ive got dkim=neutral (bad version) header.i with gmail and dkim=fail (unknown key type) with yahoo

Question

I'm having external ip and ubuntu server with exim4.71 and bind9. I'm trying to set valid dkim entry to send mail for gmail

Here are my configuration files: bind9:

_domainkey.example.com.       IN      TXT     "o=-;"
mail._domainkey.example.com.  IN      TXT     "v=DKIM1;k=rsa-sha256;p=MHwwDQYJKoZIhvcNAQEBBQADawAwaAJhAMDO8xXc3fMjQnWs6ejxTsrMa4xvb0470b2wCIbx1/790huhBr1386mkvvzeTpDDwkFmOZWXnJLw+Qeh4p/rkNQ7AVCk2uZQ+Kwy+jxM17QdZaDxSY9U1HYUFXC8BKAUYwIDAQAB"

I've got this results from check-auth@verifier.port25.com

==========================================================
Summary of Results
==========================================================
SPF check:          pass
DomainKeys check:   neutral
DKIM check:         pass
Sender-ID check:    pass
SpamAssassin check: ham

Any idea what the problem is?

from yahoo:

from=example.com; dkim=fail (unknown key type)

ive change k=rsa-sha256 to just k=rsa and now

from=example.com; dkim=pass (ok)

This also helped with gmail :)

Solution:

v=DKIM1;k=rsa-sha256;p=... --> v=DKIM1;k=rsa;p=....

Question solved

Using dkim-filter or dkimproxy? Can you add t=y to both TXT records, let TTL time out and retry? Also, if you can publish the full headers (with hidden hosts/ips) from google mail? — 3molo, Apr 05 '11 at 07:52
t=y its just a test mode. Ive managed to solve this. Ive made a mistake in key declaration. just put k=sha and thats all. — MealstroM, Apr 05 '11 at 07:54

score 4 · Accepted Answer · answered Apr 05 '11 at 08:28

4

Solution: change dkim field in BIND9 zone: from v=DKIM1;k=rsa-sha256;p=... to --> v=DKIM1;k=rsa;p=.... rsa-sha256 or rsa-sha1 doesnt work for me :(

answered Apr 05 '11 at 08:28

MealstroM

1,517
1
17
32

ive got dkim=neutral (bad version) header.i with gmail and dkim=fail (unknown key type) with yahoo

1 Answers1

Linked