gwarcher
asked on
dkim sign the from address for client
Hi All,
I run a small email server running ubuntu linux 11.10 with postfix and interspire email marketer. I have set up domainkeys and dkim, as well as spf for my main domain and everything works fine. However, when I send out email for the client the headers show a dkim fail.
I know it's a fairly simple question, but I could use the help. I have opendkim set up, but I just have a basic configuration. Here is the header, let me know if you need anything else. Plus, I don't think my sender-id is set up properly either...
Any help would be appreciated.
Authentication-Results: hotmail.com; sender-id=temperror (sender IP is 98.***.**.***) header.from=newsletter@dav idschweike rt.com; dkim=none header.d=davidschweikert.c om; x-hmca=none
X-Message-Status: n:0:n
X-SID-PRA: Schweikert for Congress <newsletter@davidschweiker t.com>
X-DKIM-Result: None
X-AUTH-Result: NONE
X-Message-Delivery: Vj0xLjE7dXM9MDtsPTA7YT0wO0 Q9MTtHRD0y O1NDTD0w
X-Message-Info: NhFq/7gR1vRroU/RJA0rbqBIR/ RaWlX/A9r2 hws1JvP4JG pS9gdrTwW+ OXzOEXqdbf dfn5gvjhzf m8W9toNdot KaLJpEU2+T v0PTbL1cVp Smhkf3iS/s 6Jh6Ric4bO UY
Received: from gop1.sendright.com ([98.***.**.***]) by BAY0-MC1-F37.Bay0.hotmail. com with Microsoft SMTPSVC(6.0.3790.4900);
Wed, 8 Feb 2012 16:05:16 -0800
Received: by gop1.sendright.com (Postfix, from userid 0)
id 985281E12C7; Wed, 8 Feb 2012 17:05:15 -0700 (MST)
To: garrett.archer@hotmail.com
Subject: Hurry to Help David!
X-PHP-Originating-Script: 1002:email.php
Message-ID: <28b65d9980da9c5a71752e863 9b924f1@go p1.sendrig ht.com>
Date: Wed, 08 Feb 2012 17:05:15 -0700
From: "Schweikert for Congress" <newsletter@davidschweiker t.com>
Reply-To: newsletter@davidschweikert .com
MIME-Version: 1.0
X-Mailer-LID: 1
List-Unsubscribe: <http://gop1.sendright.com/email/unsubscribe.php?M=1&C=87205fafae911b5ef508a6037a7c0c76&L=1&N=48>
X-Mailer-RecptId: 1
X-Mailer-SID: 48
X-Mailer-Sent-By: 1
Content-Type: multipart/alternative; charset="UTF-8"; boundary="b1_9fd64e0c76b0e b50fa49c3a 69c7be76d"
Content-Transfer-Encoding: 8bit
Return-Path: bounce@sendright.com
X-OriginalArrivalTime: 09 Feb 2012 00:05:17.0012 (UTC) FILETIME=[810BF140:01CCE6B E]
I run a small email server running ubuntu linux 11.10 with postfix and interspire email marketer. I have set up domainkeys and dkim, as well as spf for my main domain and everything works fine. However, when I send out email for the client the headers show a dkim fail.
I know it's a fairly simple question, but I could use the help. I have opendkim set up, but I just have a basic configuration. Here is the header, let me know if you need anything else. Plus, I don't think my sender-id is set up properly either...
Any help would be appreciated.
Authentication-Results: hotmail.com; sender-id=temperror (sender IP is 98.***.**.***) header.from=newsletter@dav
X-Message-Status: n:0:n
X-SID-PRA: Schweikert for Congress <newsletter@davidschweiker
X-DKIM-Result: None
X-AUTH-Result: NONE
X-Message-Delivery: Vj0xLjE7dXM9MDtsPTA7YT0wO0
X-Message-Info: NhFq/7gR1vRroU/RJA0rbqBIR/
Received: from gop1.sendright.com ([98.***.**.***]) by BAY0-MC1-F37.Bay0.hotmail.
Wed, 8 Feb 2012 16:05:16 -0800
Received: by gop1.sendright.com (Postfix, from userid 0)
id 985281E12C7; Wed, 8 Feb 2012 17:05:15 -0700 (MST)
To: garrett.archer@hotmail.com
Subject: Hurry to Help David!
X-PHP-Originating-Script: 1002:email.php
Message-ID: <28b65d9980da9c5a71752e863
Date: Wed, 08 Feb 2012 17:05:15 -0700
From: "Schweikert for Congress" <newsletter@davidschweiker
Reply-To: newsletter@davidschweikert
MIME-Version: 1.0
X-Mailer-LID: 1
List-Unsubscribe: <http://gop1.sendright.com/email/unsubscribe.php?M=1&C=87205fafae911b5ef508a6037a7c0c76&L=1&N=48>
X-Mailer-RecptId: 1
X-Mailer-SID: 48
X-Mailer-Sent-By: 1
Content-Type: multipart/alternative; charset="UTF-8"; boundary="b1_9fd64e0c76b0e
Content-Transfer-Encoding:
Return-Path: bounce@sendright.com
X-OriginalArrivalTime: 09 Feb 2012 00:05:17.0012 (UTC) FILETIME=[810BF140:01CCE6B
ASKER
i don't think so, the milter section reads as follows, where would i add the address?
#milter_default_action = accept
#milter_protocol = 2
#smtpd_milters = inet:localhost:8***
#non_smtpd_milters = inet:localhost:8***
milter_default_action = accept
milter_protocol = 6
smtpd_milters = inet:localhost:1***,inet:l ocalhost:8 ***
non_smtpd_milters = inet:localhost:1***,inet:l ocalhost:8 ***
notify_classes = bounce, delay, resource
smtpd_recipient_restrictio ns = reject_non_fqdn_recipient reject_unknown_recipient_d omain permit_mynetworks permit_sasl_authenticated reject_unauth_destination reject_non_fqdn_hostname reject_invalid_hostname check_helo_access pcre:/etc/postfix/helo_che cks check_sender_mx_access cidr:/etc/postfix/bogus_mx reject_rbl_client zen.spamhaus.org reject_rbl_client cbl.abuseat.org reject_rbl_client dnsbl-1.uceprotect.net permit
myorigin = $mydomain
#milter_default_action = accept
#milter_protocol = 2
#smtpd_milters = inet:localhost:8***
#non_smtpd_milters = inet:localhost:8***
milter_default_action = accept
milter_protocol = 6
smtpd_milters = inet:localhost:1***,inet:l
non_smtpd_milters = inet:localhost:1***,inet:l
notify_classes = bounce, delay, resource
smtpd_recipient_restrictio
myorigin = $mydomain
ASKER
as far as a keytable and signing table is concerned both are no. I'm not an expert in this area so I just set it up based upon some articles I found. They didn't cover signing tables. Do you know of a good resource I can go to take care of this?
Thanks for the help!
Thanks for the help!
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
do I have to put a dns dkim record in the client domain's zone file (hosted on godaddy)
I'm sorry, this is all very confusing...
I'm sorry, this is all very confusing...
ASKER
I think I got it working with this. Will post again if I am still having trouble.
I wouldn't worry about Sender ID, and actually you don't have a Sender ID record in DNS anyways.
Did you add a line in main.cf for smtpd_milter with the correct bind address and port number so that it hands it off to opendkim for signing? Is the opendkim service running? Did you setup KeyTable and SigningTable for opendkim? Are your keys in place and readable by the user running the opendkim service?