DKIM signature is not valid

31 posts / 0 new
Last post
#1 Sat, 05/09/2015 - 07:56
szer0p

DKIM signature is not valid

Hello there !

I have a problem with DKIM .. my mails come in to spamfolder in hotmail and gmail ..

i tested my email here mail-tester.com

my score ist 7/10 i got problem with the DKIM

Die DKIM Signatur Ihrer Nachricht ist:

v=1;
a=rsa-sha256;
c=simple/simple;
d=domain.com;
s=dkimpal;
t=1431174512;
bh=g3zLYH4xKxcPrHOD18z9YfpQcnk/GaJedfustWU5uGs=;
h=MIME-Version:Content-Type:Content-Transfer-Encoding:Date:From:To:Subject:Message-ID;
b=nPI9oWxQkV3JPBCJIkrNyY6OqRYu6WnAMujTnmuEHnO262/bfYbtUhvNPNGKG3RKc7LKRmciaKleuLQeGDFKAptcNXDbN7xOJp5BygMaqwOM0sW1wsfUYPPuQxTyFqx4+qdnDrIPDoCj4Qd1Ygkz0vpi0itOjazLjdF1oP8syjtvO9MMqYOEWb1WYshEs1vQy2h0kXyyUsZsYuCHxB062CL4G5kLrAvSHIVrRsqhxxB3IoFphR1axxTU3Sb7Vhtm98QZKlQrFcvj1VrcZ8w6RaRCiIU/JdCO1hrWkfr5fma5X6oq/PPgJvLEkO2Qw1bpVbzDC/xKr226JmPjegdQNg==
Ihr öffentlicher Schlüssel ist:

"v=DKIM1;
k=rsa;
t=s;
p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZAimH4VzznW3lDiXTOqq0Rzb17RC1oO+fFCd9dldX4wR0jY7iFcOD5OSoN+kzYYibUckhcZJ/kP8W98KGegE2njGkDngVQjHLPCq3tacR+2iQ5RR/LMbAJn4J2+CpViOmq9cQWwC/zGH+SGcIQo872h0kDxm6kKJ0y4WM6JxZ433K2CKfxRMyG9off6""e2VqeAt1AgE3Ky3Mc2jy1zR0Gb1s5aHL38uIg9jYOjIwHlY+BHWgqQBI65fdCx1iNwplbVyul5fCQUShcorB6AzDdBtjg2+JQX99niiBjKxBkkWLxl5mgaMnigvzJYslWWYW25p2QECn6EUBwHB5N6fYvwIDAQAB"
Schlüssellänge: 2048bits

Your DKIM signature is not valid

but i tested my dkim from here http://dkimcore.org/c/keycheck

and i got This is a valid DKIM key record

what is the problem ? i dont know how to fix it could u please help me

many thanks

Sat, 05/09/2015 - 17:07
Diabolico
Diabolico's picture

Did you wait for DNS to propagate (i think default is 12h)? When you know you will go to change/test your DNS is good to lower TTL to 300 (5 min) but for new TTL to kick in you must wait old one to expire, e.g. if old TTL was 12 hours then you must wait for that to expire and only then new time will start counting. Dont forget to set back to default once you are done.

- I often come to the conclusion that my brain has too many tabs open. -
Failing at desktop publishing & graphic design since 1994.

Sat, 05/09/2015 - 17:21
szer0p

i changed the dkim befor 3 weeks ! but i still having the same problem !

do u think i have a problem with the dns ?

Sat, 05/09/2015 - 18:45
Diabolico
Diabolico's picture

Post your DNS here or if you dont know how to use forum codes then you can copy/paste to http://pastebin.com. Free to hide your domain and ip if you want. Another thing you can check and copy/paste is log files (maillog) and see what it say when you send email (just copy the part what was created by sending new email).

- I often come to the conclusion that my brain has too many tabs open. -
Failing at desktop publishing & graphic design since 1994.

Sat, 05/09/2015 - 20:32
szer0p
dkimpal._domainkey.domain.com 86400 TXT 0 v=DKIM1; k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZAimH4VzznW3lDiXTOqq0Rzb17RC1oO+fFCd9dldX4wR0jY7iFcOD5OSoN+kzYYibUckhcZJ/kP8W98KGegE2njGkDngVQjHLPCq3tacR+2iQ5RR/LMbAJn4J2+CpViOmq9cQWwC/zGH+SGcIQo872h0kDxm6kKJ0y4WM6JxZ433K2CKfxRMyG9off6e2VqeAt1AgE3Ky3Mc2jy1zR0Gb1s5aHL38uIg9jYOjIwHlY+BHWgqQBI65fdCx1iNwplbVyul5fCQUShcorB6AzDdBtjg2+JQX99niiBjKxBkkWLxl5mgaMnigvzJYslWWYW25p2QECn6EUBwHB5N6fYvwIDAQAB

the maillog>

May 10 03:26:57 server postfix/pickup[1843]: 0099711A0B3F: uid=0 from=<root>
May 10 03:26:57 server postfix/cleanup[17109]: 0099711A0B3F: message-id=<2015051                                                                                        0012657.0099711A0B3F@server.domain.com>
May 10 03:26:57 server postfix/qmgr[1844]: 0099711A0B3F: from=<root@domain                                                                                        .com>, size=481, nrcpt=1 (queue active)
May 10 03:26:57 server postfix/smtp[17112]: cannot load Certificate Authority da                                                                                        ta: disabling TLS support
May 10 03:26:57 server postfix/smtp[17112]: warning: TLS library problem: 17112:                                                                                        error:0906D066:PEM routines:PEM_read_bio:bad end line:pem_lib.c:802:
May 10 03:26:57 server postfix/smtp[17112]: warning: TLS library problem: 17112:                                                                                        error:0B084009:x509 certificate routines:X509_load_cert_crl_file:PEM lib:by_file                                                                                        .c:285:
May 10 03:26:58 server postfix/smtp[17112]: 0099711A0B3F: to=<a.kh@hotmail.de>,                                                                                         relay=mx3.hotmail.com[207.46.8.199]:25, delay=1.5, delays=0.11/0.02/0.48/0.91, d                                                                                        sn=2.0.0, status=sent (250  <20150510012657.0099711A0B3F@server.domain.com                                                                                        > Queued mail for delivery)
May 10 03:26:58 server postfix/qmgr[1844]: 0099711A0B3F: removed
Sun, 05/10/2015 - 02:27
Diabolico
Diabolico's picture

Based on your log i think your certificate is corrupted May 10 03:26:57 server postfix/smtp[17112]: warning: TLS library problem: 17112:error:0906D066:PEM routines:PEM_read_bio:bad end line:pem_lib.c:802:. What you can do is to open that certificate and check if it looks like this:

-----BEGIN CERTIFICATE-----
/snipped code/
-----END CERTIFICATE-----

If you cant see anything wrong with your certificate then you could try to create new one.

- I often come to the conclusion that my brain has too many tabs open. -
Failing at desktop publishing & graphic design since 1994.

Sun, 05/10/2015 - 08:19
szer0p

I have bought 2 SSL one for www.domain.com and the other is for domain.com ..

i have the domain.com in the webmin installed and thats work perfect .. i go to Manage SSL Certificate
and then i click Copy to Postfix and Copy to Dovecot

but i have the same problem .. i tried to delete them from the folder /etc/postfix and etc/Dovecot but i had the same error ..

i dont know how to fix it

maillog after this

May 10 15:13:20 server postfix/smtp[4393]: cannot load Certificate Authority data: disabling TLS support
May 10 15:13:20 server postfix/smtp[4393]: warning: TLS library problem: 4393:error:0906D066:PEM routines:PEM_read_bio:bad end line:pem_lib.c:802:
May 10 15:13:20 server postfix/smtp[4393]: warning: TLS library problem: 4393:error:0B084009:x509 certificate routines:X509_load_cert_crl_file:PEM lib:by_file.c:285:

i have those certificates in the postfix folder

postfix.ca.pem postfix.cert.pem postfix.key.pem

Sun, 05/10/2015 - 09:48
szer0p

the TLS setting in the main.cf of postfix

smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_authenticated_header = yes

# Replace this with your SSL certificate path if you are using one.
smtpd_tls_cert_file = /etc/postfix/postfix.cert.pem
smtpd_tls_key_file = /etc/postfix/postfix.key.pem
smtpd_tls_CAfile = /etc/postfix/postfix.ca.pem
smtpd_use_tls=yes
smtp_tls_security_level = may
smtpd_tls_security_level = may
#smtpd_tls_auth_only = no
smtp_tls_note_starttls_offer = yes
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
smtpd_delay_reject = yes
disable_vrfy_command = yes
smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
milter_default_action = accept
milter_protocol = 2
smtpd_milters = inet:localhost:8891
non_smtpd_milters = inet:localhost:8891
smtpd_tls_mandatory_ciphers = high

is this correct ? can those setting cause this issue

Sun, 05/10/2015 - 11:08
Diabolico
Diabolico's picture

Check if you have one empty line after "-----END CERTIFICATE-----". It should be like this:

1.-----BEGIN CERTIFICATE-----
2.
3. /snipped code/
4. ... 20+ lines (its really not important how many if your cert is valid)
......
25. -----END CERTIFICATE-----
26.

- I often come to the conclusion that my brain has too many tabs open. -
Failing at desktop publishing & graphic design since 1994.

Sun, 05/10/2015 - 11:33
szer0p

i checked the postfix.cert.pem it is ok no empty line but in the virtualmin panel i checked the DomainKey Options and i saw an empty line i removed it but still the same problem

Sun, 05/10/2015 - 11:55
szer0p

i deleted all the lines for the tls in the main.cf i dont get any error now in the maillog but still the dkin is not valied :(

is the tls important for the dkim ?

Sun, 05/10/2015 - 12:47
Diabolico
Diabolico's picture

You sure you dont have any errors now? Its strange because that is usually result of lacking that empty line. Can you make a test and put back that empty line in all cert and see if the problem comes back, even in the cert who originally didnt have it.

- I often come to the conclusion that my brain has too many tabs open. -
Failing at desktop publishing & graphic design since 1994.

Mon, 05/11/2015 - 07:20
szer0p

yes im sure i dont have any errors now .. i made the test and putet back the empty line .. i dont see any problem now .. i think the problem is with this lines in the main.cf

cause these lines i copied them from internet and i dont know if they are good ?

# for SMTP-Auth setting
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_authenticated_header = yes

# Replace this with your SSL certificate path if you are using one.
smtpd_tls_cert_file = /etc/postfix/postfix.cert.pem
smtpd_tls_key_file = /etc/postfix/postfix.key.pem
smtpd_tls_CAfile = /etc/postfix/postfix.ca.pem
smtpd_use_tls = yes
smtpd_tls_auth_only = yes
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_tls_loglevel = 3
tls_random_source = dev:/dev/urandom
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
# will it be a permanent error or temporary
unknown_local_recipient_reject_code = 450
# how long to keep message on queue before return as failed.
# some have 3 days, I have 16 days as I am backup server for some people
# whom go on holiday with their server switched off.
maximal_queue_lifetime = 7d
# max and min time in seconds between retries if connection failed
minimal_backoff_time = 1000s
maximal_backoff_time = 8000s

# how long to wait when servers connect before receiving rest of data
smtp_helo_timeout = 60s
# how many address can be used in one message.
# effective stopper to mass spammers, accidental copy in whole address list
# but may restrict intentional mail shots.
smtpd_recipient_limit = 16
# how many error before back off.
smtpd_soft_error_limit = 3
# how many max errors before blocking it.
smtpd_hard_error_limit = 12

# This next set are important for determining who can send mail and relay mail
# to other servers. It is very important to get this right - accidentally produ$
# an open relay that allows unauthenticated sending of mail is a Very Bad Thing.
#
# You are encouraged to read up on what exactly each of these options accomplis$

# Requirements for the HELO statement
smtpd_helo_restrictions = permit_mynetworks, warn_if_reject reject_non_fqdn_hos$
# Requirements for the sender details
smtpd_sender_restrictions = permit_sasl_authenticated, permit_mynetworks, warn_$
# Requirements for the connecting server
smtpd_client_restrictions = reject_rbl_client sbl.spamhaus.org, reject_rbl_clie$
# Requirement for the recipient address. Note that the entry for
# "check_policy_service inet:127.0.0.1:10023" enables Postgrey.
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, re$
smtpd_data_restrictions = reject_unauth_pipelining

# require proper helo at connections
smtpd_helo_required = yes
# waste spammers time before rejecting them
smtpd_delay_reject = yes
disable_vrfy_command = yes
milter_default_action = accept
milter_protocol = 2
smtpd_milters = inet:localhost:8891
non_smtpd_milters = inet:localhost:8891

smtpd_tls_mandatory_ciphers = high

otherway i cant recive emails from outside the server .. when i send a test email to me .. i recived it but when i send a test email to me from hotmail i dont recive anything and after oneday i get a delay email from hotmail Delivery Status Notification (Delay)‏

what can i do know for the dkim sorry but realy i dont have any idea to solve this problem i hop u can help me with that

thanks alot

Mon, 05/11/2015 - 11:07
Diabolico
Diabolico's picture

So you can receive emails from other servers/services but you have problem to send your emails, or its the other way around you can send but you cant receive?

- I often come to the conclusion that my brain has too many tabs open. -
Failing at desktop publishing & graphic design since 1994.

Mon, 05/11/2015 - 11:33
szer0p

i can send emails to anthor servers but i cant receive email

Mon, 05/11/2015 - 11:46
Diabolico
Diabolico's picture

Logs what you linked me yesterday was about corrupted certificates (SSL) what we sort (hope you left that empty line at the end of every certificate). DKIM problem would be when you send email and then that email get marked as spam or deleted because of invalid DKIM.

Now back to your second problem. If you can send but cant receive emails that could be because your firewall or you are missing MX records in your DNS. You can check DNS first as usually there is the problem. If you dont use external email service like GoogleApps but local mail server then you should have this in your DNS:

mail.yourdomain.com. IN A xxx.xxx.xxx.xxx
yourdomain.com. IN MX 5 mail.yourdomain.com.

- I often come to the conclusion that my brain has too many tabs open. -
Failing at desktop publishing & graphic design since 1994.

Mon, 05/11/2015 - 13:59
szer0p

Yes i have those dns record

Mon, 05/11/2015 - 15:43
Diabolico
Diabolico's picture

Interesting. You should take a look at your firewall if you have open port 25 and in case you are behind a router take a look there. Another reason it could be you are hosting from home and in that case its probably your ISP who is blocking some ports, for sure port 25.

- I often come to the conclusion that my brain has too many tabs open. -
Failing at desktop publishing & graphic design since 1994.

Mon, 05/11/2015 - 16:54
szer0p

i checkd in my vps firewall port 25 is opend and i dont know what if my isp ist blocking the port 25 can cause this problem ..

iam afriad that the problem is caused from the setting of postfix and dovecot ..

how can we test it .. no error messege are in the maillog

Mon, 05/11/2015 - 17:22
Diabolico
Diabolico's picture

Try to connect with telnet to port 25 of your server and see if you can. If the result is positive then the problem could be hiding in master.cf or main.cf. In that case maybe Eric could help as right now i cant see anything wrong with your main.cf (at least part what you posted here). You can try with "intodns.com" and "mxtoolbox.com/SuperTool.aspx" to see if you can spot any problems.

- I often come to the conclusion that my brain has too many tabs open. -
Failing at desktop publishing & graphic design since 1994.

Mon, 05/11/2015 - 17:44
szer0p

i think u r right .. i cant connect to port 25 with telnet ..i got Connection refused

so here is the problem but i checked the port its opend

Mon, 05/11/2015 - 17:59
szer0p
[root@server ~]# sudo netstat -plntu
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address               Foreign Address             State       PID/Program name
tcp        0      0 127.0.0.1:11000             0.0.0.0:*                   LISTEN      1975/lookup-domain-
tcp        0      0 0.0.0.0:8088                0.0.0.0:*                   LISTEN      1878/openlitespeed
tcp        0      0 127.0.0.1:953               0.0.0.0:*                   LISTEN      963/named
tcp        0      0 127.0.0.1:8891              0.0.0.0:*                   LISTEN      1723/dkim-filter
tcp        0      0 0.0.0.0:20000               0.0.0.0:*                   LISTEN      1982/perl
tcp        0      0 0.0.0.0:993                 0.0.0.0:*                   LISTEN      1683/dovecot
tcp        0      0 0.0.0.0:995                 0.0.0.0:*                   LISTEN      1683/dovecot
tcp        0      0 0.0.0.0:870                 0.0.0.0:*                   LISTEN      1174/sshd
tcp        0      0 0.0.0.0:7080                0.0.0.0:*                   LISTEN      1878/openlitespeed
tcp        0      0 0.0.0.0:10025               0.0.0.0:*                   LISTEN      1215/clamsmtpd
tcp        0      0 127.0.0.1:3306              0.0.0.0:*                   LISTEN      1615/mysqld
tcp        0      0 0.0.0.0:110                 0.0.0.0:*                   LISTEN      1683/dovecot
tcp        0      0 127.0.0.1:3310              0.0.0.0:*                   LISTEN      1205/clamd
tcp        0      0 127.0.0.1:783               0.0.0.0:*                   LISTEN      29431/spamd.pid
tcp        0      0 0.0.0.0:143                 0.0.0.0:*                   LISTEN      1683/dovecot
tcp        0      0 0.0.0.0:10000               0.0.0.0:*                   LISTEN      1989/perl
tcp        0      0 0.0.0.0:21                  0.0.0.0:*                   LISTEN      1195/vsftpd
tcp        0      0 ip:53           0.0.0.0:*                   LISTEN      963/named
tcp        0      0 127.0.0.1:53                0.0.0.0:*                   LISTEN      963/named
tcp        0      0 :::443                      :::*                        LISTEN      1554/httpd
tcp        0      0 :::993                      :::*                        LISTEN      1683/dovecot
tcp        0      0 :::995                      :::*                        LISTEN      1683/dovecot
tcp        0      0 :::870                      :::*                        LISTEN      1174/sshd
tcp        0      0 :::110                      :::*                        LISTEN      1683/dovecot
tcp        0      0 :::143                      :::*                        LISTEN      1683/dovecot
tcp        0      0 :::80                       :::*                        LISTEN      1554/httpd
tcp        0      0 :::53                       :::*                        LISTEN      963/named
udp        0      0 ip:123          0.0.0.0:*                               1183/ntpd
udp        0      0 127.0.0.1:123               0.0.0.0:*                               1183/ntpd
udp        0      0 0.0.0.0:123                 0.0.0.0:*                               1183/ntpd
udp        0      0 0.0.0.0:10000               0.0.0.0:*                               1989/perl
udp        0      0 0.0.0.0:20000               0.0.0.0:*                               1982/perl
udp        0      0 ip:53           0.0.0.0:*                               963/named
udp        0      0 127.0.0.1:53                0.0.0.0:*                               963/named
udp        0      0 2a02:c200:0:10:3:0:6420::123 :::*                                    1183/ntpd
udp        0      0 fe80::250:56ff:fe3c:4f04:123 :::*                                    1183/ntpd
udp        0      0 ::1:123                     :::*                                    1183/ntpd
udp        0      0 :::123                      :::*                                    1183/ntpd
udp        0      0 :::53                       :::*                                    963/named

i cant see the port 25 here !! i used this commands to open it iptables -I INPUT -p tcp --dport 25 -j ACCEPT

/sbin/service iptables save

/sbin/service iptables restart

Tue, 05/12/2015 - 02:50
Diabolico
Diabolico's picture

Before you change any file please make a local copy!!!

  1. Check your firewall nano /etc/sysconfig/iptablesand you should have a line like this -A INPUT -p tcp -m tcp -m multiport -j ACCEPT --dports 25,587 or run iptables -L -n and copy that here.

  2. In your main.cf check for: "inet_interfaces = all", "inet_protocols = ipv4", "mydestination = $myhostname, localhost.$mydomain, localhost, your.hostname.tld". In case some of this lines are commented out uncomment then and set how i posted here.

  3. In your master.cf look for for:

# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
smtp inet n - n - - smtpd -o smtpd_sasl_auth_enable=yes

This line can end only with "smtpd" or something similar what depends how did you set your mail server, what is important are those letters "n, -, y". Another thing, look in your master.cf if you have any line with "127.0.0.1" and change that to "0.0.0.0".

  1. Run netstat -plnt |grep :25 and you should get tcp        0      0 0.0.0.0:25              0.0.0.0:*               LISTEN if you get something else post it here.

Well this is all what i could think right now. Ofc it could be tons of others things but this is most frequent mistakes what could block your port 25.

Last but not least, it doesnt have anything to do with your problem but more about not be used to spam other people server so in your main.cf change "unknown_local_recipient_reject_code = 450" to "unknown_local_recipient_reject_code = 550".

- I often come to the conclusion that my brain has too many tabs open. -
Failing at desktop publishing & graphic design since 1994.

Tue, 05/12/2015 - 02:54
Diabolico
Diabolico's picture

I didnt mention but for changes to take effect you must restart each service you were changing.

- I often come to the conclusion that my brain has too many tabs open. -
Failing at desktop publishing & graphic design since 1994.

Tue, 05/12/2015 - 09:29
szer0p

thanks a lot no w can recive emails :) but i now i cant send emails hahaha !!! omg

i can send emails from ssh .. but i cant from smtp from website or so .. i dont know whats happend when i opend the port 25 .. i can now recive emails but i cant send any !

anyway i have SSL on my website so i think i musst open port 465

this is my master.cf

submission inet n       -       n       -       -       smtpd
0.0.0.0:smtp   inet    n   -   n   -   -   smtpd
465   inet    n       -       n       -       -       smtpd
-o smtpd_tls_security_level=encrypt
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING

i geht this error in the maillog when i try to send a email from smtp> May 12 16:23:19 server postfix/smtpd[2137]: initializing the server-side TLS engine May 12 16:23:19 server postfix/smtpd[2137]: connect from localhost[127.0.0.1] May 12 16:23:19 server postfix/smtpd[2137]: disconnect from localhost[127.0.0.1]

whats happend now ?

Tue, 05/12/2015 - 12:01
Diabolico
Diabolico's picture

Logs you posted doesnt show any error. Revert back how it was before my last post, follow my instructions and check after each change if sending/receiving emails works. So you will be able to see what will happen at each change and much easier to look around for a solution. At this point if everything fails again i think best would be to hire someone to take a look at your server and sort everything. Somehow i suspect that your server have more problems then we can see now.

- I often come to the conclusion that my brain has too many tabs open. -
Failing at desktop publishing & graphic design since 1994.

Tue, 05/12/2015 - 13:56
szer0p

i want to thank u very much .. now all is fine and works good !! sending and reciving emails :)

many thanks to ur help :=)

but i want to ask u the last quetion i tried again to test the dkim it still the signature not valied but i see that it has been changen from that i poested it above

v=1;
a=rsa-sha256;
c=simple/simple;
d=palstudenten.com;
s=dkimpal;
t=1431456369;
bh=g3zLYH4xKxcPrHOD18z9YfpQcnk/GaJedfustWU5uGs=;
h=Message-ID:Date:Subject:From:To:MIME-Version:Content-Type:Content-Transfer-Encoding;
b=GAYL32DGwkG50Mq9ynFPph6PcJQNBqO9uCT3WqRARVMG4st2Ewfys4Ld7TIeydDEShMzlVoHlpgBi50SgM3JMS6hGSakBn+8rpALVmyqVmJXICABU3yjARJpg9M8yiaIz0jjz+a1ZHAgdcJgLqEv5+HgQ4Ka/96fU8lrQYGvHNj4p3Q6i+9sPQEff7zWvIbHfr8GjyGDh5GvZsmJLUuavdl11scCnmZnvVP0mC5ewrDMbmDajnjTTh2oboqLvsR5t1S5UhvufHMuopnlTKK89eLkPqF4PdHFHlN1jcLfCyd+AgfWtmPz7SyCO7YgehEB8IoHsHYuTZgvFHf8gL0VMg==


Your DKIM signature is not valid

could we also fix this problem ?

Tue, 05/12/2015 - 21:09
Diabolico
Diabolico's picture

First go to Vmin - Email - DomainKeys Identified Mail and check to recreate new DKIM. Then login to Umin and send empty email to gmail or hotmail. Copy the log here (it should have a line with "DKIM-Signature field added").

- I often come to the conclusion that my brain has too many tabs open. -
Failing at desktop publishing & graphic design since 1994.

Tue, 05/12/2015 - 15:35
Diabolico
Diabolico's picture

Forgot to say, in case you didnt change your TTL as i told you at the beginning of this topic i think you will need to wait for the change to propagate. How long? Depending what did you put for TTL.

- I often come to the conclusion that my brain has too many tabs open. -
Failing at desktop publishing & graphic design since 1994.

Sun, 08/02/2015 - 19:01
szer0p

sorry for the late replay but i still have the same problem .. with dkim !! i sent an empty emait to gmail and this is the log mail

Aug  3 01:50:49 server postfix/postfix-script[5149]: refreshing the Postfix mail system
Aug  3 01:50:49 server postfix/master[5145]: reload -- version 2.6.6, configuration /etc/postfix
Aug  3 01:52:27 server postfix/smtpd[5579]: initializing the server-side TLS engine
Aug  3 01:52:27 server postfix/smtpd[5579]: connect from localhost[127.0.0.1]
Aug  3 01:52:55 server postfix/smtpd[5579]: warning: 1.0.0.127.dnsbl.njabl.org: RBL lookup error: Host or domain name not found. Name service error for name=1.0.0.127.dnsbl.njabl.org type=A: Host not found, try again
Aug  3 01:52:55 server postfix/smtpd[5579]: 5E16811A0224: client=localhost[127.0.0.1]
Aug  3 01:52:55 server postfix/cleanup[5586]: 5E16811A0224: message-id=<1438559547.5576@xxx.com>
Aug  3 01:52:55 server postfix/qmgr[5157]: 5E16811A0224: from=<alaa@xxx.com>, size=458, nrcpt=1 (queue active)
Aug  3 01:52:55 server postfix/smtpd[5579]: disconnect from localhost[127.0.0.1]
Aug  3 01:52:56 server postfix/smtp[5587]: 5E16811A0224: host gmail-smtp-in.l.google.com[2a00:1450:4013:c00::1b] said: 421-4.7.0 [2a02:c200:0:10:3:0:6420:1      15] Our system has detected an unusual 421-4.7.0 rate of unsolicited mail originating from your IP address. To protect 421-4.7.0 our users from spam, mail sent from your IP address has been 421-4.7.0 temporarily rate limited. Please visit 421-4.7.0  https://support.google.com/mail/answer/81126 to review our Bulk Email 421 4.7.0 Senders Guidelines. l7si10857430wif.65 - gsmtp (in reply to end of DATA command)
Aug  3 01:52:56 server postfix/smtp[5587]: 5E16811A0224: to=<gschd.com@gmail.com>, relay=gmail-smtp-in.l.google.com[74.125.136.27]:25, delay=29, delays=28/0.04/1.2/0.18, dsn=2.0.0, status=sent (250 2.0.0 OK 1438559576 fi5si10811701wib.110 - gsmtp)
Aug  3 01:52:56 server postfix/qmgr[5157]: 5E16811A0224: removed
Aug  3 01:54:01 server postfix/smtpd[5579]: connect from localhost[127.0.0.1]
Aug  3 01:54:01 server postfix/smtpd[5579]: 42A5711A0224: client=localhost[127.0.0.1]
Aug  3 01:54:01 server postfix/cleanup[5586]: 42A5711A0224: message-id=<1438559641.5685@ar-frauen.com>
Aug  3 01:54:01 server postfix/qmgr[5157]: 42A5711A0224: from=<ar-frauen@ar-frauen.com>, size=466, nrcpt=1 (queue active)
Aug  3 01:54:01 server postfix/smtpd[5579]: disconnect from localhost[127.0.0.1]
Aug  3 01:54:01 server postfix/smtp[5587]: 42A5711A0224: to=<gschd.com@gmail.com>, relay=gmail-smtp-in.l.google.com[2a00:1450:4013:c00::1b]:25, delay=0.58, delays=0.09/0/0.18/0.31, dsn=5.7.1, status=bounced (host gmail-smtp-in.l.google.com[2a00:1450:4013:c00::1b] said: 550-5.7.1 [2a02:c200:0:10:3:0:6420:1      12] Our system has detected that this 550-5.7.1 message is likely unsolicited mail. To reduce the amount of spam sent 550-5.7.1 to Gmail, this message has been blocked. Please visit 550 5.7.1  https://support.google.com/mail/answer/188131 for more information. ei9si10853934wid.78 - gsmtp (in reply to end of DATA command))
Aug  3 01:54:01 server postfix/cleanup[5586]: D3B6011A0E9F: message-id=<20150802235401.D3B6011A0E9F@server.xx.com>
Aug  3 01:54:01 server postfix/bounce[5709]: 42A5711A0224: sender non-delivery notification: D3B6011A0E9F
Aug  3 01:54:01 server postfix/qmgr[5157]: D3B6011A0E9F: from=<>, size=3705, nrcpt=1 (queue active)
Aug  3 01:54:01 server postfix/qmgr[5157]: 42A5711A0224: removed
Aug  3 01:54:01 server postfix/local[5710]: D3B6011A0E9F: to=<ar-frauen@xxxx.com>, orig_to=<ar-frauen@ar-frauen.com>, relay=local, delay=0.03, delays=0/0.01/0/0.02, dsn=2.0.0, status=sent (delivered to command: /usr/bin/procmail)
Aug  3 01:54:01 server postfix/qmgr[5157]: D3B6011A0E9F: removed
Tue, 07/11/2017 - 00:22
alpeshtk

v=1; a=rsa-sha256; c=simple/simple; d=mail.oktick.com; s=2017; t=1499658064; bh=rnDDjVIPBw5bhpnVGPNja8qdKhQPkkOa4WJR/w9xjv0=; h=To:Subject:Message-ID:Date:From:MIME-Version:Content-Type:Content-Transfer-Encoding; b=QBJ9iG2g6rvzQNN/XSbhs5X5fXq+BkeEo9BMeucrL2K7qPZvfLwkhUXYaC7OYe7H9SOjNQncXkuB6xOnxzjQDTobH5C5adCvrD/AfAQTZnUhDioCEVP6B7fCc3Rer+zuH3p4FHW8vpeJq/ZX2dV55g5/ufTFlFBSD98v+ybBbXo= Your public key is:

"v=DKIM1; t=s; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC/fV51ZgTQ7kv4+9W7094N14vFwV5UZzbS+GboB4VaVTjWKhcBj+DpNTkU7D3ovaHRgWLMuX3lZFZiL6zkPrNbpbig8mgAfhmg8JLC12fO4VBUCwJcrERGwhbi0gMpQFnVHXwVpC7tfTXQDpN+uWLLo5ZCi73rGrDwLc4hlOt+xwIDAQAB" Key length: 1024bits

Your DKIM signature is not valid which changes needs to require for this issue fix? please help me for this issue.