postfix/opendkim not sign email from php on second domain

Question

I have two domains, called them example1.com and example2.com

on example1.com all emails sent with dkim sign.
on example2.com emails from php sent without dkim sign, but if send email from console, email will be signed.

ex. console command:

php -r 'mail("myemail@yandex.ru", "TEST", "TEST TEXT", "MIME-Version:
1.0\r\nContent-type: text/html; charset=\"utf-8\"\r\nFrom: no-reply <admin@example2.com>\r\n");'

Server

Centos 7
php-fpm + nginx

opendkim.conf

# grep "^[^#;]" /etc/opendkim.conf
AutoRestart             Yes
AutoRestartRate         10/1h
LogWhy                  Yes
Syslog                  Yes
SyslogSuccess           Yes
Mode                    sv
Canonicalization        relaxed/simple
ExternalIgnoreList      refile:/etc/opendkim/TrustedHosts
InternalHosts           refile:/etc/opendkim/TrustedHosts
KeyTable                refile:/etc/opendkim/KeyTable
SigningTable            refile:/etc/opendkim/SigningTable
SignatureAlgorithm      rsa-sha256
Socket                  inet:8891@localhost
PidFile                 /var/run/opendkim/opendkim.pid
UMask                   022
UserID                  opendkim:opendkim
TemporaryDirectory      /var/tmp

main.cf

# grep "^[^#;]" /etc/postfix/main.cf 
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
mail_owner = postfix
myhostname = example1.com
inet_interfaces = localhost
inet_protocols = all
mydestination = $myhostname, localhost.$mydomain, localhost
unknown_local_recipient_reject_code = 550
relay_domains = example1.com,example2.com
relayhost =
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases


debug_peer_level = 2
debugger_command =
     PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
     ddd $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.10.1/samples
readme_directory = /usr/share/doc/postfix-2.10.1/README_FILES
smtpd_milters = inet:localhost:8891
non_smtpd_milters = inet:localhost:8891
milter_default_action   = accept
milter_protocol         = 2

TrustedHosts

# grep "^[^#;]" /etc/opendkim/TrustedHosts
localhost
127.0.0.1
::1
example1.com
example2.com

KeyTable

grep "^[^#;]" /etc/opendkim/KeyTable
default._domainkey.example1.com example1.com:default:/etc/opendkim/keys/example1.com/default
default._domainkey.example2.com example2.com:default:/etc/opendkim/keys/example2.com/default

SigningTable

# grep "^[^#;]" /etc/opendkim/SigningTable
*@example1.com default._domainkey.example1.com
*@example2.com default._domainkey.example2.com

transport

# grep "^[^#;]" /etc/postfix/transport 
example1.com smtp:mx.yandex.ru
example2.com smtp:mx.yandex.ru

php.ini

# grep sendmail_path /etc/php.ini
sendmail_path = /usr/sbin/sendmail.postfix -t -i

test.php

<?php
$headers= "MIME-Version: 1.0\r\n";
$headers .= "Content-type: text/html; charset=\"utf-8\"\r\n";
$headers .= "From: no-reply <admin@example2.com>\r\n";
if (mail('myemail@yandex.ru', 'TEST', 'TEST', $headers)){
    echo 'OK';
}
else {
    echo 'FAIL';
}

This config need just for send emails, for receive emails I use pdd.yandex.ru
Where is problem with example2.com?

score 0 · Answer 1 · answered May 13 '16 at 12:22

0

You may need to specify a "From:" header in the sendmail command. Opendkim only signs Mails with an aligned "From:" header.

answered May 13 '16 at 12:22

dexial

1
1

I added `test.php`, there header `From` is exists., but on `example2.com` sending without dkim sign, if it was sent from php, but from console it sending with dkim sign. – Waki May 13 '16 at 12:39