Debian opendkim not signing client's outbound messages.
by clsgis from LinuxQuestions.org on (#6HVWK)
I run a personal email server on a rented Debian Virtual Machine.
Postfix and Opendkim on Debian old-stable and stable.
It's a relay "smarthost" for outbound email from workstations on my home LAN.
Setup according to the Debian Wiki.
I use autossh to forward the VM's submit port onto each workstation.
Frequent DMARC reports arrive from Gmail, outlook, and yahoo.
Inbound opendkim signature checking is working.
#opendkim-testkey -vvvv -d mydomain.us -s myselector#
says my keys are ok but not "secure". (That seems to mean DNSSEC is not enabled/working.)
The friendly check-auth@verifier.port25.com auto-responder shows outbound messages are not being signed at all. Why is there no log entry?
SOLVED Almost
InternalHosts line was missing from /etc/opendkim.conf How did I miss that??
I'll update this question when I've tested SASL transmission. Right now my submission port is secured by IP address in Postfix.
Postfix and Opendkim on Debian old-stable and stable.
It's a relay "smarthost" for outbound email from workstations on my home LAN.
Setup according to the Debian Wiki.
I use autossh to forward the VM's submit port onto each workstation.
Frequent DMARC reports arrive from Gmail, outlook, and yahoo.
Inbound opendkim signature checking is working.
#opendkim-testkey -vvvv -d mydomain.us -s myselector#
says my keys are ok but not "secure". (That seems to mean DNSSEC is not enabled/working.)
The friendly check-auth@verifier.port25.com auto-responder shows outbound messages are not being signed at all. Why is there no log entry?
SOLVED Almost
InternalHosts line was missing from /etc/opendkim.conf How did I miss that??
I'll update this question when I've tested SASL transmission. Right now my submission port is secured by IP address in Postfix.