Debian Question posted in
The oficial documentation can be found here.

SPF and DMARC PASS but DKIM 'FAIL' with domain XXX? – Debian

After searching a lot and checking lots of tutorials and q&a, I didn’t find the answer!

I’m using virtualmin on Debian. I enabled DKIM and use PHPMailer:

    require("external/mail2/class.phpmailer.php");
    require("external/mail2/class.smtp.php");

    $mail= new PHPMailer();
    $mail->IsSMTP();
    $mail->SMTPAuth=true;

    $mail->Host = "mail.rexobit.com";
    $mail->Username= "my user name";
    $mail->Password= 'my password';
    $mail->AddAddress('[email protected]', '');
    $mail->SetFrom('[email protected]', 'REXOBIT Notify');

    $mail->DKIM_domain = 'rexobit.com';
    $mail->DKIM_selector = '4040';
    $mail->Encoding = "base64";
    $mail->DKIM_private = '/etc/dkim.key';
    $mail->DKIM_passphrase = '';
    $mail->DKIM_identity = '[email protected]';

    $mail->Subject = 'testing smtp email';
    $mail->IsHTML(true);
    $mail->MsgHTML('this is a test email');
    $mail->AltBody= 'email test';
    if (!$mail->Send()) {
        echo 'Mailer Error: '. $mail->ErrorInfo;
    } else {
        echo 'Message sent!';
    }

result on gmail :
SPF: PASS with IP 2a02:4780:8:6:2:2b…
DKIM: ‘FAIL’ with domain rexobit.com
DMARC: ‘PASS’

When I remove DKIM part on code like this :

    require("external/mail2/class.phpmailer.php");
    require("external/mail2/class.smtp.php");

    $mail= new PHPMailer();
    $mail->IsSMTP();
    $mail->SMTPAuth=true;

    $mail->Host = "mail.rexobit.com";
    $mail->Username= "my user name";
    $mail->Password= 'my password';
    $mail->AddAddress('[email protected]', '');
    $mail->SetFrom('[email protected]', 'REXOBIT Notify');

    $mail->Subject = 'testing smtp email';
    $mail->IsHTML(true);
    $mail->MsgHTML('this is a test email');
    $mail->AltBody= 'email test';
    if (!$mail->Send()) {
        echo 'Mailer Error: '. $mail->ErrorInfo;
    } else {
        echo 'Message sent!';
    }

DKIM disappeared completely! no signing :
result on gmail :
SPF: PASS with IP 2a02:4780:8:6:2:2b…
DMARC: ‘PASS’

I used 2048 and 1024 keys, both same result. also I disabled DKIM on virtualmin server: no success.
DNS created by DKIM automatically. but I created a key pair, added to dns and use it in phpmailer but same results!

google complete result :

    Delivered-To: [email protected]
    Received: by 2002:a9d:5a8:0:0:0:0:0 with SMTP id 37csp6792321otd;
            Tue, 14 Jan 2020 23:49:08 -0800 (PST)
    X-Google-Smtp-Source: APXvYqyipy6njznZ0kMNV2V+cOd1k8Bp/bf3OF92K2umRR4xYOUBOU9NvfxRiW6oMAPH5Vb26Sxo
    X-Received: by 2002:a17:906:e86:: with SMTP id p6mr27208898ejf.299.1579074548335;
            Tue, 14 Jan 2020 23:49:08 -0800 (PST)
    ARC-Seal: i=1; a=rsa-sha256; t=1579074548; cv=none;
            d=google.com; s=arc-20160816;
            b=ni1Zo9tfatMw4rukiT6Kq/s08pOGgjgYU6/Q/+QlDISkUnkGYzvs7wtC4iFYZX01Nl
             qHWRLUfqExqx5oJN+2g1NvOUp+UhZk9HarE6v/Xy7qjADDbiTXvNIFRBhlR6nC9t2ADq
             DmLVEzmtxEjYrYxbncbt1cl4kGWlQfu3X5/wPo66Mh89p3gdMOUJWVQbRb/akaivhIK/
             ZQjirZ8MAVzTdtJ1AjDesUu5F4+xLi8H1B1Nb7bLOwS81W+lWUn8EQFOYz3eOo7LFOlX
             CCVciMJFompewrqRurRCVwh5b5WyGJReDCMElXoJcHIhRfW2Nt8/Uze3bWGe4Cnyz/y5
             ij3w==
    ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
            h=mime-version:message-id:reply-to:from:date:dkim-signature:subject
             :to;
            bh=/JG3Oa95UztnpL1MJZUL9Uqkjr7talhabzwuJCduqaw=;
            b=fSCo7HHsDKdSYxmlujr2tUGqbCx+08+dzrGTIEYUW/j5bABOzLjZSKP7jplZ4vzIv/
             KObFrCHjn4MhydtalG1+fQLRl0TzvMcIX+qAHHLuvlwTzhL3W15vHUdfsEOoI6cJJ30D
             /RQ2IL9JIvMbo2s2p2O5Fij3RnduqLc0NAywFKfxPaOaqSxQD67YsxDe2RN62z17w0dT
             J5EvjLXtBy+tmo6VW9l0MQiDWKN0vxi6MEJC8s3XVjgygJz1vcM5tPpR6ZH70usG7e15
             rLP8nJzP06XCzB8aWqRzIPdRHh4kGRIjpfsVvBoHy2TjKbHjSgmQ6VeanmgR6sqpQO4a
             fAfA==
    ARC-Authentication-Results: i=1; mx.google.com;
           dkim=neutral (bad format) [email protected] header.s=5050;
           spf=pass (google.com: domain of [email protected] designates 2a02:4780:8:6:2:2b17:c6c2:18f5 as permitted sender) [email protected];
           dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=rexobit.com
    Return-Path: <[email protected]>
    Received: from vps.server.local ([2a02:4780:8:6:2:2b17:c6c2:18f5])
            by mx.google.com with ESMTPS id h22si12150651ejc.261.2020.01.14.23.49.08
            for <[email protected]>
            (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
            Tue, 14 Jan 2020 23:49:08 -0800 (PST)
    Received-SPF: pass (google.com: domain of [email protected] designates 2a02:4780:8:6:2:2b17:c6c2:18f5 as permitted sender) client-ip=2a02:4780:8:6:2:2b17:c6c2:18f5;
    Authentication-Results: mx.google.com;
           dkim=neutral (bad format) [email protected] header.s=5050;
           spf=pass (google.com: domain of [email protected] designates 2a02:4780:8:6:2:2b17:c6c2:18f5 as permitted sender) [email protected];
           dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=rexobit.com
    Received: by vps.server.local (Postfix, from userid 1001) id F199223978; Wed, 15 Jan 2020 07:49:07 +0000 (UTC)
    To: [email protected]
    Subject: testing smtp email
    X-PHP-Originating-Script: 1001:class.phpmailer.php
    X-PHPMAILER-DKIM: phpmailer.worxware.com
    DKIM-Signature: v=1; a=rsa-sha1; q=dns/txt; l=340; s=5050; t=1579074547; c=relaxed/simple; h=From:To:Subject; d=rexobit.com; [email protected]; z= | |Subject:=20testing=20smtp=20email; bh=R/emTcIGHSLVMGRNT6rmQdfikuw=; b=
    Date: Wed, 15 Jan 2020 07:49:07 +0000
    From: REXOBIT Notify <[email protected]>
    Reply-to: REXOBIT Notify <[email protected]>
    Message-ID: <[email protected]>
    X-Priority: 3
    X-Mailer: PHPMailer 5.1 (phpmailer.sourceforge.net)
    MIME-Version: 1.0
    Content-Type: multipart/alternative; boundary="b1_933a2cee08fd835247b62fbddb5d763a"

    --b1_933a2cee08fd835247b62fbddb5d763a
    Content-Type: text/plain; charset = "utf-8"
    Content-Transfer-Encoding: base64

    ZW1haWwgdGVzdA==
    --b1_933a2cee08fd835247b62fbddb5d763a
    Content-Type: text/html; charset = "utf-8"
    Content-Transfer-Encoding: base64

    dGhpcyBpcyBhIHRlc3QgZW1haWw=
    --b1_933a2cee08fd835247b62fbddb5d763a--

any help plz?

Tags:

3

Answers


  1. 0

    I think the issue is with your DNS entriy for the DKIM key. Please see the test bellow:

    SPF check
1 SPF record found for the domain rexobit.com :

"v=spf1 a mx a:rexobit.com ip4:194.5.159.246 ~all"

DKIM check
No DNS record found for 4040._domainkey.rexobit.com

    You need to have an entry like 4040._domainkey IN TXT "v=DKIM1; k=rsa; t=s; p=value_of_the_dkim_public_key"

    Once you update your domain’s DNS file, you should wait for the changes to propagate and then try again.

    Or use any online DKIM domain checker and see if it works or not

    Login or Signup to reply.
  2. 0

    In addition to implementing the domainkey, your mail server might also require configuration; in my experience on Debian, exim / exim4 for example requires explicit setup for it to generate the DKIM (including letting it know which portions of the message to authenticate).

    Login or Signup to reply.
  3. 0

    SetFrom in theory also sets the Sender parameter by default. However I’ve sometimes explicitly set both to guarantee what the header is outputting, which sometimes helped me with DKIM issues.

    $phpmailer->Sender='[email protected]';
$phpmailer->SetFrom('[email protected]', 'My Name', FALSE);
    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search