Re: [qmailtoaster] DomainKeys failed with no key

Tue, 06 Mar 2007 19:30:32 -0800 

slamp slamp wrote:
> Can anyone tell me why this is so?
> 
> Return-Path: <>
> Received: (qmail 4571 invoked for bounce); 22 Feb 2007 13:56:12 -0000
> Date: 22 Feb 2007 13:56:12 -0000
> From: [EMAIL PROTECTED]
> <mailto:[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> <mailto:[EMAIL PROTECTED]>
> Subject: failure notice
> 
> Hi. This is the qmail-send program at ns1.qmailtoaster.com
> <http://ns1.qmailtoaster.com>.
> I'm afraid I wasn't able to deliver your message to the following addresses.
> This is a permanent error; I've given up. Sorry it didn't work out.
> 
> <[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>>:
> 69.xxx.xx.xxx failed after I sent the message.
> Remote host said: 554 DomainKeys verify status: no key       (#5.3.0)
> 
> 
> I thought my tcp.smtp had a safe default. Should it be
> DKVERIFY="dEgIJKfh" instead? What is the safest rule?
> 
> # cat tcp.smtp
> 127.:allow,RELAYCLIENT=""
> 172.16.133.3:allow,RELAYCLIENT="",SENDER_NOCHECK="1"
> 208.11.75.2:allow,SPFBEHAVIOR="1"
> 216.90.171.2:allow,SPFBEHAVIOR="1"
> :allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="50",CHKUSER_WRONGRCPTLIMIT="10",DKVERIFY="DEgIJKfh",QMAILQUEUE="/var/qmail/bin/simscan",DKQUEUE="/var/qmail/bin/qmail-
> queue.orig",NOP0FCHECK="1"
> 
> 
# dig _domainkey.mydomain.com TXT

I'm guessing that your DNS record indicates that messages from your domain
should be signed, but you have no DKSIGN variable in your tcp.smtp, so
messages don't have signatures.

-- 
-Eric 'shubes'

---------------------------------------------------------------------
     QmailToaster hosted by: VR Hosted <http://www.vr.org>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to