?
Solved

OPENDKIM Filter reporting  KeyTable entry for 'DOMAIN' corrupt  and error loading key 'domain'

Posted on 2013-01-24
3
Medium Priority
?
3,208 Views
Last Modified: 2013-01-28
Installed OPENDKIM on Centos 6 running with Sendmail.
I seem to get inthe mail logs the following error message when I attempt to send a DKIM header out. Error message in mail log :-
Jan 24 16:18:04 mail-02 opendkim[6038]: KeyTable entry for 'extsmtp003' corrupt
Jan 24 16:18:04 mail-02 opendkim[6038]: r0OGI4p4006092: error loading key 'extsmtp003'
Jan 24 16:18:04 mail-02 sendmail[6092]: r0OGI4p4006092: Milter: data, reject=451 4.3.2 Please try again later

I have re-generated the key using opendkim-genkey as required and attempted to send a mail out that matches the KeyTable file i.e. the FROM address.  I have modified the "KeyFile" to look at a simple txt file with just some random txt in and it comes up with the same error message. So I am pretty sure its not the PRIVATE key but possibly permissions.
Permission are set as  :-
-rwxrwxrwx  1 opendkim opendkim   51 Jan 24 16:16 KeyTable
drwxrwxrwx  2 opendkim opendkim 4096 Jan 24 16:02 private
-rw-r--r--  1 root     root      115 Jan 15 15:44 returnpath.php
-rwxrwxrwx  1 opendkim opendkim   25 Jan 24 14:53 SigningTable
-rwxrwxrwx  1 opendkim opendkim   75 Jan 22 13:22 TrustedHosts

Contents if the keytable are as below :-

more  Key*
extsmtp003  extsmtp003.tdc.dk:/var/db/dkim/private/extsmtp003

Appreciate if I am missing something .
Thanks
0
Comment
Question by:ccfcfc
  • 2
3 Comments
 
LVL 10

Accepted Solution

by:
ddiazp earned 2000 total points
ID: 38817173
Your syntax on the KeyTable file is wrong. Should read something like:


[selector]._domainkey.tdc.dk   tdc.dk:[selector]:/var/db/dkim/private/extsmtp003


Your permissions are okay.
0
 

Author Comment

by:ccfcfc
ID: 38817876
I have changed the KeyTable to :-
[root@mail-02 dkim]# more Key*
extsmtp003._domainkey.tdc.dk  tdc.dk:extsmtp003:/var/db/dkim/private/extsmtp003.
private

Attempt to send a mail and now I get the following message in the maillog :-
signing table references unknown key 'extsmtp003'
Jan 25 09:09:56 mail-02 sendmail[19627]: r0P99usf019627: Milter: data, reject=451 4.3.2 Please try again later

Slightly different error now.
0
 
LVL 10

Expert Comment

by:ddiazp
ID: 38819496
Try replacing your KeyTable entry to:

default._domainkey.tdc.dk  tdc.dk:default:/var/db/dkim/private/extsmtp003.private


chances are you followed the guides online to the tee and used 'default' as the selector
0

Featured Post

Get your Conversational Ransomware Defense e‑book

This e-book gives you an insight into the ransomware threat and reviews the fundamentals of top-notch ransomware preparedness and recovery. To help you protect yourself and your organization. The initial infection may be inevitable, so the best protection is to be fully prepared.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

As cyber crime continues to grow in both numbers and sophistication, a troubling trend of optimization has emerged over the last year.
Last month Marc Laliberte, WatchGuard’s Senior Threat Analyst, contributed reviewed the three major email authentication anti-phishing technology standards: SPF, DKIM, and DMARC. Learn more in part 2 of the series originally posted in Cyber Defense …
To show how to create a transport rule in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Rules tab.:  To cr…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Suggested Courses

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question