at first: thank you very much for your tutorial, but i found one thing not working as expected when sending emails to this test service: http://www.brandonchecketts.com/emailtest.php
it tells mit that “public key: does not support hash algorithm ‘sha256′”, so i recreated the keys with the following option removed: “-h rsa-sha256”
No everything works like a charm.
I had an issue with opendkim failing to find the key, throwing an error like this: signing table references unknown key 'example.com'
I was able to solve this problem by modifying the entry for KeyTable in the opendkim configuration file (shown in step 10 above). Removing the “refile:” portion of the KeyTable line did the trick: KeyTable /etc/opendkim/KeyTable
(Note that the SigningTable entry should still use “refile:”.)
For reference, I am using opendkim 2.6.8. Perhaps the format for the configuration file has changed between versions.
The “-h” parameter should be only “sha256” and not “rsa-sha256”.
From the reference RFC: http://tools.ietf.org/html/rfc6376#page-27
key-h-tag = %x68 [FWS] "=" [FWS] key-h-tag-alg
*( [FWS] ":" [FWS] key-h-tag-alg )
key-h-tag-alg = "sha1" / "sha256" / x-key-h-tag-alg
x-key-h-tag-alg = hyphenated-word ; for future extension
Nice guide but it needs an update opendkim-genkey -r -h rsa-sha256 -d example.com -s mail should be opendkim-genkey -r -h sha256 -d example.com -s mail
else it generates a permerror testing dkim at elandsys auto test
steel alive?
at today I’m looking for solution to error “unknown hash ‘rsa-sha256′” when testing my record key on my dns, i’m testing and looking to fix and no solution, i had generated the key by some ways with or without the -h sha256, -h SHA256 parameters and updated the record file them testing and receive the same error “unknown hash ‘rsa-sha256’
Interesting article. Thanks!
Does this also work for vitual domains? Perhaps you might do another howto for using OpenDKIM with virtual domains.
Of course it works, one just needs to create separate setting for each of his domains. Check step 3. 🙂
You could perhaps modify the schema : publish/retrieve the public key (and not the private key)
Why did you set milter protocol 2, not 6?
at first: thank you very much for your tutorial, but i found one thing not working as expected when sending emails to this test service:
http://www.brandonchecketts.com/emailtest.php
it tells mit that “public key: does not support hash algorithm ‘sha256′”, so i recreated the keys with the following option removed: “-h rsa-sha256”
No everything works like a charm.
Hello Florian,
Thanks a lot for the feedback and the useful information.
Thank you very much for your helpful tutorial.
I had an issue with opendkim failing to find the key, throwing an error like this:
signing table references unknown key 'example.com'I was able to solve this problem by modifying the entry for KeyTable in the opendkim configuration file (shown in step 10 above). Removing the “refile:” portion of the KeyTable line did the trick:
KeyTable /etc/opendkim/KeyTable(Note that the SigningTable entry should still use “refile:”.)
For reference, I am using opendkim 2.6.8. Perhaps the format for the configuration file has changed between versions.
The “-h” parameter should be only “sha256” and not “rsa-sha256”.
From the reference RFC: http://tools.ietf.org/html/rfc6376#page-27
key-h-tag = %x68 [FWS] "=" [FWS] key-h-tag-alg
*( [FWS] ":" [FWS] key-h-tag-alg )
key-h-tag-alg = "sha1" / "sha256" / x-key-h-tag-alg
x-key-h-tag-alg = hyphenated-word ; for future extension
Help me out whenever I need to freshly set up my server! You should consier accepting tips via Bitcoin. 😉
Thank so much, this article is very helpful, but i found error in “OversignHeaders From” on step 10, i don’t know how to fix this. please help me.
Nice guide but it needs an update
opendkim-genkey -r -h rsa-sha256 -d example.com -s mailshould beopendkim-genkey -r -h sha256 -d example.com -s mailelse it generates a permerror testing dkim at elandsys auto test
sorry missed it was already told
steel alive?
at today I’m looking for solution to error “unknown hash ‘rsa-sha256′” when testing my record key on my dns, i’m testing and looking to fix and no solution, i had generated the key by some ways with or without the -h sha256, -h SHA256 parameters and updated the record file them testing and receive the same error “unknown hash ‘rsa-sha256’