1 Topic by cvieira

  • cvieira
  • Member
  • Offline
  • From: Porto
  • Registered: 2013-01-19
  • Posts: 10

Topic: Specific domain rejecting our email (DKIM)

Hello,

Our email have been rejected by a specific domain with the following error:

host ###[###] said: 550-DKIM:
encountered the following problem validating XXX: 550
pubkey_unavailable (in reply to end of DATA command)

Well, we have followed iRedMail instructions in setting up DKIM key. In fact, in our organization we have 2 DNS servers, one resolving internet addresses and the second one resolving intranet addresses.
Our DKIM key is recorded in the ouside DNS server.  Should this key be added in the inside server or both?
Could this issue be related with the destination domain or can it be own problem?

Regards.

==== Required information ====
- iRedMail version: 0.8.5
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Linux/BSD distribution name and version: CentOS 6.4
- Related log if you're reporting an issue: -
====

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

cvieira's Website

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: Specific domain rejecting our email (DKIM)

The reject message says destination server cannot get DKIM record via DNS query.
*) DKIM key must be added in public/outside DNS server so that others can query it.
*) if it doesn't happen all the time, then it might be a temporary DNS issue.
*) If it happens all the time, please check your DKIM record again with command "amavisd testkeys".

3 Reply by cvieira

  • cvieira
  • Member
  • Offline
  • From: Porto
  • Registered: 2013-01-19
  • Posts: 10

Re: Specific domain rejecting our email (DKIM)

Well, after researching and testing I've found out that we had two problems:
- DKIM record was not correctly added;
- DKIM record had to be added to both our DNS servers.
Now, we're up and running!

cvieira's Website

4 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 30,770

Re: Specific domain rejecting our email (DKIM)

cvieira wrote:

- DKIM record had to be added to both our DNS servers.

Other mail servers cannot query your internal DNS server at all, so public DNS server should be enough.