[Rspamd-Users] Help sought: DKIM signing on one domain only. The rest were ignored.

Mon Aug 28 20:51:25 UTC 2023

Hi,

I have had problems getting DKIM signing to work with rspamd on multiple 
domains. The last time I checked was years ago so I don't know when it 
broke. Perhaps it never worked, but I did not notice.

I have two domains: dkimWorks.org and dkimBroken.org.

The server runs rspamd 3.6-2~bbb8660e5~bookworm.  ( Debian )

These have this config:

# ls -l /var/lib/rspamd/dkim
-rw-r----- 1 root _rspamd  241 Aug  9 20:42 dkimWorks.org.dkim.dns
-rw-r----- 1 root _rspamd  887 Jul  3  2013 dkimWorks.org.dkim.key
-rw-r----- 1 root _rspamd  241 Aug  9 20:42 dkimBroken.org.dkim.dns
-rw-r----- 1 root _rspamd  887 Jul  3  2013 dkimBroken.org.dkim.key
( These are actually the same keys - I am lazy ).

# cat /etc/rspamd/local.d/arc.conf
path = "/var/lib/rspamd/dkim/$domain.$selector.key";
selector = "dkim";
allow_username_mismatch = true;

The email is sent from the same authenticated user for both domains: 
sophie at authuser.org

However, rspamd signed dkimWorks.org with the DKIM key, but did not sign 
dkimBroken.org.

Logs from /var/log/rspamd/rspamd.log are here:

dkimWorks.org
2023-08-28 20:29:38 #167163(normal) <6b37df>; task; 
rspamd_task_write_log: id: 
<93d11438bcd0c6176f60f39be0edf7c3 at dkimWorks.org>, qid: <E89DD5B>, ip: 
127.0.0.1, user: sophie@ authuser.org, from: <sophie at dkimWorks.org>, 
(default: F (no action): [0.20/18.00] 
[SUBJ_ALL_CAPS(0.30){4;},MIME_GOOD(-0.10){multipart/alternative;text/plain;},ARC_NA(0.00){},DKIM_SIGNED(0.00){dkimWorks.org:s=dkim;},FREEMAIL_ENVRCPT(0.00){gmail.com;},FREEMAIL_TO(0.00){gmail.com;},FROM_EQ_ENVFROM(0.00){},FROM_HAS_DN(0.00){},HAS_ORG_HEADER(0.00){},MID_RHS_MATCH_FROM(0.00){},MIME_TRACE(0.00){0:+;1:+;2:~;},RCPT_COUNT_ONE(0.00){1;},RCVD_COUNT_ZERO(0.00){0;},TAGGED_RCPT(0.00){},TO_DN_ALL(0.00){},TO_MATCH_ENVRCPT_ALL(0.00){}]), 
len: 1178, time: 64.009ms, dns req: 2, digest: 
<d4f2127c99414f42f9b8fd52473e9293>, rcpts: 
<112345 at gmail.com,112345 at gmail.com>, mime_rcpts: <112345 at gmail.com,>, 
settings_id: authenticated

--->  This was added : DKIM_SIGNED(0.00){dkimWorks.org:s=dkim;}

dkimBroken.org
2023-08-28 20:32:03 #167163(normal) <f97ef6>; task; 
rspamd_task_write_log: id: 
<ae601b37c82e8cd2e77792f25ca62ba8 at dkimBroken.eu>, qid: <C7F745B>, ip: 
127.0.0.1, user: sophie at authuser.org, from: <sophie at dkimBroken.eu>, 
(default: F (no action): [0.50/18.00] 
[SUBJ_ALL_CAPS(0.30){4;},MIME_HTML_ONLY(0.20){},ARC_NA(0.00){},FREEMAIL_ENVRCPT(0.00){gmail.com;},FREEMAIL_TO(0.00){gmail.com;},FROM_EQ_ENVFROM(0.00){},FROM_HAS_DN(0.00){},HAS_ORG_HEADER(0.00){},MID_RHS_MATCH_FROM(0.00){},MIME_TRACE(0.00){0:~;},RCPT_COUNT_ONE(0.00){1;},RCVD_COUNT_ZERO(0.00){0;},TAGGED_RCPT(0.00){},TO_DN_ALL(0.00){},TO_MATCH_ENVRCPT_ALL(0.00){}]), 
len: 627, time: 63.341ms, dns req: 2, digest: 
<0122f13094e4856d24a2e4a747a2c4b8>, rcpts: 
<112345 at gmail.com,112345 at gmail.com>, mime_rcpts: <112345 at gmail.com,>, 
settings_id: authenticated

---> This is _missing_: DKIM_SIGNED(0.00){dkimBroken.org:s=dkim;}

Can anybody thing what could be wrong with this configuration?

Regards,S

P.S Yes, the dkimBroken and dkimWorks domains are just covers to 
obfuscate my domains.