1
DKIM problem ?
Problem reported by Manuel - June 18, 2015 at 2:47 AM
Submitted
Hello,
one of my customer have sent an email and later receive delivery failure with this error:
 
Undelivered Mail Returned to Sender
5.7.20 Massmail must be sign via DKIM
The status is not defined in RFC 3463.
 
The delivery failure is originating by remote server, not from my SmarterMail server.
 
It's because remote server need DKIM ?
I need to implement DKIM for my customer ?
 
 
Tnx
Manuel

3 Replies

Reply to Thread
2
Scarab Replied
June 18, 2015 at 9:20 AM
Manuel,
 
Most Mail Servers will only score an email without a DKIM signature with a low probability of being Spam. However, it is becoming more common to find some Mail Servers that will reject an email without a DKIM signature. In such a case the resolution would be to generate a DKIM key for the sending domain under SETTINGS > DOMAIN SETTINGS > ADVANCED > MAIL SIGNING and selecting "Enable DKIM Signing", clicking on the CERTIFICATE tab and entering a "Selector" (you can use anything you want...I usually abbreviate the domain to three letters), "Key Size" (You should only be using 2048 bit keys since Dec 2014), and clicking on the [GENERATE KEY] button. The "TXT Record Name" and "TXT Record Value" fields will auto-populate. Click on the [SAVE] button and enter the TXT Record Name and TXT Record Value into DNS for the domain (be sure to add k=rsa; before your p= key). After you have saved the Zone file in DNS you can use the [TEST DNS] button to verify that you entered the DNS Record properly.
 
Note that some DNS cannot serve large keys greater than 255 characters without being encapsulated. Microsoft DNS just requires you to put the entire Key in quotes and put hard carriage returns every 140-250 characters (so that it is on 3-5 lines). BIND DNS will require you to encapsulate the key in parenthesis (round brackets) and have each line in quotes, such as follows:
 
( "k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7eUgxJr9AIAVJ86tjc3cN2ZKygm0LGZTlOpbrpMHX+888MTB+GeHRkWPJ6U"
"NHz4xioTK4rLodGE4zJoEeFklC7ajoUZHMJcYr/5Ge82JlW6zrDIgUdCDRNDcgLENP5n+VSY7D8nByOt9eySaH/q4MPzVdHFoGI6fFZ+"
"BJ2XGE8Ng6J9A2aHFrhvahqr0GcZI6SHQdN1vxRvZaC5EIHSWKFtk3f2naD2NoPMOB7BZB2WQ+m/PSLjB71YlLXF6jVJeuzeId5sOZqh"
"kiX7oFXnJltFrP8JRHifC6Bv6M4+aP95VPBpYiEDZJTqPTjx2X2e1CMemPqlAg5J1EiXAoVwx4QIDAQAB" )
0
Bruce Barnes Replied
June 18, 2015 at 9:33 AM
See my response to your other post, about this same problem, here:
 
Bruce Barnes
ChicagoNetTech Inc

Phone: (224) 444-0169

E-Mail and DNS Security Specialist
Network Security Specialist

Customer Service Portal: https://portal.chicagonettech.com
Website: https://www.ChicagoNetTech.com
Security Blog: http://networkbastion.blogspot.com/

Web and E-Mail Hosting, E-Mail Security and Consulting
0
Manuel Replied
June 18, 2015 at 12:08 PM
Tnx all ;)

Reply to Thread