Dkim failed while senting email

kindhearted-deer · May 21, 2024, 3:11pm

Check the error message
dkim [
{
“method”: “dkim”,
“result”: “temperror”,
“reason”: “key unavailable: failed to decode public key: Encoded text cannot have a 6-bit remainder.”,
“props”: {
“header.a”: “rsa-sha256”,
“header.s”: “kumosend”,
“header.d”: “kumoclnt.domain.io”,
“header.i”: “@kumoclnt.domain.io”,
“header.b”: “m7e/E2RQ”
}
}
]

inclusive-eagle · May 21, 2024, 3:11pm

Hey there @kindhearted-deer, while we would like to respond to every question raised here, the frequency and nature of your questions are far beyond what we at Kumo Corp can support without financial support from your organization.

You may continue to ask questions in the hope that someone from the broader community will help, but you should expect that Kumo Corp will not spend any time beyond a cursory glance to see if your questions are well-qualified and can be easily dealt with.

tom · May 21, 2024, 4:07pm

Looks like you have a bad public key. Why to you think this is a KumoMTA problem?

kindhearted-deer · May 22, 2024, 4:50am

The DKIM key was changed, and I am now debugging DKIM using local verify = msg:dkim_verify(). The result is shown below and indicates a pass:

Hi @faithful-ostrich @yearning-hyena
dkim [ { "method": "dkim", "result": "pass", "props": { "header.i": "@domain.com", "header.a": "rsa-sha256", "header.s": "kumomta", "header.d": "domain.com", "header.b": "BdmwDB3s" } } ]

However, in the email header, it shows that DKIM has failed. See the header data below:

Authentication-Results: spf=pass (sender IP is 10.1.0.1) smtp.mailfrom=domain.com; dkim=fail (body hash did not verify) header.d=domain.com; dmarc=bestguesspass action=none header.from=domain.com; compauth=pass reason=109

kindhearted-deer · May 22, 2024, 5:16am

init.lua file is attached below

kindhearted-deer · May 22, 2024, 5:18am

`local kumo = require ‘kumo’
kumo.on(‘init’, function()
kumo.set_diagnostic_log_filter ‘kumod=debug’
kumo.start_esmtp_listener {
listen = ‘0:25’,
hostname = ‘kumo.maindomain.com’,
}

kumo.start_esmtp_listener {
listen = ‘0.0.0.0:587’,
hostname = ‘kumo.maindomain.com’,
tls_certificate = ‘/opt/kumomta/etc/ssl/kumomesagescafe-cert.pem’,
tls_private_key = ‘/opt/kumomta/etc/ssl/kumomessagescafe-key.pem’,
}

kumo.define_spool {
name = ‘data’,
path = ‘/var/spool/kumomta/data’,
}

kumo.define_spool {
name = ‘meta’,
path = ‘/var/spool/kumomta/meta’,
}

kumo.configure_local_logs {
log_dir = ‘/var/log/kumomta’,
}

end)

kumo.on(‘smtp_server_message_received’, function(msg)
local signer = kumo.dkim.rsa_sha256_signer {
domain = ‘subdomain.com’,
selector = ‘kumomta’,
– headers = { ‘From’, ‘To’, ‘Subject’, ‘MIME-Version’, ‘Content-Type’, ‘Sender’ },
headers = { ‘From’, ‘To’, ‘Subject’ },
key = ‘/opt/kumomta/etc/dkim/subdomain.com/file.private’,
}
msg:dkim_sign(signer)
local verify = msg:dkim_verify()
print(‘dkim’, kumo.json_encode_pretty(verify))
end)

local AUTH_CONFIG = kumo.json_load ‘/opt/kumomta/etc/auth_file.json’

kumo.on(‘smtp_server_auth_plain’, function(authz, authc, password)
if password == ‘’ then
return false
end
return AUTH_CONFIG[authc] == password
end)`