On 18-Feb-11 22:34, Eric Shubert wrote:
qmail-dk (aka DomainKeys), I'm sad to say, has some bugs in the
inbound (checking) area. Someone (I'm sorry I don't remember the name)
spent some time on it a couple years ago, and ran out of time fixing
the outbound portion.
I recommend removing all DK* variables in the tcp.smtp file, except
for DKSIGN. I believe DKSIGN works ok (I have it configured), but I
wouldn't bet my life on it.
I believe DKIM is preferred (a successor to DK). I haven't used it
yet, but I believe Jake and Amit have implemented DKIM successfully. See
http://wiki.qmailtoaster.com/index.php/How_to_Setup_DKIM_with_Qmail_Toaster
I don't know how well DK and DKIM play together, but if I implemented
DKIM, I would disable DK entirely, either by removing DKSIGN in
tcp.smtp, or (better) change the /var/qmail/bin/qmail-queue symlink to
point to qmail-queue.orig instead of qmail-dk.
It appears to me that this DKIM implementation is for outbound only.
I'm not aware of any implementation of inbound checking of DK (which
works reliably) or DKIM for QMT. It'd be nice if someone would come up
with a DKIM checking patch of some sort.
although I have followed the steps but somehow I failed to implement
dkim on server with following errors,
03-04 16:15:47 delivery 364: failure:
se_of_uninitialized_value_in_substitution_(s///)_at_/usr/lib/perl5/vendor_perl/5.8.5/Mail/DKIM/Signature.pm_line_425./ZError_while_signing:_Intended_encoded_message_length_too_short._at_/usr/lib/perl5/vendor_perl/5.8.5/Mail/DKIM/Key.pm_line_84,__line_8./
Error_while_signing:_Intended_encoded_message_length_too_short._at_/usr/lib/perl5/vendor_perl/5.8.8/Mail/DKIM/Key.pm_line_84,__line_8./
