[BlueOnyx:25919] Re: DKIM
Richard Sidlin
richard at helpinternet.co.uk
Fri Jan 13 04:20:33 -05 2023
> >
> > Hi Richard,
> >
> > Let's sum this up:
> >
> > Enable DKIM on the SMTP server. Confirm that the SMTP server has no
> > Vsite with the same hostname as the one from the separate POP3/IMAP
> > server that you want to protect with DKIM.
> >
> > Copy /etc/opendkim/keys/<domain-1> from your POP3/IMAP server to
> the
> > SMTP server.
> >
> > On the POP3/IMAP server open /etc/opendkim/KeyTable in an editor.
> > There should be a line like this:
> >
> > default._domainkey.<domain-1>
> > <domain-1>:default:/etc/opendkim/keys/<domain-1>/default.private
> >
> > Copy that line and paste it into /etc/opendkim/KeyTable on the SMTP
> server.
> >
> > Back to the POP3/IMAP server: Open up /etc/opendkim/SigningTable in an
> > editor. From there you may have to find and copy multiple lines. You
> > they may look similar to this:
> >
> > *@<domain-1> default._domainkey.<domain-1> *@www.<domain-1>
> > default._domainkey.<domain-1> *@mail.<domain-1>
> > default._domainkey.<domain-1>
> >
> > Copy these lines to /etc/opendkim/SigningTable on the SMTP server and
> > save the changes.
> >
> > Make sure the ownerships of these files are still correct by running this:
> >
> > chown -R opendkim:opendkim /etc/opendkim
> >
> > Then restart OpenDKIM and try it out:
> >
> > systemctl restart opendkim
> >
> > That should do the trick.
> >
> Maybe something missing. Getting this error:
>
> Jan 13 09:00:57 smtp sendmail[1678752]: 30D90oP21678752:
> from=<timing at xxxonline.uk>, size=20218, class=0, nrcpts=1,
> msgid=<003201d9272d$8956d0c0$9c047240$@xxxonline.uk>,
> proto=ESMTPSA, daemon=MSA, relay=cpc123404-stev9-2-0-custxx.9-
> 2.cable.virginm.net [xx.29.49.36] Jan 13 09:00:57 smtp opendkim[1678161]:
> can't load key from /etc/opendkim/keys/xxxonline.uk/default.private: No
> such file or directory Jan 13 09:00:57 smtp opendkim[1678161]:
> 30D90oP21678752: error loading key 'default._domainkey.xxxonline.uk'
> Jan 13 09:00:57 smtp sendmail[1678752]: 30D90oP21678752: Milter: data,
> reject=451 4.3.2 Please try again later Jan 13 09:00:57 smtp
> sendmail[1678752]: 30D90oP21678752: to=<rich.sidlin at gmail.com>,
> delay=00:00:07, pri=50218, stat=Please try again later
>
Sorry, forget the last message, I forgot to copy the keys folder over. However, this is the error I'm now getting.
Jan 13 09:20:19 smtp sendmail[1681008]: 30D9KIJ91681008: from=<timing at xxxonline.uk>, size=20209, class=0, nrcpts=1, msgid=<006e01d92730$4193d0a0$c4bb71e0$@xxxonline.uk>, proto=ESMTPSA, daemon=MSA, relay=cpc123404-stev9-2-0-custxx.9-2.cable.virginm.net [xx.29.49.36]
Jan 13 09:20:19 smtp opendkim[1680862]: default._domainkey.xxxonline.uk: key data is not secure: /etc/opendkim/keys/xxxonline.uk/default.private is in group 0 which has multiple users (e.g. "sync")
Jan 13 09:20:19 smtp opendkim[1680862]: 30D9KIJ91681008: error loading key 'default._domainkey.xxxonline.uk'
Jan 13 09:20:19 smtp sendmail[1681008]: 30D9KIJ91681008: Milter: data, reject=451 4.3.2 Please try again later
Jan 13 09:20:19 smtp sendmail[1681008]: 30D9KIJ91681008: to=<rich.sidlin at gmail.com>, delay=00:00:00, pri=50209, stat=Please try again later
More information about the Blueonyx
mailing list