Project

General

Profile

Task #6625

Fix our dkim setup

Added by Nico Schottelius over 2 years ago. Updated almost 2 years ago.

Status:
Feedback
Priority:
Normal
Target version:
-
Start date:
04/25/2019
Due date:
05/02/2019
% Done:

90%

Estimated time:
PM Check date:
04/28/2019

Description

From: Maximilian Eschenbacher <maximilian@XXX>
To: info@ungleich.ch
Subject: DKIM verification failure on ungleich.ch
Flags: seen, signed
Date: Mon 22 Apr 2019 10:21:13 PM CEST
Maildir: /ungleich/inbox
Attachments: [1]1.msgpart(358)
Signature: unverified (Details)

Hey there!

I've recently reconfigured my mail setup an noticed a DKIM verification
failure in my logs for a mail to the bird-users-ML and though I'd give
you a heads up:

Apr 20 18:55:27 qadesch opendkim[24840]: 9AB3215F613: key retrieval failed (s=mail, d=ungleich.ch): 'mail._domainkey.ungleich.ch' record not found

Best regards

Maximilian Eschenbacher

History

#1

Updated by Jason Kim over 2 years ago

  • PM Check date set to 04/28/2019
#2

Updated by Jin-Guk Kwon over 2 years ago

it looks like DKIM is disabled.

- it is disabled in cdist type

In __ungleich_mx_primary/manifest

# Enable OpenDKIM
#__ungleich_opendkim

- there are no TXT record.
no TXT record in zone files

mail._domainkey    IN    TXT    ( "v=DKIM1; k=rs

#3

Updated by Nico Schottelius over 2 years ago

First check whether the entries are in DNS - I am not sure whether they
are correctly added at the moment

writes:

#4

Updated by Mirjana Rupar about 2 years ago

Jin-Guk, update the status of the task and comment, please.

#5

Updated by Nico Schottelius about 2 years ago

  • Assignee deleted (Jin-Guk Kwon)
  • Description updated (diff)
  • Project changed from datacenterlight to queue

queued

#6

Updated by Jin-Guk Kwon almost 2 years ago

  • % Done changed from 0 to 90
  • Assignee set to Nico Schottelius
  • Status changed from New to Feedback

1. recreate DKIM Key for ungleich.ch

2. update /etc/opendkim.conf file
- add Domain, Selector, Socket

3. update /etc/default/opendkim file

4. updated DNS Record on DNS server
- updated zone file

5. run DNS cdist

6. test DKIM
- http://www.mail-tester.com --> DKIM pass
- https://www.appmaildev.com/en/dkim --> pass

7. update _ungleich_opendkim cdist
- update dot-cdist/files/dkim_domain_keys/ungleich.ch/mail.private
- update dot-cdist/files/dkim_domain_keys/ungleich.ch/mail.txt
- update dot-cdist/type/
_ungleich_opendkim/files/opendkim.conf
- update dot-cdist/type/__ungleich_opendkim/files/defaults

Also available in: Atom PDF