I have had a lot of fun with OpenDKIM – it is actively running on my Debian box and here is my code:
root@web1:~# tail -f /var/log/syslog | grep -i dkim Sep 7 16:35:38 web1 sm-mta: 087FZbYw001504: Milter insert (1): header: DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;ntd=web1.mydomain.com; s=web1; t=1599492938;ntbh=+j1V4TFBmUGM3frMlslpv/49yjR0n44tuVimZHHRn0Q=;nth=Date:To:From:Reply-To:Subject:From;ntb=Z1gNvmXGQZXdx3iXGDpAWsdROt8iBctCrf248LQWtpNq5D3803fEWgUWCo9Bi81Bxnt qpE3hKokZTfD3jHlmyuhV9kZMulxEVv+jcjBXaK5r2L4957mUYW4Ao+UgBycqM6jt9nt CuOE+YStbaWal5mNNtf0NplJCHbHYk25NTV1y2zs=
However when I test the signature using https://www.appmaildev.com/en/dkim I am getting
DKIM-Result: permerror (no key)
From the result of the tail I believe Opendkim isn’t being passed the necessary to,from,reply-to etc but thats just my guess. Why would the email not be signed?
This is my /etc/opendkim.conf but I’m unclear where I would see any extra details such as the “LogWhy” should generate.
Syslog yes UMask 007 Socket inet:8891@localhost PidFile /var/run/opendkim/opendkim.pid OversignHeaders From TrustAnchorFile /usr/share/dns/root.key UserID opendkim Domain web1.mydomain.com KeyFile /etc/opendkim/web1.private Selector web1 LogWhy yes
So to be clear – my question is: Why is the email not being signed with DKIM?
Go to Source