System messages not signed with DKIM (DMARC Fail)

P

Pieter

Verified User
Joined
Mar 27, 2016
Messages
17
Hi all,

Used the following page to setup DKIM on my server:

Both dkim.private.key & dkim.public.key were created for the hostname using the following command:
Code: 
cd /usr/local/directadmin/scripts
./dkim_create.sh vps.example.com

Hostname: vps.example.com
Hosted domains: example.com, example2.com, example3.com

All emails send by the hosted domains are correctly signed with DKIM (cron, lfd and messages send using PHP mail())

But system messages send by DirectAdmin ([email protected]) and directly from the command line ([email protected]) are not signed and failing DMARC.
Code: 
echo "This is a test." | mail -s Testing [email protected]

Why are messages from my hostname not signed with DKIM? Is there a setting I'm missing?

All the best,
Pieter
 
After changing the dkim_domain value in /etc/exim.dkim.conf (http://files.directadmin.com/services/exim.dkim.conf), system messages are correctly signed with DKIM. Command line mail still isn't working though.

Original (1.6):
Code: 
dkim_domain = ${if eq{$sender_address_domain}{}{$primary_hostname}{${lookup{$sender_address_domain}lsearch,ret=key{/etc/virtual/domainowners}{$value}}}}

Changed (this is the original line present in 1.4)
Code: 
dkim_domain = ${if eq{${lc:${domain:$h_from:}}}{}{$primary_hostname}{${lookup{${lc:${domain:$h_from:}}}lsearch,ret=key{/etc/virtual/domainowners}{$value}}}}
 
Pieter saved my day here.

I have SPF, DKIM and DMARC running for a while now, but I had 2 scenario's of mail coming out of my DirectAdmin server, via Exim where the DKIM sign was completely missing.

These 2 scenario's where:
1. The same as Pieter, DirectAdmin system messages where not signed with DKIM. (This is easily tested by logging in as admin, go to the message system, create a ticket.).
2. Sending mail from a remote system via SMTP with authentication through my DirectAdmin server was not signed with DKIM.

After a quite long search I came around this post of Pieter and tried his change in exim.dkim.conf. And sure enough, both of my problems went away. Perfectly, thank you Pieter for your post.

I'm not sure if DirectAdmin is at fault here and exim.dkim.conf needs the same change in the DirectAdmin installer, maybe someone can clarify that.
Or, maybe something else is wrong with my DirectAdmin installation (and the same with Pieter's) causing us to use this change to get outbound messages to contain a DKIM sign. Any further thoughts?
 
This is bit of a newer topic, but there was already a longer topic which is still worked at:

dkim not working for Server's Hostname

Hi, On my server dkim is enabled for all DirectAdmin domains and this is working fine. However, when sending an email directly from my Server's Hostname like: echo "This is a test." | mail -s Testing [email protected] the message is being sent from my servers hostname server.domain.com but...
forum.directadmin.com forum.directadmin.com
you can also read a solution from ejibe in there.

And here's a solution from kam21:

Configure DKIM for host.domain.com email addresses

Hi Brent. Yes, I have my email address set for root as you described. Were you going to suggest that I temporarily stick an external address in there (like a gmail or icloud address) so I can check for DKIM signatures when the server emails me? I'll try that. :) Update: There is no DKIM...
forum.directadmin.com forum.directadmin.com
topic is still ongoing.
 
You must log in or register to reply here.
Back
Top