tilde.team DKIM signing uses the domain "tilde.team" for all mail domains like tilde.zone #137
Loading…
Reference in New Issue
No description provided.
Delete Branch "%!s(<nil>)"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
The DKIM signing configuration is currently slightly wrong as it uses a single KeyTable entry to sign all domains, which means that the signature always uses d=tilde.team, which means the mail has a valid signature but it is not considered as correct by all DKIM tools.
E.g. gmx/web.de seems to restrict domains sending multiple mails with incorrect signature so that all mails are deferred
(https://postmaster.gmx.net/de/case?c=r0103), the same might impede mail delivery to other domains.
To fix this, the files KeyTable and SigningTable have to be changed to map each email domain to the dns name for dkim and to the signing domain while still using the same key for all.
The two files are in /etc/opendkim/*
The changed files are in ~alexlehm/opendkim/* on tilde.team
i've updated the configs using your examples. will test it out now.
example test with fuckup.club https://www.mail-tester.com/test-lbb78nk2v
thank you, it checks out with thunderbird as well
testing the reply-by-mail thing again
gmx.net is not yet accepting the mails, maybe that will improve after a while
i don't have an inbox there to test - do you?
i have tried it with my gmx account, it didn't work immediately after the change but it is going through now, I received a mail with alexlehm@tilde.news correctly