DKIM is driving me nuts

William Dudley wfdudley at gmail.com
Mon Sep 3 19:34:31 UTC 2018 

I have an SPF record.

That is not the problem.

The problem is that the server has three names:

casano.com
mail.casano.com
dudley.casano.com

and I cannot figure out how opendkim chooses which key
to use to sign emails.  Does it look at Message-Id?  Does it look
at Reply-to: (unlikely) ?  Whatever field it uses, changes depending
on if I use Thunderbird, Mail (mailx), or the mailman listserve to send
the email.

Thanks,
Bill Dudley


This email is free of malware because I run Linux.

On Mon, Sep 3, 2018 at 3:03 PM, James B. Byrne <byrnejb at harte-lyne.ca>
wrote:

>
> On Sun, September 2, 2018 19:06, William Dudley wrote:
> > I'm trying to make DKIM work on my FreeBSD 10.3, stock sendmail
> > system.
> > Since I don't know if the problem is sendmail or opendkim or DNS or
> > what, I'm asking here.
> >
>
> You need a sender policy framework specification in your dns for the
> domains you wish secured.  You do not put the keys in this, just the
> policy version, the authorised hosts, and the disposal option.
>
> Ours is:
>
> harte-lyne.ca.          172800  IN      TXT
>    "v=spf1 ip4:209.47.176.16/26 ip4:216.185.71.0/26
> ip4:216.185.71.128/26 -all"
>
> The ~all at the end is called a soft fail. It means that recipients
> may accept mail from another server, but that the sender should be
> viewed with suspicion. If you change the disposal option to -all you
> are directing the recipient to reject mail from any server other than
> these. The soft fail approach is safer and recommended.
>
> If you employ dkim without a dns entry for your sender policy
> framework, or with invalid SPF or multiple SPF dns records, then the
> correct behaviour is to reject all mail from the sender since the
> policy cannot be determined.
>
> --
> ***          e-Mail is NOT a SECURE channel          ***
>         Do NOT transmit sensitive data via e-Mail
>  Do NOT open attachments nor follow links sent by e-Mail
>
> James B. Byrne                mailto:ByrneJB at Harte-Lyne.ca
> Harte & Lyne Limited          http://www.harte-lyne.ca
> 9 Brockley Drive              vox: +1 905 561 1241
> Hamilton, Ontario             fax: +1 905 561 0757
> Canada  L8E 3C3
>
>

More information about the freebsd-questions mailing list