Otdfbt

What is more safe for browsing the web: PC or smartphone?

Why doesn't a particle exert force on itself?

What happens if I accidentally leave an app running and click "Install Now" in Software Updater?

How to replace space with '+' symbol in a triangular array?

Justification of physical currency in an interstellar civilization?

Reverse ColorFunction or ColorData

How can I obtain and work with a Platonic dodecahedron?

Picking a theme as a discovery writer

How long did it take Captain Marvel to travel to Earth?

How do I, as a DM, handle a party that decides to set up an ambush in a dungeon?

Which "exotic salt" can lower water's freezing point by –70 °C?

Why would a military not separate its forces into different branches?

Why increasing of the temperature of the objects like wood, paper etc. doesn't fire them?

Can an Iranian citizen enter the USA on a Dutch passport?

My dual citizen son (US and Australia) wants to marry a US citizen but live in Australia

Two denim hijabs

Is the US ESTA (Electronic System for Travel Authorization) a visa?

Can a good but unremarkable PhD student become an accomplished professor?

Endgame puzzle: How to avoid stalemate and win?

Make me a minimum magic sum

If an enemy monster charms one PC and tells them to attack a second PC, and then the second PC charms the monster, what happens?

Can I combine SELECT TOP() with the IN operator?

What is the thing used to help pouring liquids called?

How to deal with employer who keeps me at work after working hours

Debug DKIM on MacOS X

MacOS X 10.6 Portable Home Directory sync fails due to FileSync agent crashingusing own mail server with external domain and dns. Now have internal dns. dkim test not workingWhat is wrong in my DKIM setup? I'm getting all failsunknown configuration line “INPUT_MAIL_FILTER(dkim-milter, S=inet:8891@localhost)”Publishing long domain key records in bind9postfix dkim=neutral reason=“invalid (public key: missing p= tag)” outgoing email not receivedDKIM public key not retrievableSetting up a DKIM DNS record and DKIM SMTP header for outgoing email on a generic SMTP serverDKIM record failingDKIM - how to account for different hostnames for the mail host (sendmail, FreeBSD 10.3)

.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty height:90px;width:728px;box-sizing:border-box;

0

I am setting up DKIM on MacOS X/Server using Amavis-new.
Everything seems ok, by when I try to test it using

sudo -u _amavisd -H amavisd -c /Library/Server/Mail/Config/amavisd/amavisd.conf testkeys

I get:

invalid (public key: invalid data)

In the same time, the DNS record seems to be set correctly (ar least - according to my experience with normal Linux based systems) and selector working.

How could I get anything more on what is the reason for amavis to return such message?

mac-osx mac-osx-server dkim amavis

share|improve this question

asked Apr 27 at 22:21

JanisJanis

11

add a comment | 

0

I am setting up DKIM on MacOS X/Server using Amavis-new.
Everything seems ok, by when I try to test it using

sudo -u _amavisd -H amavisd -c /Library/Server/Mail/Config/amavisd/amavisd.conf testkeys

I get:

invalid (public key: invalid data)

In the same time, the DNS record seems to be set correctly (ar least - according to my experience with normal Linux based systems) and selector working.

How could I get anything more on what is the reason for amavis to return such message?

mac-osx mac-osx-server dkim amavis

share|improve this question

asked Apr 27 at 22:21

JanisJanis

11

add a comment | 

I am setting up DKIM on MacOS X/Server using Amavis-new.
Everything seems ok, by when I try to test it using

sudo -u _amavisd -H amavisd -c /Library/Server/Mail/Config/amavisd/amavisd.conf testkeys

I get:

invalid (public key: invalid data)

In the same time, the DNS record seems to be set correctly (ar least - according to my experience with normal Linux based systems) and selector working.

How could I get anything more on what is the reason for amavis to return such message?

mac-osx mac-osx-server dkim amavis

share|improve this question

asked Apr 27 at 22:21

JanisJanis

11

sudo -u _amavisd -H amavisd -c /Library/Server/Mail/Config/amavisd/amavisd.conf testkeys

share|improve this question

asked Apr 27 at 22:21

JanisJanis

11

share|improve this question

asked Apr 27 at 22:21

JanisJanis

11

asked Apr 27 at 22:21

JanisJanis

11

asked Apr 27 at 22:21

JanisJanis

11

1 Answer
1

active

oldest

votes

1

I was able to get this working awhile ago on Server 5.3.1. Using your terminal command, I get:

TESTING#1 example.com: default._domainkey.example.com => pass

Here's what I have to set it up in amavisd.conf:

dkim_key('example.com', 'default', '/var/db/dkim/example.com.default.pem');

The following allows me to use the single key to work for all of the virtual sites hosted on the server:

@dkim_signature_options_bysender_maps = (
 '.' => d => 'example.com',a => 'rsa-sha256',c => 'relaxed/simple',ttl => 30*24*3600 , );

I just checked my notes and realized that there was another piece to the puzzle to get this working.

Not sure which version of Server you are using, but there is a bug in Amavisd in certain versions of Server 5 that requires you to make a change. The details are here:
https://discussions.apple.com/thread/7684786

Note that the directions tell you to insert the patch beneath the line :

Amavis::load_policy_bank($_,$msginfo) for @bank_names_cl; 

There are two instances of that line, at least in Server V 5.3.1. You'll want to work with the second instance further down, which actually has the blank line underneath. Be aware that any future updates to the Server app may overwrite this patch.

Depending on your setup, you also may wish to move the originating port from the default 10024 to 10026 in amavisd.conf.

share|improve this answer

edited May 1 at 14:18

answered May 1 at 12:36

wdkelperwdkelper

113

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Unfortunately is does not help. I my case there are four instances of mentioned line, one - with blank line after it. I still get => invalid (public key: invalid data). I put in the DNS record the info I got using showkeys. What if I'd generate required keys according to opendkim setup procedure? Actualy, it is first time I am trying to get DKIM alive using amavis.
  
  – Janis
  2 days ago
  
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Actually, it is not yet finally clear - unfortunately the DNS service provider uses outdated customer interface not allowing to manage DKIM record myself, so it seems some mistakes are introduced.
  
  – Janis
  2 days ago
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Sounds like you are on the right track. I used the tutorial here: topicdesk.com/downloads/tutorials/… and used the Advanced Configuration Options. That involved enabling/configuring port 10026 to handle mail originating from our trusted users. Past that, I'm not sure what to suggest....I'm assuming that the mail server is being restarted after changed are made?
  
  – wdkelper
  yesterday
  

  
  
  
  

add a comment | 

Your Answer

StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "2"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);

StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);

else
createEditor();

);

function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);



);

draft saved

draft discarded

Sign up or log in

StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);

Sign up using Google

Sign up using Facebook

Sign up using Email and Password

Post as a guest

Name

Email

Required, but never shown

StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fserverfault.com%2fquestions%2f964886%2fdebug-dkim-on-macos-x%23new-answer', 'question_page');

);

Post as a guest

Name

Email

Required, but never shown

1

I was able to get this working awhile ago on Server 5.3.1. Using your terminal command, I get:

TESTING#1 example.com: default._domainkey.example.com => pass

Here's what I have to set it up in amavisd.conf:

dkim_key('example.com', 'default', '/var/db/dkim/example.com.default.pem');

The following allows me to use the single key to work for all of the virtual sites hosted on the server:

@dkim_signature_options_bysender_maps = (
 '.' => d => 'example.com',a => 'rsa-sha256',c => 'relaxed/simple',ttl => 30*24*3600 , );

I just checked my notes and realized that there was another piece to the puzzle to get this working.

Not sure which version of Server you are using, but there is a bug in Amavisd in certain versions of Server 5 that requires you to make a change. The details are here:
https://discussions.apple.com/thread/7684786

Note that the directions tell you to insert the patch beneath the line :

Amavis::load_policy_bank($_,$msginfo) for @bank_names_cl; 

There are two instances of that line, at least in Server V 5.3.1. You'll want to work with the second instance further down, which actually has the blank line underneath. Be aware that any future updates to the Server app may overwrite this patch.

Depending on your setup, you also may wish to move the originating port from the default 10024 to 10026 in amavisd.conf.

share|improve this answer

edited May 1 at 14:18

answered May 1 at 12:36

wdkelperwdkelper

113

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Unfortunately is does not help. I my case there are four instances of mentioned line, one - with blank line after it. I still get => invalid (public key: invalid data). I put in the DNS record the info I got using showkeys. What if I'd generate required keys according to opendkim setup procedure? Actualy, it is first time I am trying to get DKIM alive using amavis.
  
  – Janis
  2 days ago
  
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Actually, it is not yet finally clear - unfortunately the DNS service provider uses outdated customer interface not allowing to manage DKIM record myself, so it seems some mistakes are introduced.
  
  – Janis
  2 days ago
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Sounds like you are on the right track. I used the tutorial here: topicdesk.com/downloads/tutorials/… and used the Advanced Configuration Options. That involved enabling/configuring port 10026 to handle mail originating from our trusted users. Past that, I'm not sure what to suggest....I'm assuming that the mail server is being restarted after changed are made?
  
  – wdkelper
  yesterday
  

  
  
  
  

add a comment | 

1

I was able to get this working awhile ago on Server 5.3.1. Using your terminal command, I get:

TESTING#1 example.com: default._domainkey.example.com => pass

Here's what I have to set it up in amavisd.conf:

dkim_key('example.com', 'default', '/var/db/dkim/example.com.default.pem');

The following allows me to use the single key to work for all of the virtual sites hosted on the server:

@dkim_signature_options_bysender_maps = (
 '.' => d => 'example.com',a => 'rsa-sha256',c => 'relaxed/simple',ttl => 30*24*3600 , );

I just checked my notes and realized that there was another piece to the puzzle to get this working.

Not sure which version of Server you are using, but there is a bug in Amavisd in certain versions of Server 5 that requires you to make a change. The details are here:
https://discussions.apple.com/thread/7684786

Note that the directions tell you to insert the patch beneath the line :

Amavis::load_policy_bank($_,$msginfo) for @bank_names_cl; 

There are two instances of that line, at least in Server V 5.3.1. You'll want to work with the second instance further down, which actually has the blank line underneath. Be aware that any future updates to the Server app may overwrite this patch.

Depending on your setup, you also may wish to move the originating port from the default 10024 to 10026 in amavisd.conf.

share|improve this answer

edited May 1 at 14:18

answered May 1 at 12:36

wdkelperwdkelper

113

• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Unfortunately is does not help. I my case there are four instances of mentioned line, one - with blank line after it. I still get => invalid (public key: invalid data). I put in the DNS record the info I got using showkeys. What if I'd generate required keys according to opendkim setup procedure? Actualy, it is first time I am trying to get DKIM alive using amavis.
  
  – Janis
  2 days ago
  
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Actually, it is not yet finally clear - unfortunately the DNS service provider uses outdated customer interface not allowing to manage DKIM record myself, so it seems some mistakes are introduced.
  
  – Janis
  2 days ago
  

  
  
  
  


• 
  
  
  

  
  

  
  
  
  
  
  

  
  
  Sounds like you are on the right track. I used the tutorial here: topicdesk.com/downloads/tutorials/… and used the Advanced Configuration Options. That involved enabling/configuring port 10026 to handle mail originating from our trusted users. Past that, I'm not sure what to suggest....I'm assuming that the mail server is being restarted after changed are made?
  
  – wdkelper
  yesterday
  

  
  
  
  

add a comment | 

I was able to get this working awhile ago on Server 5.3.1. Using your terminal command, I get:

TESTING#1 example.com: default._domainkey.example.com => pass

Here's what I have to set it up in amavisd.conf:

dkim_key('example.com', 'default', '/var/db/dkim/example.com.default.pem');

The following allows me to use the single key to work for all of the virtual sites hosted on the server:

@dkim_signature_options_bysender_maps = (
 '.' => d => 'example.com',a => 'rsa-sha256',c => 'relaxed/simple',ttl => 30*24*3600 , );

I just checked my notes and realized that there was another piece to the puzzle to get this working.

Not sure which version of Server you are using, but there is a bug in Amavisd in certain versions of Server 5 that requires you to make a change. The details are here:
https://discussions.apple.com/thread/7684786

Note that the directions tell you to insert the patch beneath the line :

Amavis::load_policy_bank($_,$msginfo) for @bank_names_cl; 

There are two instances of that line, at least in Server V 5.3.1. You'll want to work with the second instance further down, which actually has the blank line underneath. Be aware that any future updates to the Server app may overwrite this patch.

Depending on your setup, you also may wish to move the originating port from the default 10024 to 10026 in amavisd.conf.

share|improve this answer

edited May 1 at 14:18

answered May 1 at 12:36

wdkelperwdkelper

113

dkim_key('example.com', 'default', '/var/db/dkim/example.com.default.pem');

@dkim_signature_options_bysender_maps = (
 '.' => d => 'example.com',a => 'rsa-sha256',c => 'relaxed/simple',ttl => 30*24*3600 , );

Amavis::load_policy_bank($_,$msginfo) for @bank_names_cl; 

share|improve this answer

edited May 1 at 14:18

answered May 1 at 12:36

wdkelperwdkelper

113

answered May 1 at 12:36

wdkelperwdkelper

113

answered May 1 at 12:36

wdkelperwdkelper

113