"Allow DKIM Verification" is blocking valid DKIM?
Hey guys,
Been trying to fix up and customize my exim config. The server is a fresh whm install, with very little default changes.
Whenever I enable "Allow DKIM verification for incoming messages" It will reject email from nearly any server, even if the DKIM entries are valid. "Reject DKIM failures" doesn't make a difference either way.
Example log entry, the email is from a gmail account:
2014-05-23 19:36:06 1WnvGA-0000tp-ME H=mail-qg0-f51.google.com [209.85.192.51]:52864 rejected DKIM
The port 25 verifier service all says the DKIM is valid and "passed" from various domains that were rejected (gmail, yahoo, and my own). So I know the entries are valid.... the issue is definitely on my setup.
For kicks - I also enabled the option on another WHM server and... same issue. Tried adjusting the server's resolver in case it had a wonky DNS config and - same issue still.
Anyone have any clue why this may be happening? I'm stumped.
-
Well, found the solution http://forums.cpanel.net/f43/issue-configuring-exim-361892.html However, in this case it wasn't a "custom" option set. It was WHM apparently glitching out somewhere... since the server this initially happened on was just setup. Oh well, it's working now. 0 -
I think it is because lot of sites don't care of setting a good DKIM. I had the same problem, too many emails rejected, specially those from autoreply, subscription... automatic ones. Checking SPF is enough... Similar problem with "Sender Verification Callouts", even worse... keep it off. Just switch on the one below "Sender Verification" (without callouts). Hope this help. 0 -
[quote="nusuni, post: 1651031">Well, found the solution http://forums.cpanel.net/f43/issue-configuring-exim-361892.html However, in this case it wasn't a "custom" option set. It was WHM apparently glitching out somewhere... since the server this initially happened on was just setup. Oh well, it's working now.
Could you elaborate on the specific entry you found and what steps you took to resolve the issue? Are you referring to the "acl_smtp_dkim = acl_smtp_dkim" entry? Thank you.0 -
[quote="cPanelMichael, post: 1651702">Could you elaborate on the specific entry you found and what steps you took to resolve the issue? Are you referring to the "acl_smtp_dkim = acl_smtp_dkim" entry? Thank you.
Yep, it had a random acl_smtp_dkim = acl_smtp_dkim entry Manually removed it from the configuration, and everything has worked fine since with DKIM verification enabled. WHM version used was 11.42.1 (build 16). No idea how it got there - since like I said before - this was a brand new server. Seems to be fine now though.0 -
[quote="nusuni, post: 1652181">Yep, it had a random acl_smtp_dkim = acl_smtp_dkim entry Manually removed it from the configuration, and everything has worked fine since with DKIM verification enabled. WHM version used was 11.42.1 (build 16). No idea how it got there - since like I said before - this was a brand new server. Seems to be fine now though.
Hello! Before enabling "Allow DKIM verification for incoming messages" I checked my EXIM configuration and I had no value on "acl_smtp_dkim". After enabled, "acl_smtp_dkim" had a value of "acl_smtp_dkim". Is that correct? Or should I remove it? Thank you0 -
[quote="superduper, post: 1696421">Before enabling "Allow DKIM verification for incoming messages" I checked my EXIM configuration and I had no value on "acl_smtp_dkim". After enabled, "acl_smtp_dkim" had a value of "acl_smtp_dkim". Is that correct? Or should I remove it?
Could you elaborate on the change in your /etc/exim.conf file? For instance, you can post the difference in output from:grep acl_smtp_dkim /etc/exim.conf
Thank you.0
Please sign in to leave a comment.
Comments
6 comments