Results 1 to 9 of 9

Thread: opendkim - I followed the wiki to enable but not working.

  1. #1
    jim.thornton is offline Loyal Member
    Join Date
    May 2010
    Posts
    95
    Rep Power
    5

    Exclamation opendkim - I followed the wiki to enable but not working.

    I have just recently sent this new Zimbra 8.0.3 server. I have only ONE domain setup right now so that I can get everything configured the way I want and then I'm going to start migrating accounts to this server.

    I would like to configure the opendkim which is bundled with Zimbra 8 so I was following the instructions in the wiki but for some reason when I'm running the dig command there is ANSWER: 0.

    I followed this wiki page: http://wiki.zimbra.com/wiki/Configur...h_DKIM_Signing

    I added the DKIM info for the domain. Here is the DNS entries I made: DKIM - DNS Entries - Pastebin.com

    I assume that these DNS entries should be made in the DNS server that is managing ZIMBRA. Is that correct?? The domain that I am configuring in Zimbra is actually controlled by my sharedhosting server and just the MX record is pointing to the ZIMBRA server. I have added the previously mentioned DNS entries to my records file in bind. I'm useing Webmin to configure BIND so I'm not sure which one was right, so I put them both there. That is the actual records file though.

    Could someone please help me get this going?
    Release 7.1.2_GA_3268.UBUNTU10_64 UBUNTU10_64 FOSS edition.

  2. #2
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,585
    Rep Power
    57

    Default

    Quote Originally Posted by jim.thornton View Post
    I would like to configure the opendkim which is bundled with Zimbra 8 so I was following the instructions in the wiki but for some reason when I'm running the dig command there is ANSWER: 0.
    Then you've either made a mistake with the record or you've not added them to the correct DNS server.

    Quote Originally Posted by jim.thornton View Post
    I assume that these DNS entries should be made in the DNS server that is managing ZIMBRA. Is that correct??
    I don't really understand what you mean by that statement, there is no DNS server "managing Zimbra". If you haven't added these DKIM records to your public DNS server how would you expect any other mail server to verify your DKIM 'authenticity'?
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #3
    jim.thornton is offline Loyal Member
    Join Date
    May 2010
    Posts
    95
    Rep Power
    5

    Default

    I don't really understand what you mean by that statement, there is no DNS server "managing Zimbra". If you haven't added these DKIM records to your public DNS server how would you expect any other mail server to verify your DKIM 'authenticity'?
    I did enter them into a public DNS server, but I have 2 DNS servers that are involved with this domain. Here's how it is setup:

    Domain: extra6.com
    Domain Registrar: The nameservers for this domain are pointing to SERVER 1.
    SERVER 1: Sharedhosting w/ Public DNS. All the DNS records for this domain are managed on this DNS server. www.*, mail.*, ftp.*, mx, etc.

    SERVER 2: Zimbra Install with Public DNS.
    Domain: mail-svr.com
    Domain Registrar: The nameservers for this domain are pointing to SERVER 2.
    SERVER 2: Zimbra install w/ Public DNS. This DNS server contains the records for mail-svr.com including the NS, mail and mx records.

    So when I say "the server that is managing ZIMBRA", I am referring to SERVER 2.

    I copy and pasted the text outputted after generating the keys and put it directly in the records file for my master zone of the DNS on SERVER 2. Is that what I'm suppose to do?

    I guess what I need to know... When verifying DKIM, does the receiving server verify with the extra6.com domain, or does it follow back to the server email-svr.com where the email originated?
    Release 7.1.2_GA_3268.UBUNTU10_64 UBUNTU10_64 FOSS edition.

  4. #4
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,585
    Rep Power
    57

    Default

    According to a 'dig' for your domain these are your DNS servers:

    Code:
    ns1.extra6.com.         14400   IN      A       67.214.181.213
    ns2.extra6.com.         14400   IN      A       67.214.181.214
    Neither of those returns any information for your DKIM records, you need to investigate why.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  5. #5
    jim.thornton is offline Loyal Member
    Join Date
    May 2010
    Posts
    95
    Rep Power
    5

    Default

    Okay, that's what I'm asking. Whether I'm suppose to put it in the DNS server for my domain (extra6.com) or the DNS server for my mail server.

    I take it from your response it needs to go in the DNS server for the domain itself. I will try that and see how it works.
    Release 7.1.2_GA_3268.UBUNTU10_64 UBUNTU10_64 FOSS edition.

  6. #6
    quanah is offline Zimbra Employee
    Join Date
    May 2007
    Location
    Zimbra
    Posts
    1,285
    Rep Power
    10

    Default

    The first part of the "D" in DKIM stands for "Domain". It has to do with the DOMAIN that is being signed. So clearly, any DKIM keys need to be associated with the DOMAIN you want signing for.
    Quanah Gibson-Mount
    Server Architect
    Zimbra, Inc
    --------------------
    Zimbra :: the leader in open source messaging and collaboration

  7. #7
    jim.thornton is offline Loyal Member
    Join Date
    May 2010
    Posts
    95
    Rep Power
    5

    Default

    Okay... I entered the DKIM signature into the DNS and dig is showing it when you enter the selector along with ._domainkey.extra6.com

    How do I know that it is working correctly? I sent and email to another email box and I viewed the headers and I can see the DKIM key in the header.

    In the wiki it says enter the following:

    Code:
    /opt/zimbra/opendkim/bin/opendkim-testkey -d example.com -s 0E9F184A-9577-11E1-AD0E-2A2FBBAC6BCB -x /opt/zimbra/conf/opendkim.conf
    But when I enter that it says that it cannot find the command. I had to change it to "sbin" instead of "bin" but when I entered that, nothing happens at all. No output, just goes to a new prompt.
    Release 7.1.2_GA_3268.UBUNTU10_64 UBUNTU10_64 FOSS edition.

  8. #8
    quanah is offline Zimbra Employee
    Join Date
    May 2007
    Location
    Zimbra
    Posts
    1,285
    Rep Power
    10

    Default

    I suggest reading the manpage:

    opendkim-testkey

    If no error is found, it exits with success.
    Quanah Gibson-Mount
    Server Architect
    Zimbra, Inc
    --------------------
    Zimbra :: the leader in open source messaging and collaboration

  9. #9
    anatifaana is offline Intermediate Member
    Join Date
    Feb 2011
    Posts
    16
    Rep Power
    4

    Default

    Dear All,

    In general and after personal issue with the opendkim service, Discovered that the opendkim service is running to check the DNS records, Hostname & FQDN.

    Issue:
    After upgrade i have a problem with the opendkim service (opendkim Stopping).

    Solution:
    1- You have to check the NAT on the Firewall.
    2- You have to check the /etc/hosts file.
    3- You have to check the /etc/resolv.conf file.
    4- You have to check the A and MX records in your Internal DNS.
    5- You have to check the MX record that reserve in your ISP DNS.

    After That try as a zimbra user to run #zmopendkimctl start , it should be working fine after that.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Can we still contribute wiki pages to Zimbra Wiki?
    By yutaka in forum Community News
    Replies: 5
    Last Post: 07-21-2013, 04:43 AM
  2. Disable opendkim?
    By mackoftrack in forum Administrators
    Replies: 9
    Last Post: 07-02-2013, 04:25 PM
  3. opendkim crashed with segfault in zimbra 8.0.0 & 8.0.1 ose
    By Knatterton in forum Administrators
    Replies: 6
    Last Post: 05-29-2013, 12:12 PM
  4. opendkim crashed with segfault in zimbra 8.0.0 & 8.0.1 ose
    By Knatterton in forum Error Reports
    Replies: 1
    Last Post: 11-26-2012, 06:40 AM
  5. digital signature with opendkim in zimbra
    By breejesh in forum Administrators
    Replies: 0
    Last Post: 07-04-2012, 01:00 AM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •