Re: DKIM showing bad format
Robert Schetterer <robert <at> schetterer.org>
2012-07-17 17:03:15 GMT
Am 17.07.2012 18:15, schrieb Naval saini:
> Actually my Domain name is lbsmtp.org <http://lbsmtp.org> and i relay
> mails from my domain as relayhost through MX record in my dns zone file
> now i want to sign outbound mails Since i am new postfix user so please
> can explain me how can i get DKIM signing mails .
> Please explain me about which and what kind of entries required in dns.
> If any tutorial please send me the link...
Viktor has allready answered
you need to publish your dkim key in the your dns zone file
nameservers for lbsmtp.org
so there should be some interface for publish your dkim key and/or some
admin which will do it for you , then
sign your mail with i.e dkim milter service
perhaps this will help
> On Tue, Jul 17, 2012 at 8:21 PM, Viktor Dukhovni
> <postfix-users <at> dukhovni.org <mailto:postfix-users <at> dukhovni.org>> wrote:
> On Tue, Jul 17, 2012 at 02:21:50PM +0530, Naval saini wrote:
> > This is my DNS ZONE file entry:
> > _domainkey.r02.lbsmtp.org <http://domainkey.r02.lbsmtp.org>.
> IN TXT "t=y; o=-;"
> The above resource record (RR) has no selector, it has no meaning in
> > lbsmtp.org._domainkey.r02.lbsmtp.org
> <http://domainkey.r02.lbsmtp.org>. IN TXT
> > "k=rsa; t=y;
> > rcOXDkvOR544O4LGgwIDAQAB"
> Congratulations, you're configured a 1024-bit RSA key (many sites have
> foolishly created 512-bit RSA keys, which are too easily factored). That
> said, your DNS does not in fact publish this RR to the world at large:
> $ dig -t txt lbsmtp.org._domainkey.r02.lbsmtp.org
> ;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 18036
> lbsmtp.org <http://lbsmtp.org>. 7200 IN SOA
> <http://enow.mercury.orderbox-dns.com>. ...
> So your DKIM public key is not available for verification. Over
> and out.
MfG Robert Schetterer