41 AM, Eric Broch wrote:


Maybe restart your named server.

On 1/21/2019 4:58 AM, Leonardo Porto wrote:


Looks like I was checking it the wrong way, the correct is:

# dig dkim1._domainkey.iwtelecom.com.br TXT
;; ANSWER SECTION:
dkim1._domainkey.iwtelecom.com.br. 86400 IN TXT "v=DKIM1\; k=rsa\; 
p=blabla...blabla"


Checking the key at https://dkimcore.org/tools/ looks fine also.

The opendkim-testkey still shows the error though.


Em 17/01/2019 18:30, Leonardo Porto escreveu:


Hi everyone,

I'm doing the DKIM step for a new server and when I test my DKIM 
signature I receive the error:


# opendkim-testkey - -d iwtelecom.com.br  -k 
/var/qmail/control/dkim/global.key -s dkim1

opendkim-testkey: using default configfile /etc/opendkim.conf
opendkim-testkey: /var/qmail/control/dkim/global.key: WARNING: 
unsafe permissions

opendkim-testkey: key loaded from /var/qmail/control/dkim/global.key
opendkim-testkey: checking key 'dkim1._domainkey.iwtelecom.com.br'
*opendkim-testkey: 'dkim1._domainkey.iwtelecom.com.br' record not 
found*


I created the record in the domain zone like bellow:

dkim1._domainkey IN  TXT "v=DKIM1; k=rsa; p=bla...bla"

But it does not work when I try to resolve it:

dig dkim1._domainkey.iwtelecom.com.br

And it is not shown when I try:

dig +noall +answer iwtelecom.com.br any

Only the SPF record... I used the named-checkzone and everything 
looks fine, what am I doind wrong?




--
Eric Broch
White Horse Technical Consulting (WHTC)

--
Eric Broch
White Horse Technical Consulting (WHTC)


--
Eric Broch
White Horse Technical Consulting (WHTC)

Re: [qmailtoaster] dkim1._domainkey record not found

2019-01-21 Thread Eric Broch

I figured it out at least on my host as to why one would get 'record not 
found'.


My mail host has entry in resolv.conf 'nameserver 127.0.0.1'

I have named config file for my domain to resolve to this mail host, 
192.168.x.x


running

# opendkim-testkey -vvv -d whitehorsetc.com  -k 
/var/qmail/control/dkim/whitehorsetc.com.key -s dkim1


yields 'record not found'

when I change resolv.conf to external nameserver (8.8.8.8)

# opendkim-testkey -vvv -d whitehorsetc.com  -k 
/var/qmail/control/dkim/whitehorsetc.com.key -s dkim1


yields 'key OK'

You must add a TXT record to whichever DNS server your mail host is using.

On 1/21/2019 10:41 AM, Eric Broch wrote:


Maybe restart your named server.

On 1/21/2019 4:58 AM, Leonardo Porto wrote:


Looks like I was checking it the wrong way, the correct is:

# dig dkim1._domainkey.iwtelecom.com.br TXT
;; ANSWER SECTION:
dkim1._domainkey.iwtelecom.com.br. 86400 IN TXT "v=DKIM1\; k=rsa\; 
p=blabla...blabla"


Checking the key at https://dkimcore.org/tools/ looks fine also.

The opendkim-testkey still shows the error though.


Em 17/01/2019 18:30, Leonardo Porto escreveu:


Hi everyone,

I'm doing the DKIM step for a new server and when I test my DKIM 
signature I receive the error:


# opendkim-testkey - -d iwtelecom.com.br  -k 
/var/qmail/control/dkim/global.key -s dkim1

opendkim-testkey: using default configfile /etc/opendkim.conf
opendkim-testkey: /var/qmail/control/dkim/global.key: WARNING: 
unsafe permissions

opendkim-testkey: key loaded from /var/qmail/control/dkim/global.key
opendkim-testkey: checking key 'dkim1._domainkey.iwtelecom.com.br'
*opendkim-testkey: 'dkim1._domainkey.iwtelecom.com.br' record not found*

I created the record in the domain zone like bellow:

dkim1._domainkey IN  TXT "v=DKIM1; k=rsa; p=bla...bla"

But it does not work when I try to resolve it:

dig dkim1._domainkey.iwtelecom.com.br

And it is not shown when I try:

dig +noall +answer iwtelecom.com.br any

Only the SPF record... I used the named-checkzone and everything 
looks fine, what am I doind wrong?




--
Eric Broch
White Horse Technical Consulting (WHTC)


--
Eric Broch
White Horse Technical Consulting (WHTC)

Re: [qmailtoaster] dkim1._domainkey record not found

2019-01-21 Thread Eric Broch


Maybe restart your named server.

On 1/21/2019 4:58 AM, Leonardo Porto wrote:


Looks like I was checking it the wrong way, the correct is:

# dig dkim1._domainkey.iwtelecom.com.br TXT
;; ANSWER SECTION:
dkim1._domainkey.iwtelecom.com.br. 86400 IN TXT "v=DKIM1\; k=rsa\; 
p=blabla...blabla"


Checking the key at https://dkimcore.org/tools/ looks fine also.

The opendkim-testkey still shows the error though.


Em 17/01/2019 18:30, Leonardo Porto escreveu:


Hi everyone,

I'm doing the DKIM step for a new server and when I test my DKIM 
signature I receive the error:


# opendkim-testkey - -d iwtelecom.com.br  -k 
/var/qmail/control/dkim/global.key -s dkim1

opendkim-testkey: using default configfile /etc/opendkim.conf
opendkim-testkey: /var/qmail/control/dkim/global.key: WARNING: unsafe 
permissions

opendkim-testkey: key loaded from /var/qmail/control/dkim/global.key
opendkim-testkey: checking key 'dkim1._domainkey.iwtelecom.com.br'
*opendkim-testkey: 'dkim1._domainkey.iwtelecom.com.br' record not found*

I created the record in the domain zone like bellow:

dkim1._domainkey IN  TXT "v=DKIM1; k=rsa; p=bla...bla"

But it does not work when I try to resolve it:

dig dkim1._domainkey.iwtelecom.com.br

And it is not shown when I try:

dig +noall +answer iwtelecom.com.br any

Only the SPF record... I used the named-checkzone and everything 
looks fine, what am I doind wrong?




--
Eric Broch
White Horse Technical Consulting (WHTC)

Re: [qmailtoaster] dkim1._domainkey record not found

2019-01-21 Thread Leonardo Porto


Looks like I was checking it the wrong way, the correct is:

# dig dkim1._domainkey.iwtelecom.com.br TXT
;; ANSWER SECTION:
dkim1._domainkey.iwtelecom.com.br. 86400 IN TXT "v=DKIM1\; k=rsa\; 
p=blabla...blabla"


Checking the key at https://dkimcore.org/tools/ looks fine also.

The opendkim-testkey still shows the error though.


Em 17/01/2019 18:30, Leonardo Porto escreveu:


Hi everyone,

I'm doing the DKIM step for a new server and when I test my DKIM 
signature I receive the error:


# opendkim-testkey - -d iwtelecom.com.br  -k 
/var/qmail/control/dkim/global.key -s dkim1

opendkim-testkey: using default configfile /etc/opendkim.conf
opendkim-testkey: /var/qmail/control/dkim/global.key: WARNING: unsafe 
permissions

opendkim-testkey: key loaded from /var/qmail/control/dkim/global.key
opendkim-testkey: checking key 'dkim1._domainkey.iwtelecom.com.br'
*opendkim-testkey: 'dkim1._domainkey.iwtelecom.com.br' record not found*

I created the record in the domain zone like bellow:

dkim1._domainkey IN  TXT "v=DKIM1; k=rsa; p=bla...bla"

But it does not work when I try to resolve it:

dig dkim1._domainkey.iwtelecom.com.br

And it is not shown when I try:

dig +noall +answer iwtelecom.com.br any

Only the SPF record... I used the named-checkzone and everything looks 
fine, what am I doind wrong?

[qmailtoaster] dkim1._domainkey record not found

2019-01-17 Thread Leonardo Porto


Hi everyone,

I'm doing the DKIM step for a new server and when I test my DKIM 
signature I receive the error:


# opendkim-testkey - -d iwtelecom.com.br  -k 
/var/qmail/control/dkim/global.key -s dkim1

opendkim-testkey: using default configfile /etc/opendkim.conf
opendkim-testkey: /var/qmail/control/dkim/global.key: WARNING: unsafe 
permissions

opendkim-testkey: key loaded from /var/qmail/control/dkim/global.key
opendkim-testkey: checking key 'dkim1._domainkey.iwtelecom.com.br'
*opendkim-testkey: 'dkim1._domainkey.iwtelecom.com.br' record not found*

I created the record in the domain zone like bellow:

dkim1._domainkey IN  TXT "v=DKIM1; k=rsa; p=bla...bla"

But it does not work when I try to resolve it:

dig dkim1._domainkey.iwtelecom.com.br

And it is not shown when I try:

dig +noall +answer iwtelecom.com.br any

Only the SPF record... I used the named-checkzone and everything looks 
fine, what am I doind wrong?

Re: [qmailtoaster] dkim1._domainkey record not found

Re: [qmailtoaster] dkim1._domainkey record not found

Re: [qmailtoaster] dkim1._domainkey record not found

Re: [qmailtoaster] dkim1._domainkey record not found

Re: [qmailtoaster] dkim1._domainkey record not found

Re: [qmailtoaster] dkim1._domainkey record not found

Re: [qmailtoaster] dkim1._domainkey record not found

[qmailtoaster] dkim1._domainkey record not found

8 matches

Site Navigation

Mail list logo

Footer information