I suffer from this problem from the very beginning, but I don’t get it. It doesn’t seem too complicated to implement, in fact nethserver makes it very easy. But I still get this error of records not matching.
And created the corresponding txt record in dns editor of registar
What additional infos could I provide to help find the source of this error and eliminate it?
differences are a line break and where the double quotes are. If someone can look at the regex (see source code) to see how it breaks down the dkim record for comparison… (I tried but my memory is rusty)
I remember that I had a paste error in the txt record at my domain provider. Turned out there was 1 character missing… :-/ took a while to figure out where I missed what character…
maybe a compare in 2 text files?
I don’t know, all I can say is I used copy / paste. I need exact instructions on how to preceed. In my point of view that must be a bug as I tried multiple times without success.
Is there a way to recreate a new key without deleting the domain? I don’t want to delete the domain because it contains users with their settings, mailaccounts, group memberships and so on. Can maybe the /etc/opendkim/default txt be deleted or emptied and then a new record be somehow recreated? Or what would you suggest to get a correct dkim record to copy/paste in the dns zone?
What does mail-tester.com say about your DKIM signature? IOW, do you actually have the wrong key in your DNS records, or is it just a false positive on Neth’s end?
Appears to be–Neth’s validation on this is overly picky, it seems.
Yes, the ending .work is the TLD (top-level domain). And I don’t know there’s anything directly you can do about it; SpamAssassin apparently has a history of bad experiences with that TLD. One can hope that, with time and good behavior from that TLD, the penalty with SpamAssassin will drop.
IMVHO… no.
this TLD has a bad reputation, you choose it and now you pay the “price”. But you can’t do nothing about that, unless you add one different.
Try to access from your computer to Mail-Validator link (my browsers requests italian pages)
Second option for Spamassassin: the DKIM signature is valid!
Yeah, I know–I posted that output above. That’s my point. The DNS record is valid, it does match the key on the Nethserver, but Neth is saying the record is invalid. That’s a bug.
I already asked: Is there a way to recreate a new key without deleting the domain? I don’t want to delete the domain because it contains users with their settings, mailaccounts, group memberships and so on. Can maybe the /etc/opendkim/default txt be deleted or emptied and then a new record be somehow recreated? Or what would you suggest to get a correct dkim record to copy/paste in the dns zone? Should I just leave it to the devs to have a fix for this? Tell me if I can provide something to locate the prob and fix it. Thank you all for loking into it and confirming correct dkim signature in sent mails for this domain.