Reputation: 35
DKIM TrustedHosts file issue
Can anyone tell me why this works.
# OPENDKIM TRUSTED HOSTS
# To use this file, uncomment the #ExternalIgnoreList and/or the InternalHosts
# option in /etc/opendkim.conf then restart OpenDKIM. Additional hosts
# may be added on separate lines (IP addresses, hostnames, or CIDR ranges).
# The localhost IP (127.0.0.1) should always be the first entry in this file.
127.0.0.1
137.99.0.0/16
::1
#host.example.com
#192.168.1.0/24
Even though documentation says "hostnames" are allowed this fails to have Postfix sign the email.
# OPENDKIM TRUSTED HOSTS
# To use this file, uncomment the #ExternalIgnoreList and/or the #InternalHosts
# option in /etc/opendkim.conf then restart OpenDKIM. Additional hosts
# may be added on separate lines (IP addresses, hostnames, or CIDR ranges).
# The localhost IP (127.0.0.1) should always be the first entry in this file.
127.0.0.1
#137.99.0.0/16
::1
appmail.uconn.edu
#host.example.com
#192.168.1.0/24
I send emails from T-bird with an IMAP account and FROM= [email protected] thank you. -Angelo
Upvotes: 2
Views: 5988
Answers (1)
Reputation: 36
Make sure your file that looks like this:
127.0.0.1
hostname1.example1.com
example1.com
hostname1.example2.com
example2.com
The TrustedHosts file tells OpenDKIM who to let use your keys. Because it's referenced by the ExternalIgnoreList directive in your conf file, OpenDKIM will ignore this list of hosts when verifying incoming mail and because it's also referenced by the InternalHosts directive, this same list of hosts will be considered "internal," and OpenDKIM will sign their outgoing mail.
IMPORTANT: Make sure you list the IP address for localhost (127.0.0.1) in the TrustedHosts file or OpenDKIM won't sign mail sent from this server. If you have multiple servers on the same network that relay mail through this server and you want to sign their mail as well, they must be listed in the TrustedHosts file. Put each entry on its own line. An entry can be a hostname, domain name (e.g. "example.com"), IP address, an IPv6 address (including an IPv4 mapped address), or a CIDR-style IP specification (e.g. "192.168.1.0/24?).
Upvotes: 2
Related Questions
- DKIM: fail (body hash did not verify) but DMARC: pass
- DKIM check invalid with PHPMailer
- opendkim Permission Denied when loading the key
- DKIM DNS Record found but emails indicate no signature found
- I have configured DKIM but signature verification is failing
- DKIM Signature not validating when sending mail with PHP
- DNS - DKIM TXT result in error?
- dkim missing with smtp postfix server for multiple domains?
- DKIM signatures: headaches and problems galore