dkim signing fail

kindhearted-deer · December 14, 2023, 9:22am

dkim signing fail while senting mail. could not get any error. mailsenting successfully . but the dkim fail

showing in mail “dkim=none (message not signed)”

please check the following code

** code of “/opt/kumomta/etc/dkim_data.toml”**

[domain.“domain.com”]
selector = ‘kmdk’
headers = [“From”, “To”, “Subject”, “Date”, “MIME-Version”, “Content-Type”, “Sender”]
algo = “sha256”
filename = “/opt/kumomta/etc/dkim/domain.com/kumo1.pem”

**code of “/opt/kumomta/etc/policy/init.lua” **

local kumo = require ‘kumo’

local dkim_sign = require ‘policy-extras.dkim_sign’
local dkim_signer = dkim_sign:setup { ‘/opt/kumomta/etc/dkim_data.toml’ }

–[[ Start of Non-INIT level config ]]

kumo.on(‘smtp_server_message_received’, function(msg)
dkim_signer(msg)
end)

kumo.on(‘http_message_generated’, function(msg)
dkim_signer(msg)
end)

local AUTH_CONFIG = kumo.json_load ‘/opt/kumomta/etc/auth_file.json’

kumo.on(‘smtp_server_auth_plain’, function(authz, authc, password)
if password == ‘’ then
return false
end
return AUTH_CONFIG[authc] == password
end)

–[[ End of Non-INIT level config ]]

kindhearted-deer · December 14, 2023, 9:34am

@yearning-hyena Iam using above below code in init.lua. dkim signing successfully

kumo.on(‘smtp_server_message_received’, function(msg)
msg:append_header(“X-Server-Id”, “Vinam-Kumo”)
local signer = kumo.dkim.rsa_sha256_signer {

                  domain = 'domain.com',
                      selector = 'kmdk',
                          headers = { 'From', 'To', 'Subject' },
                              key = '/opt/kumomta/etc/dkim/domain.com/kumo1.pem',
                                }
                                  msg:dkim_sign(signer)
                          end)

clever-impala · December 14, 2023, 9:41am

Hi, can you try changing this line in your dkim_data.toml [domain."domain.com"]
to [domain."messagescafe.com"]
to match the domain that you use without the helper ?

kindhearted-deer · December 14, 2023, 10:27am

iam replacing my original domain with “domain.com” for posting code . in my original configuration iam giving my valid domain. “domain.com” is a sample text.

rational-ibex · December 14, 2023, 11:20am

Try this :

kumo.on(‘smtp_server_message_received’, function(msg)
queue_helper:apply(msg)
dkim_signer(msg)
end)

kumo.on(‘http_message_generated’, function(msg)
queue_helper:apply(msg)
dkim_signer(msg)
end)

Check out https://docs.kumomta.com/userguide/configuration/example/ how to load helpers

kindhearted-deer · December 15, 2023, 4:57am

this is not working . dkim not signed

tom · December 15, 2023, 5:22am

This could be a file permissions problem. can you please open a second terminal session and trace the journal for debugging?

tom · December 15, 2023, 5:24am

journalctl -f -n 50 -u kumomta.service
^^ this will tail the journal starting with the previous 50 log lines.

tom · December 15, 2023, 5:27am

Permissions on the key should be 644

tom · December 15, 2023, 5:27am

4 -rw-r--r-- 1 kumod kumod 916 Sep 7 17:45 defaultdk.key

tom · December 15, 2023, 5:27am

if you are having a permiossions issue, it will show in the journal

tom · December 15, 2023, 5:28am

In the INIT section, you can add this to get detailed logging, but it will be verbose:
kumo.set_diagnostic_log_filter 'kumod=debug'

tom · December 15, 2023, 5:40am

Looking back on this thread, it seems to be incomplete. Can you please provide your full config ?

kindhearted-deer · December 15, 2023, 4:59pm

@faithful-ostrich thanks for the update

tom · December 15, 2023, 6:18pm

No problem. If you can share the full config, I may be able to help more. The logger, spool and listeners are all missing. I also see you have a dkim signer defined twice in different ways. Happy to help ad-hoc here in the open, but we can also do a private paid consult and just get it working for you too.

kindhearted-deer · December 18, 2023, 3:34am

Hi @faithful-ostrich the issue is fixed.