Exim mail not signing DKIM. Don't find whats wrong. (detailed description of steps taken)
Hi,
I'd like to setup my fresh server for hosting my www.bolleboos.be website and enable
sending of email from my php scripts.
So... I installed apache, php, mysql, ... and for the mail exim4
Sending mail allready works fine and I also managed to get SPF working .
If I send a mail to check-auth@verifier.port25.com then it returns me
SPF check: pass
DomainKeys check: neutral
DKIM check: neutral
Sender-ID check: pass
SpamAssassin check: ham
So logical next step would be to enable DKIM
I created a 1024 bits private key with
#openssl genrsa -out dkim.private.key 1024
and then the public key with
#openssl rsa -in dkim.private.key -out dkim.public.key -pubout -outform PEM
These files are now in /etc/exim4/
Then I edited the file /etc/exim4/conf.d/transport/00exim4-configheader and added the following content
######################################################################
# TRANSPORTS CONFIGURATION #
######################################################################
# ORDER DOES NOT MATTER #
# Only one appropriate transport is called for each delivery. #
######################################################################
# A transport is used only when referenced from a router that successfully
# handles an address.
begin transports
DKIM_CANON = relaxed
DKIM_DOMAIN = bolleboos.be
DKIM_SELECTOR = dkim
DKIM_PRIVATE_KEY = /etc/exim4/dkim.private.key
After that I execute the following commands (as root user)
/etc/init.d/exim4 stop
update-exim4.conf
/etc/init.d/exim4 stop
All executes fine
I also added a few things to my DNS
My zone file looks like this now
$ORIGIN bolleboos.be.
$TTL 1800
bolleboos.be. IN SOA ns1.digitalocean.com. hostmaster.bolleboos.be. 1418477398 10800 3600 604800 1800
bolleboos.be. 1800 IN NS ns1.digitalocean.com.
bolleboos.be. 1800 IN NS ns2.digitalocean.com.
bolleboos.be. 1800 IN NS ns3.digitalocean.com.
bolleboos.be. 1800 IN A 128.199.43.113
*.bolleboos.be. 1800 IN CNAME bolleboos.be.
bolleboos.be. 1800 IN MX 10 mx.mailprotect.be.
bolleboos.be. 1800 IN MX 50 mx.backup.mailprotect.be.
bolleboos.be. 1800 IN TXT "v=spf1 a:bolleboos.be -all"
dkim._domainkey.bolleboos.be. 1800 IN TXT "TXT v=DKIM1; t=y; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDWdCBmsPYub6KXNdiuntRwQJ8y LLh1viv3YLeoNW7ayPDHXFpR3O1pcU3fHQimhSBH67KXpH7oWAfka09GRUCh7UBm iEbjldlrTXdX7QBr4Ff70vRIhBogkwN8rRPlF+c69lRkrALJp6psOD4D1Gwx58kZ LDQrM19qwVH+SKIaBQIDAQAB"
When I now send mail to the port25 checker, I still get message back with DKIM as neutral and it also says my mail was not signed. So it looks like exim doesn't sign my mail ?
Is there something I might have done wrong or can I check certain logfiles to see if something is not right ?
Kind regards,
Bart
Have you fixed this issue?