dk-milter 1.0.2 and

  • kenwood2

    kenwood2 - 2009-05-18

    I have installed dk-milter 1.0.2 with sendmail on Slackware.   It signs mail correctly but I am having trouble with it verifying incoming mail from the domain 

    At first ALL incoming email that was signed with a domain key resulted in a “domainkeys=fail” in the header. 

    After much gnashing of the teeth, head scratching, and poking around the web I determined that it was the result of my resolv.conf pointing to the Open DNS server which I had used for years.   From what I read in an Open DNS forum, Open DNS servers do not work because they do not return the “AUTHORITY SECTION:” and “ADDITIONAL SECTION:” for a  _domainkey inquiry.   As a result I dropped the reference and added ( in its place.  That solved the problem for almost all inbound mail including mail from  

    The one email source of mail that I still cannot verify is

    If I do a “dig” of the current _domainkey  entry for I receive the following. 7200 IN TXT    "k=rsa\; p=MHwwDQYJKoZIhvcNAQEBBQADawAwaAJhAL10WHRWMSb9Tnl+k4Kzpc18rDCTpDT1pbK0xwkdZIZkaP8NB75qa/S57xccZlIwbI22Ooy/IY+8WxQtvE2z4W" "LLNOf9hkMeicUH48TGkEoCAcaSjJz/b3NMrOy9l1U7gQIDAP//"

    In looking at this I see that the key is split into two parts as indicated by the two sets of quotes.  I assume that is because it takes two TXT entries to list the entire key on the DNS servers, but I do not know that for sure.

    I also assume since all the “dig” responses from domains that I can verify mail from do not have the key spit in two parts, that this is the source of the problem.

    Can anyone verify that and offer a solution? Is it inherent in 1.02 or have I configured something wrong?  Is the problem something else entirely.

    • kenwood2

      kenwood2 - 2009-05-18

      I didn't see the post "This forum is unmonitored" until after I posted.  I will repost to the "dk-milter-discuss" listserv as suggested so you might want to check there if you find this with no followup and are looking for a solution to a similar problem.


Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

No, thanks