难以记录openkim签名,以排除为什么在Centos 7上的phplist设置中txt消息正确签名而html消息不能正确签名的问题。phplist的开发人员已经要求日志来帮助解决问题,但我无法生成它们。
这是我的/etc/openkim .conf。日志输出示例AutoRestart Yes
AutoRestartRate 10/1h
LogWhy Yes
Syslog Yes
SyslogSuccess Yes
Mode sv
Canonicalization relaxed/simple
ExternalIgnoreList refile:/etc/opendkim/TrustedHosts
InternalHosts refile:/etc/opendkim/TrutedHosts
KeyTable refile:/etc/opendkim/KeyTable
SigningTable refile:/etc/opendkim/SigningTable
SignatureAlgorithm rsa-sha256
Socket inet:8891@localhost
PidFile /var/run/opendkim/opendkim.pid
UMask 022
UserID opendkim:opendkim
TemporaryDirectory /var/tmp
这里是邮件日志文件。没有迹象表明出站邮件已签名:
Oct 18 16:04:40 mail postfix/pickup[26230]: C65F13F7A3: uid=700 from=<blablabla@wonderfulrama.com>
Oct 18 16:04:40 mail postfix/cleanup[26545]: C65F13F7A3: message-id=<f4f45a6587f55f03181cc72f612ff0b3@wonderfulrama.com>
Oct 18 16:04:40 mail postfix/qmgr[13116]: C65F13F7A3: from=<blablabla@wonderfulrama.com>, size=8817, nrcpt=1 (queue active)
Oct 18 16:04:40 mail postfix/pickup[26230]: D9E103F2D0: uid=700 from=<blablabla@wonderfulrama.com>
Oct 18 16:04:40 mail postfix/cleanup[26545]: D9E103F2D0: message-id=<478a3610c0d3afb3a7a12d11a57a8728@wonderfulrama.com>
Oct 18 16:04:40 mail postfix/qmgr[13116]: D9E103F2D0: from=<blablabla@wonderfulrama.com>, size=2628, nrcpt=1 (queue active)
Oct 18 16:04:41 mail postfix/smtp[26556]: C65F13F7A3: to=<blanketyblank@gmail.com>, relay=gmail-smtp-in.l.google.com[209.85.xxx,xxx]:25, delay=0.96, delays=0.11/0.06/0.35/0.44, dsn=2.0.0, status=sent (250 2.0.0 OK 1476806682 t1si21324804qke.238 - gsmtp)
Oct 18 16:04:41 mail postfix/qmgr[13116]: C65F13F7A3: removed
Oct 18 16:04:41 mail postfix/smtp[26557]: D9E103F2D0: to=<blanketyblank@gmail.com>, relay=gmail-smtp-in.l.google.com[173.194.xxx,xxx]:25, delay=0.97, delays=0.09/0.06/0.3/0.52, dsn=2.0.0, status=sent (250 2.0.0 OK 1476806682 e4si21333125qkc.144 - gsmtp)
Oct 18 16:04:41 mail postfix/qmgr[13116]: D9E103F2D0: removed
然而,邮件头显示:
这是经过正确身份验证的出站纯文本消息的标志:
Authentication-Results: mx.google.com;
dkim=pass header.i=@wonderfulrama.com;
spf=pass (google.com: domain of blablabla@wonderfulrama.com designates xxx.xxx.xxx.xxx as permitted sender) smtp.mailfrom=blablabla@wonderfulrama.com
Received: by mail.wonderfulrama.com (Postfix, from userid 700)
id D9E103F2D0; Tue, 18 Oct 2016 16:04:40 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wonderfulrama.com;
s=default; t=1476806680;
bh=2Qo7Vw5ynEtee8vcpiVBDV4Mwd/Xi+0j1Vcg+Kge0HM=;
h=To:Subject:Date:From:List-Help:List-Unsubscribe:List-Subscribe:
List-Owner;
b=YX7WZykE5G7yHoC/xb1JrCrJ+QfOQKNFGzA7pd38krpZjVWxGIRHA2QwuzBibOmrB
9MW7LE2KszYj6w/S71Ru5hmDH9L5A+pgMfohxOk0/ujoDwUFX3tSA6atRZHsxYBdke
kiEyYIdmHhsA5YWQRagA01QXVOpMCkkha5ZJEsus=
这是来自出站html消息的失败电子邮件标头的标志:
Authentication-Results: mx.google.com;
dkim=neutral (body hash did not verify) header.i=@wonderfulrama.com;
spf=pass (google.com: domain of blablabla@wonderfulrama.com designates xxx.xxx.xxx.xxx as permitted sender) smtp.mailfrom=blablabla@wonderfulrama.com
Received: by mail.wonderfulrama.com (Postfix, from userid 700)
id C65F13F7A3; Tue, 18 Oct 2016 16:04:40 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wonderfulrama.com;
s=default; t=1476806680;
bh=OU///H7E0TINCIYEiNDAPlxKESdq02278nItJZ7WOZM=;
h=To:Subject:Date:From:List-Help:List-Unsubscribe:List-Subscribe:
List-Owner;
b=o3a9JvADtFZ0LQFqwB9SAT7XSMbqX4J6JSbaRaq617cuvwNlnGXz/sOzyvvgOQc2i
XiNMZqWqMK0p/3+f52amFc7FLYmNkZ008dhtbWoD+5+jcsTINReKj/JDCJktvVcqgl
lQXRa3DcWFony67H42wM0XJzrWCgSl26Go8HO4q4=
将规范化更改为relaxed/relaxed许多DKIM编码器根据电子邮件的内容在simple上遇到麻烦。然后再用GMAIL测试一下,你可能也想用电子邮件测试器这样的工具来测试4种不同的DKIM解码器。