I cannot overcome a problem with exim – it's not adding DKIM headers to my outgoing mail.
support:~# cat /etc/issue
Debian GNU/Linux 7 \n \l
support:~# dpkg -l|grep exim
ii exim4 4.80-7 all metapackage to ease Exim MTA (v4) installation
I have generated a key and added it to DNS
support:~# ll /etc/exim4/dkim/
/root
total 16K
-r--r----- 1 Debian-exim Debian-exim 887 Jan 21 22:39 mmdsmart.com.key
-r--r----- 1 Debian-exim Debian-exim 299 Jan 21 22:39 mail.txt
support:/etc/exim4/dkim# openssl rsa -in mmdsmart.com.key -pubout
writing RSA key
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC6HZSRvbNUuWnQEVSY5MfSWEn+
BkgcKD2bA0IOrIgiUef93QdpTDqU1zmVg2ozfBUfWx5gqhmvpt0pg7urClWCvEZn
hOfR8mLatgTCs5BuPCVFNbAwKbsahwQ6JYxCcieaCpRP3roqPdbcU1qGhEkyECu1
hQ7nnIEejYXIpC4l9wIDAQAB
-----END PUBLIC KEY-----
support:/etc/exim4/dkim# cat mail.txt
mail._domainkey IN TXT "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC6HZSRvbNUuWnQEVSY5MfSWEn+BkgcKD2bA0IOrIgiUef93QdpTDqU1zmVg2ozfBUfWx5gqhmvpt0pg7urClWCvEZnhOfR8mLatgTCs5BuPCVFNbAwKbsahwQ6JYxCcieaCpRP3roqPdbcU1qGhEkyECu1hQ7nnIEejYXIpC4l9wIDAQAB" ; ----- DKIM key mail for mmdsmart.com
support:/etc/exim4/dkim# dig txt mail._domainkey.mmdsmart.com
; <<>> DiG 9.8.4-rpz2+rl005.12-P1 <<>> txt mail._domainkey.mmdsmart.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20983
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;mail._domainkey.mmdsmart.com. IN TXT
;; ANSWER SECTION:
mail._domainkey.mmdsmart.com. 1603 IN TXT "v=DKIM1\; k=rsa\; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC6HZSRvbNUuWnQEVSY5MfSWEn+BkgcKD2bA0IOrIgiUef93QdpTDqU1zmVg2ozfBUfWx5gqhmvpt0pg7urClWCvEZnhOfR8mLatgTCs5BuPCVFNbAwKbsahwQ6JYxCcieaCpRP3roqPdbcU1qGhEkyECu1hQ7nnIEejYXIpC4l9wIDAQAB"
;; Query time: 2 msec
;; SERVER: 77.247.176.114#53(77.247.176.114)
;; WHEN: Wed Jan 21 23:14:52 2015
;; MSG SIZE rcvd: 293
After I added stuff to transport (there are tons of manuals over the internets how to configure exim+dkim)
DKIM_DOMAIN = ${lc:${domain:$h_from:}}
dkim_selector = mail
DKIM_FILE = /etc/exim4/dkim/${lc:${domain:$h_from:}}.key
DKIM_PRIVATE_KEY = ${if exists{DKIM_FILE}{DKIM_FILE}{0}}
dkim_canon = simple
Here's what I have in my cfgs:
support:/etc/exim4# grep -r dkim_private_key *
conf.d/transport/30_exim4-config_remote_smtp:dkim_private_key=/etc/exim4/dkim/mmdsmart.com.key
exim4.conf.template:dkim_private_key=/etc/exim4/dkim/mmdsmart.com.key
And this is what I see from exim:
support:/etc/exim4# exim -bP transports|grep dkim
dkim_canon =
dkim_domain =
dkim_private_key =
dkim_selector =
dkim_sign_headers =
dkim_strict =
dkim_canon =
dkim_domain =
dkim_private_key =
dkim_selector =
dkim_sign_headers =
dkim_strict =
Exim info:
support:~# exim -bV
Exim version 4.80 #3 built 02-Jan-2013 19:40:22
Copyright (c) University of Cambridge, 1995 - 2012
(c) The Exim Maintainers and contributors in ACKNOWLEDGMENTS file, 2007 - 2012
Berkeley DB: Berkeley DB 5.1.29: (October 25, 2011)
Support for: crypteq iconv() IPv6 GnuTLS move_frozen_messages DKIM
Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmjz dbmnz dnsdb dsearch nis nis0 passwd
Authenticators: cram_md5 plaintext
Routers: accept dnslookup ipliteral manualroute queryprogram redirect
Transports: appendfile/maildir/mailstore autoreply lmtp pipe smtp
Fixed never_users: 0
Size of off_t: 8
Configuration file is /var/lib/exim4/config.autogenerated
Best Answer
I had the same problem, here is my fix:
Add the following lines to /etc/exim4/conf.d/transport/10_exim4-config_transport-macros
Note: your certificates must reside in the /etc/exim4/dkim/ directory for this to work.
Then in /etc/exim4/conf.d/transport/30_exim4-config_remote_smtp
Exim now signs all of my outbound mail for each domain correctly.