1

Topic: iredmail and DKIM record problem

==== Provide required information ====
- iRedMail version and backend (LDAP/MySQL/PGSQL):
- Linux/BSD distribution name and version:
- Any related log? Log is helpful for troubleshooting.
==== ==== Provide required information ====
- iRedMail version and backend (LDAP/MySQL/PGSQL):
- Linux/BSD distribution name and version:
- Any related log? Log is helpful for troubleshooting.
==== Hello,

I run the latest iredmail on debian squeeze. All is working well apart from DKIM record. I set it up according to this tutorial

code.google.com/p/iredmail/wiki/DNS_DKIM

I use my ISP's DNS server.


Now the response from auth-results@verifier.port25.com is:

==============
----------------------------------------------------------
DKIM check details:
----------------------------------------------------------
Result:         permerror (key "dkim._domainkey.domain.eu" doesn't exist)
ID(s) verified:
Canonicalized Headers:
    content-transfer-encoding:7bit'0D''0A'
    content-type:text/plain;'20'charset=ISO-8859-1;'20'format=flowed'0D''0A'
    subject:afadsfsd'0D''0A'
    to:check-auth2@verifier.port25.com'0D''0A'
    mime-version:1.0'0D''0A'
    user-agent:Mozilla/5.0'20'(Macintosh;'20'Intel'20'Mac'20'OS'20'X'20'10.6;'20'rv:13.0)'20'Gecko/20120614'20'Thunderbird/13.0.1'0D''0A'
    from:TM<TM@domain.eu>'0D''0A'
    date:Sun,'20'08'20'Jul'20'2012'20'10:29:31'20'+0100'0D''0A'
    message-id:<4FF952FB.8080806@2mad.eu>'0D''0A'
    dkim-signature:v=1;'20'a=rsa-sha256;'20'c=relaxed/simple;'20'd=2mad.eu;'20'h='20'content-transfer-encoding:content-type:content-type:subject'20':subject:to:mime-version:user-agent:from:from:date:date'20':message-id;'20's=dkim;'20't=1341739773;'20'x=1342603773;'20'bh=frgkwi1k9oG9o'20'Kj3dpUqdJg1PxRT2RSN/XKdLCPjaYaY=;'20'b=

Canonicalized Body:
    '0D''0A'
   

DNS record(s):
    dkim._domainkey.domain.eu. TXT (NXDOMAIN)

NOTE: DKIM checking has been performed based on the latest DKIM specs
(RFC 4871 or draft-ietf-dkim-base-10) and verification may fail for
older versions.  If you are using Port25's PowerMTA, you need to use
version 3.2r11 or later to get a compatible version of DKIM.
================

amavisd-new testkeys output is

TESTING#1: dkim._domainkey.2mad.eu           => invalid (public key: not available)


The command dig -t txt dkim._domainkey.domain.eu says

===============
; <<>> DiG 9.7.3 <<>> -t txt dkim._domainkey.domain.eu
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52532
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;dkim._domainkey.domain.eu.    IN    TXT

;; AUTHORITY SECTION:
domain.eu.        3600    IN    SOA    ns1.livedns.co.uk. admin.domain.eu. 1341744426 10800 3600 604800 3600

;; Query time: 44 msec
;; SERVER: 87.194.255.154#53(87.194.255.154)
;; WHEN: Sun Jul  8 13:42:35 2012
;; MSG SIZE  rcvd: 100
===================

And finally dig -t txt domain.eu
==========
; <<>> DiG 9.7.3 <<>> -t txt domain.eu
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 61829
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;domain.eu.            IN    TXT

;; ANSWER SECTION:
domain.eu.        3600    IN    TXT    "v=DKIM1\; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC+mN+DjY/JcK8oN15MpUX9fkm823E6X+OrPCz9OrMMzUtNQHMS0LlMarGfFa5LJNE+vDQGnFFHeSp3lZ+ZCZZZX9zIg7Q7H87pxU1283anTIwAlhY52bJeuR04Nq+kRgOXeq+NZkchuqPdeMvVDN5gm78Vleg+0jVey2ITSADm+QIDAQAB"

;; Query time: 32 msec
;; SERVER: 87.194.255.154#53(87.194.255.154)
;; WHEN: Sun Jul  8 13:45:28 2012
;; MSG SIZE  rcvd: 265
================

It seems that the DKIM record is correctly disseminated from the DNS server but not being recognised. Am I missing something. Please help.

Best regards,

B

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: iredmail and DKIM record problem

The command dig -t txt dkim._domainkey.domain.eu says

It show be:

dkim._domainkey.domain.eu.        3600    IN    TXT    "v=DKIM1\; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC+mN+DjY/JcK8oN15MpUX9fkm823E6X+OrPCz9OrMMzUtNQHMS0LlMarGfFa5LJNE+vDQGnFFHeSp3lZ+ZCZZZX9zIg7Q7H87pxU1283anTIwAlhY52bJeuR04Nq+kRgOXeq+NZkchuqPdeMvVDN5gm78Vleg+0jVey2ITSADm+QIDAQAB"

3

Re: iredmail and DKIM record problem

Yes, that was the culprit and it's working now :-). Thanks a lot