1

Topic: DKIM doesn't work

- iRedMail version: 0.8.3
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Linux/BSD distribution name and version: Debian 6 64b
- Related log if you're reporting an issue:

Some server aren't receiving email from my server, with error  "550 pubkey_unavailable".
I tried somethings, but doesn't works.

My  amavisd-new testkeys

TESTING#1: dkim._domainkey.transardo.com.br  => invalid (public key: DNS error: SERVFAIL)
dig -t txt transardo.com.br

; <<>> DiG 9.7.3 <<>> -t txt transardo.com.br
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 23849
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;transardo.com.br.              IN      TXT

;; Query time: 1 msec
;; SERVER: 192.168.0.1#53(192.168.0.1)
;; WHEN: Wed Jul 23 14:46:26 2014
;; MSG SIZE  rcvd: 34

I run the command "amavisd-new showkeys" and copy paste the DKIM to my bind config file.

dkim._domainkey.transardo.com.br.    3600 TXT  "v=DKIM1; p=MIGfMA0...." 

I don't have idea what's wrong, I donn't have many DNS knowledge .

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: DKIM doesn't work

Add DKIM key in DNS for 'dkim._domainkey.transardo.com.br', not 'transardo.com.br'.

3

Re: DKIM doesn't work

my db.transardo.com.br (It's a very old config file)

$TTL    86400
; Authoritative data for transardo.com.br
;
@                IN       SOA localhost. root.transardo.com.br. (
                                2004102897      ; Serial (yymmddxx)
                                10800           ; Refresh 3 hours
                                3600            ; Retry   1 hour
                                36000           ; Expire  10 hours
                                86400 )         ; Minimum 24 hours
                 IN       NS            www.transardo.com.br.

;
; mail
;

dkim._domainkey.transardo.com.br.    3600 TXT  "v=DKIM1; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDG7aamvuD5B2tqMJlbEo3/DorJFWwrKUedOw6WX81RiHYMmbj/cgPsCxEylxzKpkBZWTKUuDPOXllJggTw/7vTppXeb5WN4Z8eg6BqBfbfeSpD8ZpI7F5elt7LsIL3vKM1u3lQl5Ps3SE28eiMI1NYsl4RPx2xN4Teg5An4AOvuwIDAQAB"
transardo.com.br.        IN      MX      0       mx
transardo.com.br.        IN      MX     10       mx

;
; Hosts
;

localhost     IN       A             127.0.0.1
              IN       HINFO         INTEL/110       LINUX
www           IN       A             201.20.183.82   
mail          IN       A             201.20.183.82   
pop           IN       A             201.20.183.82   
smtp          IN       A             201.20.183.82   

4

Re: DKIM doesn't work

This is dig result on my laptop, obviously your DKIM DNS record is not working, please check your DNS settings.

$ dig -t txt dkim._domainkey.transardo.com.br

; <<>> DiG 9.8.3-P1 <<>> -t txt dkim._domainkey.transardo.com.br
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11783
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;dkim._domainkey.transardo.com.br. IN    TXT

;; AUTHORITY SECTION:
transardo.com.br.    1799    IN    SOA    ns1.locaweb.com.br. postmaster.locaweb.com.br. 2010052001 3600 600 1209600 3600

;; Query time: 1374 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Thu Jul 24 21:24:25 2014
;; MSG SIZE  rcvd: 109

5

Re: DKIM doesn't work

I try insert this record in our DNS provider, but doesn't work.
On this provider we have some DNS record to redirect trafic to our server. I try insert this one but doesn't works.
A print from DNS record on our DNS provider, some ones are Default of service provider.

http://www.transardo.com.br//img/aaaa.png

I don't have idea what I can do now.

6

Re: DKIM doesn't work

It's better to ask support from your DNS service provider. If you're the provider, i'm afraid you have to double check your DNS settings.

7

Re: DKIM doesn't work

Hey Rafael:

You have a trailing period at the end of your dkim._domainkey host name in the screen shot you uploaded.   That tells DNS not to append "transardo.com.br" to the record.   Lose the trailing period and it should work.

8

Re: DKIM doesn't work

Hi bmackay.
Sorry, I don't understand.
I removed the dkim._domainkey. record from our DNS provider because we stop sending/receiving emails from others servers.

9

Re: DKIM doesn't work

RafaelMass wrote:

I removed the dkim._domainkey. record from our DNS provider because we stop sending/receiving emails from others servers.

Missing DKIM record won't cause this issue.

Why you don't have MX record for domain 'transardo.com.br'? I see MX record for domain 'mail.transardo.com.br' in your attached image.

10

Re: DKIM doesn't work

Like this?
http://www.transardo.com.br/img/dns2.png

11

Re: DKIM doesn't work

Yes.