Fwd: Problems Setting up Amavis - Messages Unchecked

Schiz0 schiz0phrenic21 at gmail.com
Thu Apr 5 22:28:07 CEST 2012

Mark: I apoglize for mailing you directly, I meant to send it through the list.

---------- Forwarded message ----------
From: Schiz0 <schiz0phrenic21 at gmail.com>
Date: Thu, Apr 5, 2012 at 4:27 PM
Subject: Re: Problems Setting up Amavis - Messages Unchecked
To: Mark Martinec <Mark.Martinec+amavis at ijs.si>

On Wed, Apr 4, 2012 at 7:31 PM, Schiz0 <schiz0phrenic21 at gmail.com> wrote:
> On Wed, Apr 4, 2012 at 9:36 AM, Mark Martinec
> <Mark.Martinec+amavis at ijs.si> wrote:
>> Schiz0,
>>> I sent a mail to my gmail and viewed the raw body to check the dkim
>>> signature. Here's what it says:
>>> http://pastie.org/private/uhd8dvaukzf3yqiui84yg
>>> As you can see from gmail's headers, the SPF record passes, however it
>>> says the dkim is bad/neutral/invalid format.
>>> I will send a test mail to the list now, however I am not subscribed
>>> from that address.
>>> DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
>>>  d=guglielmo.us; [...] s=mail
>> There is no DKIM public key in your dns:
>> $ host -t txt mail._domainkey.guglielmo.us
>> Host mail._domainkey.guglielmo.us not found: 3(NXDOMAIN)
>> Mark
> Ok, I solved that problem. I apoglize, it seemd my DNS host has
> problems with records longer than 256 chars. I reduced my key from
> 2048 to 1024 and set the proper things up in DNS and amavis. I tested
> the records and it seems to work properly now. I'll send another test
> to one of the automated testing email responders and see if it now
> works properly.
> Thank you for your help!

I have been using the autoreply at check-auth at verifier.port25.com to
test my dkim setup with amavis. It keeps saying I've been failing
because the signature does not check out properly. But something
occured to me suddenly: I am relaying my mail from this server through
a verizon smtp relay, outgoing.verizon.net. This obviously adds
additional Received headers, among other things, to the mail. This
would cause any signature I do before it is relayed out to fail any
check, correct? So with my current setup, I'd be unable to use
dkim/domainkeys signing?


More information about the amavis-users mailing list