DKIM sign issue - Githubissues

system info

Please report your OS, Node version, and Haraka version by running this shell script on your Haraka server and replacing this section with the output. Ubuntu Latest Haraka Latest Nodejs

I will show: I used the dkim generator provided dkim_key_gen.sh. Folder: relay.mymta.com contains all the files: DNS, selector, private, public

dkim_sign.ini:

[main]

[sign]
enabled = true
selector = apr2024
domain = relay.mymta.com
key_path = /opt/haraka/config/dkim/relay.mymta.com/private

dkim.ini:

[main]

[sign]
enabled = true
selector = apr2024
domain = relay.mymta.com
key_path = /opt/haraka/config/dkim/relay.mymta.com/private

DKIM set in the main domain:

ubuntu@relay:/opt/haraka$ dig apr2024._domainkey.relay.mymta.com TXT +short
"v=DKIM1;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4SyoWWf7/G0gkeIdxl7kEWojoDmiNIhMupB9gOhtYcBDPLVXcGF2ksVD0ztkU9SYhuFYOUgGeooHKr+hGcOQclSsbw2+ deleted the rest"
ubuntu@relay:/opt/haraka$

I also tried to copy the private file generated in the dkim folder under the main domain and renamed the file: key_path = /opt/haraka/config/dkim.private.key

Message source in Gmail:

Delivered-To: recipient@example.com
Received: by 2002:a17:906:d975:b0:a52:6ce5:7cc with SMTP id rp21csp696544ejb;
        Tue, 16 Apr 2024 15:03:20 -0700 (PDT)
X-Google-Smtp-Source: AGHT+IHuf+e+LrPz9uLY1O64zI3UKytq4uaWadGGTzU5zqIHR0Mk3s0sgQWlDti1k2fHZoLlvtp5
X-Received: by 2002:a25:df91:0:b0:de1:f7ed:3236 with SMTP id w139-20020a25df91000000b00de1f7ed3236mr10643052ybg.30.1713305000317;
        Tue, 16 Apr 2024 15:03:20 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1713305000; cv=none;
        d=google.com; s=arc-20160816;
        b=zCCxIILDRhLpxSd11nyvN9YVzTgwM4ZrY3qx3xcbasy1+Z7t7iah/kVz8GRYNmVQgm
         8KdaDqIWwzKRqD7nJLrIH1oU3H7dJsacYF31+OWopmP69lItc+Hbl0IiE197pIbFfFVm
         plD+ZVwvZJN9lOhz7Hils6rlgvSA0/n1qMaHz//pS9q7ptpR1JisETLtI8mcdH/650e8
         Db68ss0Pz46vNoYlNiqHTYGEE01i/AzekIwCfd0TvY5eNBuCpU6zSxs6TiGTzDi4QsqL
         GiMVkDR5+u0Gn7U12BjzoIIpSKfbrAyu3VdXmgGQuo5tLicD3BMW9A0Oud5QOL2qawRG
         EyPg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=dkim-signature:message-id:subject:from:to:date;
        bh=ecGWgWCJeWxJFeM0urOVWP+KOlqqvsQYKOpYUP8nk7I=;
        b=lDt/a7O+ivwJA+bhoqupGVaTLThOEiP24+Tf0ILjaJfoqvxdJFHnex81QWb6NwJ95c
         XuGlzccgP+aLasS4G4IfoQr93t/OhdFwU8R9CrB5gipkOfdCnTw82Tf7tEcDIIx7pGGI
         EZfapBok4MIk55gj1HFcMzP0sX/5hARRwzxJuObZXU+9ksS7I47vEwMeId2ZxRF/W/lc
         G1Qvnv7GYCvMnxxF7RsxgaJGOulCDHRoKpqmc/tKud69Henq0p4R9BrEWOIDoB82Kiys
         a+8Oa8F6ba/d386btTjtemmX/rQ09H5SszdpByU10tqJ5esvxMOyZRyJD9xj61MLMSAf
         I2eA==;
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=temperror (no key for signature) header.i=@example.com header.s=mail header.b=0A02wYN0;
       spf=pass (google.com: domain of username@domain.com designates 15.235.10.1 as permitted sender) smtp.mailfrom=username@domain.com;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=domain.com
Return-Path: <username@domain.com>
Received: from server.domain.com (server.domain.com. [15.235.10.1])
        by mx.google.com with ESMTPS id d9-20020a25adc9000000b00dcdbc351e3asi5685685ybe.309.2024.04.16.15.03.20
        for <recipient@example.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 16 Apr 2024 15:03:20 -0700 (PDT)
Received-SPF: pass (google.com: domain of username@domain.com designates 15.235.10.1 as permitted sender) client-ip=15.235.10.1;
Authentication-Results: mx.google.com;
       dkim=temperror (no key for signature) header.i=@example.com header.s=mail header.b=0A02wYN0;
       spf=pass (google.com: domain of username@domain.com designates 15.235.10.1 as permitted sender) smtp.mailfrom=username@domain.com;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=domain.com
Received: (Haraka outbound); Tue, 16 Apr 2024 22:03:19 +0000
Authentication-Results: server.domain.com; auth=pass (cram-md5)
Received: from server.domain.com (Unknown [127.0.0.1]) by server.domain.com (Haraka/3.0.3) with ESMTPA id 54AECDC0-80FE-4010-8956-EEFCE0B91FAA.1 envelope-from <username@domain.com> (authenticated bits=0); Tue, 16 Apr 2024 22:03:19 +0000
Date: Tue, 16 Apr 2024 22:03:19 +0000
To: recipient@example.com
From: username@domain.com
Subject: Test DKIM signing
Message-Id: <20240416220319.023513@server.domain.com>
X-Mailer: swaks v20201014.0 jetmore.org/john/code/swaks/
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=example.com; s=mail; h=from:subject:date:message-id:to; bh=ecGWgWCJeWxJFeM0urOVWP+KOlqqvsQYKOpYUP8nk7I=; b=0A02wYN0za2aXrF+oZUm3r00IoS2ybqnVfDJTf68HuWKubc2jxfZ4xjRel2D1L4Ka+bkSS3okp d7gNblGhb7W3dHsIr67aoec7H3knOOfV+dy/GWtxr8dKIOxRp3r9Nn+mOKoSQbdAQwG6Huj07f6l kJwNPvrQ5IQrWhRA6RZYV0Csg7PgIJXSWjwE9o6/T4cqVZ9ey5PrqV8+D9TkRnFhD47+YKkE4fp9 sK5yAA0+nwDzazRkczs3B7BvFIGcgI/cGECuXVnda3USM9cm42G4QBv5GX7GbF9onmuTz5NUFkEd +14M4d00bpZwdcoxABQXYFtC+VzjyRgmINKlQOTA==

This is a test mailing

DKIM: | 'FAIL' with domain example.com

But I set the correct settings, I also tried dkim.ini and dkim_sign.ini - where is the correct file?

haraka / haraka-plugin-dkim

DKIM sign issue #4

system info