Date: Sun, 2 Sep 2018 19:06:48 -0400 From: William Dudley <wfdudley@gmail.com> To: freebsd-questions <freebsd-questions@freebsd.org> Subject: DKIM is driving me nuts Message-ID: <CAFsnNZJy34ZLnjnh-x8UKnoD0ucZyss%2Bx%2BGK=0Ze751pvgF3BQ@mail.gmail.com>
next in thread | raw e-mail | index | archive | help
I'm trying to make DKIM work on my FreeBSD 10.3, stock sendmail system. Since I don't know if the problem is sendmail or opendkim or DNS or what, I'm asking here. I followed this handy tutorial: https://www.dan.me.uk/blog/2016/06/01/add-dkim-signing-to-freebsd-servers And that "works" in the sense that emails end up with DKIM signatures. However, the DKIM test fails at the receiving end, depending on how the email is generated on my machine. The domain is casano.com MX is mail.casano.com, and reverse lookup of my (static) IP resolves to mail.casano.com. I have masquerade_as and masquerade_envelope set in sendmail.mc, so that email headers say the email comes from "casano.com", not " hostname.casano.com". ("hostname" is a place holder, see below.) The hostname (internally) of the machine is "dudley.casano.com". The external IP resolves to "mail.casano.com", which is exactly the same machine. So depending on how the email is generated, it appears to come from any of: casano.com dudley.casano.com mail.casano.com I have generated a DKIM key pair for each of the above. My selector is dudley-casano. I have tried putting the keys in corresponding DNS TXT records: dudley-casano._domainkey.casano.com dudley-casano._domainkey.mail.casano.com dudley-casano._domainkey.dudley.casano.com Still, emails sent from the command line (using Mail) fail DKIM check at the far end. Emails sent from my mailing list program, mailman, also fail. Emails sent from Thunderbird, which is running on another machine, passed, but I haven't tested that in a while and I've been dicking around with this for a few hours, so no guarantees. Questions(s): How does the DKIM key interact with the DNS records? Is there a way to make DKIM work regardless of how the machine is identified by the combination of MUA and sendmail ? Thanks, Bill Dudley
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAFsnNZJy34ZLnjnh-x8UKnoD0ucZyss%2Bx%2BGK=0Ze751pvgF3BQ>