Double Dkim Setup

youthful-zorse · November 23, 2023, 8:02pm

kumo.on(‘smtp_server_message_received’, function(msg)
–local signer0 = kumo.dkim.rsa_sha256_signer {
–domain = msg:from_header().domain,
domain_gmail = msg:to_header().domain,
–selector = ‘acls01’,
headers = {‘Content-Type’, ‘Message-Id’, ‘Subject’, ‘Date’, ‘Mime-Version’, ‘To’, ‘From’},
–key = ‘/opt/kumomta/etc/dkim/acl.pinchappmails.com/acls01.key’,
–}
if (domain_gmail == ‘gmail’)
then
local signer2 = kumo.dkim.rsa_sha256_signer {
domain = msg:from_header().domain,
–domain = msg:to_header().domain,
selector = ‘acls01’,
headers = {‘Content-Type’, ‘Message-Id’, ‘Subject’, ‘Date’, ‘Mime-Version’, ‘To’, ‘From’},
key = ‘/opt/kumomta/etc/dkim/acl.pinchappmails.com/acls01.key’,
}
local signer1 = kumo.dkim.rsa_sha256_signer {
domain = ‘aclmobile.net’,
selector = ‘5nXKKHgBnyGAcLwvMLZIq’,
headers = {‘Content-Type’, ‘Message-Id’, ‘Subject’, ‘Date’, ‘Mime-Version’, ‘To’, ‘From’},
key = ‘/opt/kumomta/etc/dkim/aclmobile.net/5nXKKHgBnyGAcLwvMLZIq.key’,
}
msg:dkim_sign(signer1)
msg:dkim_sign(signer2)
else
local signer3 = kumo.dkim.rsa_sha256_signer {
domain = msg:from_header().domain,
selector = ‘acls01’,
headers = {‘Content-Type’, ‘Message-Id’, ‘Subject’, ‘Date’, ‘Mime-Version’, ‘To’, ‘From’},
key = ‘/opt/kumomta/etc/dkim/acl.pinchappmails.com/acls01.key’,
}
msg:dkim_sign(signer3)

end
end)

Mike · November 23, 2023, 8:08pm

The domain will have an extension, it won’t be just “gmail”

youthful-zorse · November 23, 2023, 8:10pm

even though I have put the extension the result is same

Mike · November 23, 2023, 8:12pm

Gmail has a lot of extensions, you’d probably be better using string.find instead of equality.

wez · November 23, 2023, 8:15pm

as a tip, when pasting lua code in here you can enclose it in a markdown style fenced code block to have it format and syntax highlight it, as shown in this screenshot. It will render like this:

kumo.on('smtp_server_message_received', function(msg)
--local signer0 = kumo.dkim.rsa_sha256_signer {

youthful-zorse · November 23, 2023, 8:26pm

ok thanks wez

youthful-zorse · November 23, 2023, 8:31pm

I tried with thestr.find function but I am getting error 421

Mike · November 23, 2023, 8:32pm

Please make a habit of showing your code and errors to help us help you.

youthful-zorse · November 23, 2023, 8:32pm

ok

youthful-zorse · November 23, 2023, 8:35pm

Escape character is ‘^]’.
220 Mailhub KumoMTA
ehlo mail.com
250-Mailhub Aloha mail.com
250-PIPELINING
250-ENHANCEDSTATUSCODES
250 STARTTLS
mail from:test@comm.pinchappmails.com
250 OK EnvelopeAddress(“test@comm.pinchappmails.com”)
rcpt to:anshukla60@gmail.com
250 OK EnvelopeAddress(“aa@gmail.com”)
DATA
354 Send body; end with CRLF.CRLF
From:test@acl.pinchappmails.com
To:ashutosh.shukla@sinch.com
Subject:Test

test email.

.
421 4.3.0 Mailhub technical difficulties
Connection closed by foreign host.

Mike · November 23, 2023, 8:36pm

And your code?

youthful-zorse · November 23, 2023, 8:37pm

kumo.on('smtp_server_message_received', function(msg)
local signer0 = kumo.dkim.rsa_sha256_signer {
    --domain = msg:from_header().domain,
   domain = msg:to_header().domain,
    selector = '00',
    headers = {'Content-Type', 'Message-Id', 'Subject', 'Date', 'Mime-Version', 'To', 'From'},
    key = '/opt/kumomta/etc/dkim/acl.pinchappmails.com/00.key',
  }
  --if (dom == 'gmail.com')
          --then
                local signer2 = kumo.dkim.rsa_sha256_signer {
                domain = msg:from_header().domain,
                --domain = msg:to_header().domain,
                selector = 'acls01',
                headers = {'Content-Type', 'Message-Id', 'Subject', 'Date', 'Mime-Version', 'To', 'From'},
                key = '/opt/kumomta/etc/dkim/acl.pinchappmails.com/acls01.key',
                                }
                local signer1 = kumo.dkim.rsa_sha256_signer {
                domain = 'aclmobile.net',
                selector = '5nXKKHgBnyGAcLwvMLZIq',
                headers = {'Content-Type', 'Message-Id', 'Subject', 'Date', 'Mime-Version', 'To', 'From'},
                key = '/opt/kumomta/etc/dkim/aclmobile.net/5nXKKHgBnyGAcLwvMLZIq.key',
                                }
 --[[            msg:dkim_sign(signer1)
                msg:dkim_sign(signer2)
  else
          local signer3 = kumo.dkim.rsa_sha256_signer {
                domain = msg:from_header().domain,
                selector = 'acls01',
                headers = {'Content-Type', 'Message-Id', 'Subject', 'Date', 'Mime-Version', 'To', 'From'},
                key = '/opt/kumomta/etc/dkim/acl.pinchappmails.com/acls01.key',
                                }
                msg:dkim_sign(signer3)

  end]]
  if str.find(domain, 'gmail.com')
          then
                  msg:dkim_sign(signer1)
                msg:dkim_sign(signer2)
      else
                msg:dkim_sign(signer2)
   end
end)```

wez · November 23, 2023, 8:38pm

when you see 421 ... technical difficulties you can usually see a lua stack trace in the journal. Troubleshooting KumoMTA - KumoMTA Docs has information on how to review the journal

youthful-zorse · November 23, 2023, 8:46pm

thanks @free-spirited-yorksh it’s helping me a lot to rectify the error, thanks

youthful-zorse · November 23, 2023, 9:23pm

 
kumo.on('smtp_server_message_received', function(msg)
local signer0 = kumo.dkim.rsa_sha256_signer {
    --domain = msg:from_header().domain,
   domain= msg:to_header().domain,
    selector = 'aace01',
    headers = { 'From','To'},
    key = '/opt/kumomta/etc/dkim/aace.com/aace01.key',
  }
  if (domain == "gmail.com")
          then
                local signer2 = kumo.dkim.rsa_sha256_signer {
                domain = msg:from_header().domain,
                --domain = msg:to_header().domain,
                selector = 'acls01',
                headers = {'Content-Type', 'Message-Id', 'Subject', 'Date', 'Mime-Version', 'To', 'From'},
                key = '/opt/kumomta/etc/dkim/acl.pinchappmails.com/acls01.key',
                                }
                local signer1 = kumo.dkim.rsa_sha256_signer {
                domain = 'aclmobile.net',
                selector = '5nXKKHgBnyGAcLwvMLZIq',
                headers = {'Content-Type', 'Message-Id', 'Subject', 'Date', 'Mime-Version', 'To', 'From'},
                key = '/opt/kumomta/etc/dkim/aclmobile.net/5nXKKHgBnyGAcLwvMLZIq.key',
                                }
                msg:dkim_sign(signer1)
                msg:dkim_sign(signer2)
        else
                local signer3 = kumo.dkim.rsa_sha256_signer {
                domain = msg:from_header().domain,
                selector = 'aace01',
                headers = {'Content-Type', 'Message-Id', 'Subject', 'Date', 'Mime-Version', 'To', 'From'},
                key = '/opt/kumomta/etc/dkim/aace.com/aace01.key',
                                }
                msg:dkim_sign(signer3)
   end
end)

youthful-zorse · November 23, 2023, 9:25pm

I tried this but only one header is signing the domain and the else block is calling not the if block

Mike · November 23, 2023, 9:46pm

Print your domain and check the logs to see if it is what you expect.

wez · November 23, 2023, 10:12pm

if (domain == "gmail.com") references the local variable domain, but that isn’t set to anything.

You need to add a line like this before your if block:

local domain = msg:recipient().domain

wez · November 23, 2023, 10:13pm

or just make your if block reference it directly:

if msg:recipient().domain == "gmail.com" then

Mike · November 23, 2023, 10:14pm

Keeping in mind that there’s a lot of international Gmail TLDs, so specifying gmail.com may be limiting.