I checked your DNS, looks like you removed your DKIM record.
Also, mxtoolbox.com says your SPF record type is deprecated.
I just got jDKIM working on my domain. Looks like another tutorial in the
works. It took a little investigation, but mail-tester.com is happy now. Here
is how you fix your broken sig problem.
<mailet match="All" class="org.apache.james.jdkim.mailets.ConvertTo7Bit"/>
<mailet match="All" class="org.apache.james.jdkim.mailets.DKIMSign">
<signatureTemplate>v=1; s=201410281226.pm; d=legacyavatar.com;
c=relaxed/relaxed; h=Message-ID:Date:Subject:From:To:MIME-Version:Content-Type;
a=rsa-sha256; bh=; b=;</signatureTemplate>
Note my changes to h= and addition of c= in my sig template. I hit the same
error you hit before I made these changes, based on this article:
http://www.gettingemaildelivered.com/dkim-explained-how-to-set-up-and-use-domainkeys-identified-mail-effectively
Make sure these mailers are just before the RemoteDelivery mailet. Looks like
you probably had that right already.
Thanks for making me aware of the sender issue and motivating me to add DKIM.
On Oct 27, 2014, at 3:30 PM, Jerry Malcolm <techst...@malcolms.com> wrote:
> With the HELO problem finally resolved and behind me, I'm on to the next
> issue that mail-tester.com is yelling at me about. It say my DKIM signature
> is invalid. I have tried replacing the public/private keys in my DNS and in
> the mailet config. I've tried different syntax options for the DNS record,
> etc. Still nothing. Normally, I would assume that it's something I'm doing
> wrong. But after the HELO problem, I first want to verify that others are
> indeed using jDKIM with James 3 b5 successfully. (BTW... I said last night
> in a post that I'm on b4.... incorrect... i'm on b5).
>
> My dns server is ISC BIND. I'm assuming that could make a difference with
> defining the dkim public key in the dns record.
>
> Is anyone using this successfully?
>
> Here's the latest report I get from mail-tester.com:
>
> ====================================
>
> The DKIM signature of your message is:
>
> v=1;
> d=jwmhosting.com;
>
> b=ST3jn85HmyWjjPoIxojUKGMMCvtFzlrgqJiVwZ/bd5bzZuVWK/gviYIBXHFuc1iTZ/0NHdGW0TgRk9E7tRsXXPYM4yOP9zna7WTDC20VrsBu/LQbyktpsINAbRDzJbaNmSGjcLlAUODnaFLJPpwktpNkJu4EbFtKyYT3Exb4mfs=;
> s=primary;
> a=rsa-sha256;
> bh=g3zLYH4xKxcPrHOD18z9YfpQcnk/GaJedfustWU5uGs=;
> h=from:to:received:received;
>
>
> Your public key is:
>
> "k=rsa;
> p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDfRF6NEFFahhyOSiy+ufRU6PMvUVzP31wJ16zNaLKG8ipL1S8rIDr7ZjkGiUdwqZ6BjNTddbmcH4AxTupNhANyXvJs+MxyJbMN3mkYHYn1evJGVqT85DrM7XrYMSVPK3Y4dfY4vhokQwATv+BwrW7K8QuwrDgvu8JdxM0muS/7lQIDAQAB"
>
> Key length: 1024bits
>
> Your DKIM signature is not valid
>
> ==================================
>
> from my mailet config file:
>
> <mailet match="All" class="org.apache.james.jdkim.mailets.ConvertTo7Bit"/>
>
> <mailet match="All" class="org.apach1e.james.jdkim.mailets.DKIMSign">
> <signatureTemplate>v=1; s=primary; d=jwmhosting.com;
> h=from:to:received:received; a=rsa-sha256; bh=; b=;</signatureTemplate>
>
> <privateKey>
> -----BEGIN RSA PRIVATE KEY-----
> MIICXgIBAAKBgQDfRF6NEFFahhyOSiy+ufRU6PMvUVzP31wJ16zNaLKG8ipL1S8r
> IDr7ZjkGiUdwqZ6BjNTddbmcH4AxTupNhANyXvJs+MxyJbMN3mkYHYn1evJGVqT8
> .......etc
> .......etc
> ASnFebXvbrI3MQzrvgz3AkEAs1Tn0TfzsKmri6zrqJak1EDojHPdbPAjEFCpunt4
> +dRCWhtnwEGZ1REeEBiQsk9CM24VNknO0uJOKF3ZYb3lFA==
> -----END RSA PRIVATE KEY-----
> </privateKey>
> </mailet>
>
>
> Help??
>
> Thx again.
>
> Jerry
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org
> For additional commands, e-mail: server-user-h...@james.apache.org
>
