我无法解决 exim 的问题 - 它没有将 DKIM 标头添加到我发送的邮件中。
support:~# cat /etc/issue
Debian GNU/Linux 7 \n \l
support:~# dpkg -l|grep exim
ii exim4 4.80-7 all metapackage to ease Exim MTA (v4) installation
我已经生成了一个密钥并将其添加到 DNS
support:~# ll /etc/exim4/dkim/
/root
total 16K
-r--r----- 1 Debian-exim Debian-exim 887 Jan 21 22:39 mmdsmart.com.key
-r--r----- 1 Debian-exim Debian-exim 299 Jan 21 22:39 mail.txt
support:/etc/exim4/dkim# openssl rsa -in mmdsmart.com.key -pubout
writing RSA key
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC6HZSRvbNUuWnQEVSY5MfSWEn+
BkgcKD2bA0IOrIgiUef93QdpTDqU1zmVg2ozfBUfWx5gqhmvpt0pg7urClWCvEZn
hOfR8mLatgTCs5BuPCVFNbAwKbsahwQ6JYxCcieaCpRP3roqPdbcU1qGhEkyECu1
hQ7nnIEejYXIpC4l9wIDAQAB
-----END PUBLIC KEY-----
support:/etc/exim4/dkim# cat mail.txt
mail._domainkey IN TXT "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC6HZSRvbNUuWnQEVSY5MfSWEn+BkgcKD2bA0IOrIgiUef93QdpTDqU1zmVg2ozfBUfWx5gqhmvpt0pg7urClWCvEZnhOfR8mLatgTCs5BuPCVFNbAwKbsahwQ6JYxCcieaCpRP3roqPdbcU1qGhEkyECu1hQ7nnIEejYXIpC4l9wIDAQAB" ; ----- DKIM key mail for mmdsmart.com
support:/etc/exim4/dkim# dig txt mail._domainkey.mmdsmart.com
; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> txt mail._domainkey.mmdsmart.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20983
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;mail._domainkey.mmdsmart.com. IN TXT
;; ANSWER SECTION:
mail._domainkey.mmdsmart.com. 1603 IN TXT "v=DKIM1\; k=rsa\; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC6HZSRvbNUuWnQEVSY5MfSWEn+BkgcKD2bA0IOrIgiUef93QdpTDqU1zmVg2ozfBUfWx5gqhmvpt0pg7urClWCvEZnhOfR8mLatgTCs5BuPCVFNbAwKbsahwQ6JYxCcieaCpRP3roqPdbcU1qGhEkyECu1hQ7nnIEejYXIpC4l9wIDAQAB"
;; Query time: 2 msec
;; SERVER: 77.247.176.114#53(77.247.176.114)
;; WHEN: Wed Jan 21 23:14:52 2015
;; MSG SIZE rcvd: 293
在我添加了东西到传输之后(互联网上有大量关于如何配置 exim+dkim 的手册)
DKIM_DOMAIN = ${lc:${domain:$h_from:}}
dkim_selector = mail
DKIM_FILE = /etc/exim4/dkim/${lc:${domain:$h_from:}}.key
DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}
dkim_canon = simple
以下是我的 cfg 中的内容:
support:/etc/exim4# grep -r dkim_private_key *
conf.d/transport/30_exim4-config_remote_smtp:dkim_private_key=/etc/exim4/dkim/mmdsmart.com.key
exim4.conf.template:dkim_private_key=/etc/exim4/dkim/mmdsmart.com.key
以下是我从 exim 看到的信息:
support:/etc/exim4# exim -bP transports|grep dkim
dkim_canon =
dkim_domain =
dkim_private_key =
dkim_selector =
dkim_sign_headers =
dkim_strict =
dkim_canon =
dkim_domain =
dkim_private_key =
dkim_selector =
dkim_sign_headers =
dkim_strict =
进出口信息:
support:~# exim -bV
Exim version 4.80 #3 built 02-Jan-2013 19:40:22
Copyright (c) University of Cambridge, 1995 - 2012
(c) The Exim Maintainers and contributors in ACKNOWLEDGMENTS file, 2007 - 2012
Berkeley DB: Berkeley DB 5.1.29: (October 25, 2011)
Support for: crypteq iconv() IPv6 GnuTLS move_frozen_messages DKIM
Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmjz dbmnz dnsdb dsearch nis nis0 passwd
Authenticators: cram_md5 plaintext
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore autoreply lmtp pipe smtp
Fixed never_users: 0
Size of off_t: 8
Configuration file is /var/lib/exim4/config.autogenerated
答案1
我遇到了同样的问题,这是我的解决方法:
将以下行添加到 /etc/exim4/conf.d/transport/10_exim4-config_transport-macros
#DKIM STUFF
DKIM_FILE = /etc/exim4/dkim/${lc:${domain:$h_from:}}.pem
DKIM_DOMAIN = ${lc:${domain:$h_from:}}
DKIM_SELECTOR = mail
DKIM_CANON = relaxed
DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}
注意:您的证书必须位于 /etc/exim4/dkim/ 目录中才能正常工作。
然后在 /etc/exim4/conf.d/transport/30_exim4-config_remote_smtp
### transport/30_exim4-config_remote_smtp
#################################
# This transport is used for delivering messages over SMTP connections.
remote_smtp:
debug_print = "T: remote_smtp for $local_part@$domain - dkim-file $DKIM_FILE"
driver = smtp
dkim_domain = ${lc:${domain:$h_from:}}
dkim_private_key = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}
dkim_selector = mail
dkim_canon = relaxed
dkim_sign_headers = true
.ifdef REMOTE_SMTP_HOSTS_AVOID_TLS
hosts_avoid_tls = REMOTE_SMTP_HOSTS_AVOID_TLS
.endif
.ifdef REMOTE_SMTP_HEADERS_REWRITE
headers_rewrite = REMOTE_SMTP_HEADERS_REWRITE
.endif
.ifdef REMOTE_SMTP_RETURN_PATH
return_path = REMOTE_SMTP_RETURN_PATH
.endif
.ifdef REMOTE_SMTP_HELO_FROM_DNS
helo_data=REMOTE_SMTP_HELO_DATA
.endif
Exim 现在可以正确地签署我每个域的所有出站邮件。
答案2
如果你没有使用 exim 的拆分配置,那么你应该
DKIM_DOMAIN = ${lc:${domain:$h_from:}}
dkim_selector = mail
DKIM_FILE = /etc/exim4/dkim/${lc:${domain:$h_from:}}.key
DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}
dkim_canon = simple
exim4.conf.template 文件,不在传输文件中