Roundcube Community Forum
Miscellaneous => Roundcube Discussion => Topic started by: ewok2 on July 20, 2022, 12:44:15 PM
-
Hello
I have a postfix/dovecot/roundcube server working.
I have configure DKIM in the server and in my DNS zone.
When I send a test email to Gmail account and on the right side of an opened email message in Gmail, if I click the show original button from the drop-down menu, I can see the authentication results. => Which is
DKIM : 'PASS' with domaine mydomain.net
But when I try https://www.mail-tester.com (https://www.mail-tester.com) I get only 9/10 because it says message not sign with DKIM
Is there many level of DKIM ?
How can I double chek if Google ou mail-tester.com is wrong?
PS : when I test on the server It seem's Ok
sudo opendkim-testkey -d mydomain.net -s default -vvv
opendkim-testkey: using default configfile /etc/opendkim.conf
opendkim-testkey: checking key 'default._domainkey.mydomain.net'
opendkim-testkey: key not secure
opendkim-testkey: key OK
-
Ok I change one statement...
Google does not see anymore DKIM pass...
I think with log :
opendkim[25905]: 0787A180209: xxx.mydomain.net [192.168.zz.yy] not internal
opendkim[25905]: 0787A180209: not authenticated
opendkim[25905]: 0787A180209: no signature data
it show that indeed the mail is not sign...
In my "/etc/opendkim/trusted.hosts" I have
127.0.0.1
localhost
192.168.0.1/24
*.mydomain.net
I look like the opendkim is not looking at the "trusted.hosts" ?
Any idee to find where I mis configure?
Many thanks
-
Did you configure your mail server to sign the email with the DKIM key? It sounds like that is where the problem is.
-
Thanks for help
I have a opendkim service running.
I have configure the socket in /etc/opendkim.conf & /etc/default/opendkim to "local:/var/spool/postfix/opendkim/opendkim.sock"
And I tell postfix in "/etc/postfix/main.cf" to connect to opendkim by adding this line at the end :
# Milter configuration
milter_default_action = accept
milter_protocol = 6
smtpd_milters = local:opendkim/opendkim.sock
non_smtpd_milters = $smtpd_milters
but your right, I did not tell postfix "sign all the mail by using Milter" somewhere...
I have follow this howto https://www.linuxbabe.com/mail-server/setting-up-dkim-and-spf#comment-750644 (https://www.linuxbabe.com/mail-server/setting-up-dkim-and-spf#comment-750644) and maybe I have missed something?
But the fact I get "opendkim[25905]: 0787A180209: xxx.mydomain.net [192.168.zz.yy] not internal" did not show that is is trying to sign ?
-
Verry strange...
But resolved!
I was performing submission to port 25 without TLS.
I had an error with a let's encrypt certificate with thr root authority not checked...
I have had the path of a Fullchain.crt for let's encrypt in config.php of roundcube and activate tls on 587 port for submission
=> The send on 587 works
=> And the mail is now signed!