Good morning I just created DKIM record for one of our customers, but the server keep signing it with the wrong key. How can I fix this? Code: Nov 14 11:36:55 server1 dovecot: lda([email protected]): sieve: msgid=<[email protected]>: forwarded to <[email protected]> Nov 14 11:36:56 server1 amavis[25037]: (25037-02) Passed CLEAN {RelayedOutbound}, LOCAL [127.0.0.1] <[email protected]> -> <[email protected]>, Message-ID: <[email protected]>, mail_id: wpsWcodMqnsq, Hits: -2.999, size: 6948, queued_as: 003AD7C843A, dkim_sd=default:designrus.dk, 502 ms Nov 14 11:36:56 server1 postfix/smtp[18773]: 7E2627C869F: to=<[email protected]>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.62, delays=0.11/0/0/0.5, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 003AD7C843A) Nov 14 11:36:58 server1 postfix/smtp[24196]: 003AD7C843A: to=<[email protected]>, relay=onramp02.hpeprint.com[15.201.184.200]:25, delay=2.4, delays=0.07/0/1.9/0.47, dsn=5.7.0, status=bounced (host onramp02.hpeprint.com[15.201.184.200] said: 550 5.7.0 DKIM signature verification failed (in reply to end of DATA command)) As you can see it signs the forward with dkim_sd=default:designrus.dk instead of dkim_sd=default:seaweed2go.dk as it should. Oh I should probably mention I am using Debian 8, ISPConfig 3.1p1 Hope we can find a solution to this soon. Mike
Ah I forgot that part... It is send to [email protected] which forwards it to [email protected]. It ends up with the error: 550 5.7.0 DKIM signature verification failed (in reply to end of DATA command)
I'm not talkin about the recipient. A new mail is signed for the originating domain (esignrus.dk). Maybe your forwardings breaks something.
A quick question, has SRS been added to ISPConfig 3.1? According to http://www.openspf.org/SRS , it looks like SPF breaks forwarding and SRS should be the solution?
SRS is not part of the default setup. you can install postsrs, there are no changes in ispconfig required for that as far as I know.
Found the following guide : https://www.mind-it.info/2014/02/22/forward-postfix-spf-srs/ . It fixes the problem. Thanks for the advice Brehm. It would be nice if this could be added to the guides for ISPConfig, since this is something people will experience more and more of.
