OK, here is my real confusion on DKIM and Domainkeys, and I think I have found out the general area of my problem, just not what to do to correct it. I think something is goofy in my DNS, just not sure what. I have tried adding a txt record for dkim1.mail.magicwisp.com, but it didn't help. Why is it looking for dkim1._domainkey.mail.magicwisp.com? It was renamed per the instructions on Jakes video, and nowhere in my DNS is dkim1._domainkey mentioned. This is starting to drive me buggy. My domain is magicwisp.com, my servers hostname is mail.magicwisp.com. If I do a dig for the keys:
[r...@mail dkim]# dig +short private._domainkey.mail.magicwisp.com txt [r...@mail dkim]# dig +short dkim1.mail.magicwisp.com txt [r...@mail dkim]# dig +short dkim1.magicwisp.com txt "k=rsa p=MEwwDQYJKoZIhvcNAQEBBQADOwAwOAIxANdYWKrEHivH6ZvF+lnqadWjy0Sc/vV6Tsb7Ey6kOE 2zVWiaV8IUp+jS2jmKTkHNTwIDAQAB" [r...@mail dkim]# dig +short private._domainkey.magicwisp.com txt "k=rsa\; p=MEwwDQYJKoZIhvcNAQEBBQADOwAwOAIxAMkz2QL1kfW6aYgNIzfIdANn/mpttgsGyazGDWAMas 0jf4LFv2PU04CcshyL+637GwIDAQAB" Yet somehow when I send email it is trying to find mail.magicwisp.com. Not sure why. My DNS is configured as follows: $ttl 30M magicwisp.com. IN SOA ns1.magicwisp.com. root.ns1.magicwisp.com. ( 2009020917 10800 3600 604800 5D ) @ IN NS ns1.magicwisp.com. magicwisp.com. IN MX 5 mail magicwisp.com. IN TXT "v=spf1 a mx all" mail.magicwisp.com. IN TXT "v=spf1 a -all" _domainkey.magicwisp.com. IN TXT "o=-; r=postmas...@magicwisp.com" private._domainkey IN TXT "k=rsa; p=MEwwDQYJKoZIhvcNAQEBBQADOwAwOAIxAMkz2QL1kfW6aYgNIzfIdANn/mpttgsGyazGDWAMas 0jf4LFv2PU04CcshyL+637GwIDAQAB" dkim1 IN TXT "k=rsa; p=MEwwDQYJKoZIhvcNAQEBBQADOwAwOAIxANdYWKrEHivH6ZvF+lnqadWjy0Sc/vV6Tsb7Ey6kOE 2zVWiaV8IUp+jS2jmKTkHNTwIDAQAB" 12.169.159.242.magicwisp.com. IN PTR mail.magicwisp.com magicwisp.com. 1800 IN A 12.169.159.242 www.magicwisp.com. 1800 IN A 12.169.159.242 ftp.magicwisp.com. 1800 IN A 12.169.159.242 mail.magicwisp.com. 1800 IN A 12.169.159.242 ns1.magicwisp.com. 1800 IN A 12.169.159.242 Here is the information I get on the test: ========================================================== Summary of Results ========================================================== SPF check: pass DomainKeys check: fail DKIM check: permerror Sender-ID check: pass SpamAssassin check: ham ========================================================== Details: ========================================================== HELO hostname: mail.magicwisp.com Source IP: 12.169.159.242 mail-from: jack.d.mar...@magicwisp.com ---------------------------------------------------------- SPF check details: ---------------------------------------------------------- Result: pass ID(s) verified: smtp.mail=jack.d.mar...@magicwisp.com DNS record(s): magicwisp.com. 1800 IN TXT "v=spf1 a mx all" magicwisp.com. 1800 IN A 12.169.159.242 ---------------------------------------------------------- DomainKeys check details: ---------------------------------------------------------- Result: fail (bad signature) ID(s) verified: header.from=jack.d.mar...@magicwisp.com DNS record(s): private._domainkey.magicwisp.com. 1800 IN TXT "k=rsa; p=MEwwDQYJKoZIhvcNAQEBBQADOwAwOAIxAMkz2QL1kfW6aYgNIzfIdANn/mpttgsGyazGDWAMas 0jf4LFv2PU04CcshyL+637GwIDAQAB" ---------------------------------------------------------- DKIM check details: ---------------------------------------------------------- Result: permerror (key "dkim1._domainkey.mail.magicwisp.com" doesn't exist) ID(s) verified: Canonicalized Headers: From:'20'"Jack'20'Martin"'20'<jack.d.mar...@magicwisp.com>'0D''0A' To:'20'<check-au...@verifier.port25.com>'0D''0A' Subject:'20''0D''0A' Date:'20'Tue,'20'2'20'Mar'20'2010'20'14:53:36'20'-0600'0D''0A' Message-ID:'20'<00f601caba4a$6e353f10$4a9fbd...@d.martin@magicwisp.com>'0D'' 0A' MIME-Version:'20'1.0'0D''0A' Content-Type:'20'multipart/alternative;'0D''0A' '09'boundary="----=_NextPart_000_00F7_01CABA18.239ACF10"'0D''0A' DKIM-Signature:'20'v=1;'20'a=rsa-sha1;'20'c=simple;'20'd=mail.magicwisp.com; '20'h=from'0D''0A' '09':to:subject:date:message-id:mime-version:content-type;'20's=dkim1;'0D''0 A' '09''20'bh=KUx/eqMQL77uZbeE9TxqNEC7I6k=;'20'b= Canonicalized Body: This'20'is'20'a'20'multi-part'20'message'20'in'20'MIME'20'format.'0D''0A' '0D''0A' ------=_NextPart_000_00F7_01CABA18.239ACF10'0D''0A' Content-Type:'20'text/plain;'0D''0A' '09'charset="us-ascii"'0D''0A' Content-Transfer-Encoding:'20'7bit'0D''0A' '0D''0A' Testing'20'DKIM'0D''0A' '0D''0A' '0D''0A' ------=_NextPart_000_00F7_01CABA18.239ACF10'0D''0A' Content-Type:'20'text/html;'0D''0A' '09'charset="us-ascii"'0D''0A' Content-Transfer-Encoding:'20'quoted-printable'0D''0A' '0D''0A' <html'20'xmlns:v=3D"urn:schemas-microsoft-com:vml"'20'='0D''0A' xmlns:o=3D"urn:schemas-microsoft-com:office:office"'20'='0D''0A' xmlns:w=3D"urn:schemas-microsoft-com:office:word"'20'='0D''0A' xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml"'20'='0D''0A' xmlns=3D"http://www.w3.org/TR/REC-html40">'0D''0A' '0D''0A' <head>'0D''0A' <META'20'HTTP-EQUIV=3D"Content-Type"'20'CONTENT=3D"text/html;'20'='0D''0A' charset=3Dus-ascii">'0D''0A' <meta'20'name=3DGenerator'20'content=3D"Microsoft'20'Word'20'12'20'(filtered '20'medium)">'0D''0A' <style>'0D''0A' <!--'0D''0A' '20'/*'20'Font'20'Definitions'20'*/'0D''0A' '20'@font-face'0D''0A' '09'{font-family:"Cambria'20'Math";'0D''0A' '09'panose-1:2'20'4'20'5'20'3'20'5'20'4'20'6'20'3'20'2'20'4;}'0D''0A' @font-face'0D''0A' '09'{font-family:Calibri;'0D''0A' '09'panose-1:2'20'15'20'5'20'2'20'2'20'2'20'4'20'3'20'2'20'4;}'0D''0A' '20'/*'20'Style'20'Definitions'20'*/'0D''0A' '20'p.MsoNormal,'20'li.MsoNormal,'20'div.MsoNormal'0D''0A' '09'{margin:0in;'0D''0A' '09'margin-bottom:.0001pt;'0D''0A' '09'font-size:11.0pt;'0D''0A' '09'font-family:"Calibri","sans-serif";}'0D''0A' a:link,'20'span.MsoHyperlink'0D''0A' '09'{mso-style-priority:99;'0D''0A' '09'color:blue;'0D''0A' '09'text-decoration:underline;}'0D''0A' a:visited,'20'span.MsoHyperlinkFollowed'0D''0A' '09'{mso-style-priority:99;'0D''0A' '09'color:purple;'0D''0A' '09'text-decoration:underline;}'0D''0A' span.EmailStyle17'0D''0A' '09'{mso-style-type:personal-compose;'0D''0A' '09'font-family:"Calibri","sans-serif";'0D''0A' '09'color:windowtext;}'0D''0A' .MsoChpDefault'0D''0A' '09'{mso-style-type:export-only;}'0D''0A' @page'20'Section1'0D''0A' '09'{size:8.5in'20'11.0in;'0D''0A' '09'margin:1.0in'20'1.0in'20'1.0in'20'1.0in;}'0D''0A' div.Section1'0D''0A' '09'{page:Section1;}'0D''0A' -->'0D''0A' </style>'0D''0A' <!--[if'20'gte'20'mso'20'9]><xml>'0D''0A' '20'<o:shapedefaults'20'v:ext=3D"edit"'20'spidmax=3D"1026"'20'/>'0D''0A' </xml><![endif]--><!--[if'20'gte'20'mso'20'9]><xml>'0D''0A' '20'<o:shapelayout'20'v:ext=3D"edit">'0D''0A' '20''20'<o:idmap'20'v:ext=3D"edit"'20'data=3D"1"'20'/>'0D''0A' '20'</o:shapelayout></xml><![endif]-->'0D''0A' </head>'0D''0A' '0D''0A' <body'20'lang=3DEN-US'20'link=3Dblue'20'vlink=3Dpurple>'0D''0A' '0D''0A' <div'20'class=3DSection1>'0D''0A' '0D''0A' <p'20'class=3DMsoNormal>Testing'20'DKIM<o:p></o:p></p>'0D''0A' '0D''0A' </div>'0D''0A' '0D''0A' </body>'0D''0A' '0D''0A' </html>'0D''0A' '0D''0A' ------=_NextPart_000_00F7_01CABA18.239ACF10--'0D''0A' DNS record(s): dkim1._domainkey.mail.magicwisp.com. TXT (NXDOMAIN) NOTE: DKIM checking has been performed based on the latest DKIM specs (RFC 4871 or draft-ietf-dkim-base-10) and verification may fail for older versions. If you are using Port25's PowerMTA, you need to use version 3.2r11 or later to get a compatible version of DKIM. -----Original Message----- From: sa...@magicwisp.com [mailto:sa...@magicwisp.com] Sent: Monday, March 01, 2010 4:52 PM To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] DKIM/Domainkeys That did not seem to correct the problem. I am still getting the same error when testing DKIM. > On 03/01/2010 10:51 AM, sa...@magicwisp.com wrote: >> I have setup DKIM using Jakes videos, and the wiki for domainkeys. I >> have a problem. DKIM isn't working at all and domainkeys is >> intermittent. >> Here is the email I get from check-a...@verifier.port25.com. >> >> ---------------------------------------------------------- >> DomainKeys check details: >> ---------------------------------------------------------- >> Result: fail (bad signature) >> ID(s) verified: header.from=jack.d.mar...@magicwisp.com >> DNS record(s): >> private._domainkey.magicwisp.com. 1800 IN TXT "k=rsa; >> p=MEwwDQYJKoZIhvcNAQEBBQADOwAwOAIxAMkz2QL1kfW6aYgNIzfIdANn/mpttgsGyaz >> GDWAMas >> 0jf4LFv2PU04CcshyL+637GwIDAQAB" >> >> ---------------------------------------------------------- >> DKIM check details: >> ---------------------------------------------------------- >> Result: permerror (key "dkim1._domainkey.mail.magicwisp.com" >> doesn't >> exist) >> > > I think this last one will be your issue - it's expecting a record for > dkim1._domainkey.mail.magicwisp.com > Try adding a record for that and see if it resolves your issue. > I believe someone else had a similar issue and posted on the list > about this, maybe 3-4 months back. Search the archives. If you cannot > find anything, I'll check my account as they may have email me directly. > > ---------------------------------------------------------------------- > ----------- Qmailtoaster is sponsored by Vickers Consulting Group > (www.vickersconsulting.com) > Vickers Consulting Group offers Qmailtoaster support and > installations. > If you need professional help with your setup, contact them today! > ---------------------------------------------------------------------------- ----- > Please visit qmailtoaster.com for the latest news, updates, and > packages. > > To unsubscribe, e-mail: > qmailtoaster-list-unsubscr...@qmailtoaster.com > For additional commands, e-mail: > qmailtoaster-list-h...@qmailtoaster.com > > > ---------------------------------------------------------------------------- ----- Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! ---------------------------------------------------------------------------- ----- Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com --------------------------------------------------------------------------------- Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! --------------------------------------------------------------------------------- Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com