Re: [exim] DKIM: signing failed (RC -101)

Top Page
Delete this message
Reply to this message
Author: Mark Elkins
Date:  
To: exim-users
Subject: Re: [exim] DKIM: signing failed (RC -101)
On Sat, 2014-10-11 at 19:47 +0100, Jeremy Harris wrote:
> On 11/10/14 17:18, Mark Elkins wrote:
> > dkim_private_key = /etc/exim/dkim.private.key
> >
> > I think an error message of "dkim_private_key not found - please specify
> > the full pathname" would have been more helpful than "signing failed".
>
> As the docs say:
>
> http://www.exim.org/exim-html-current/doc/html/spec_html/ch-support_for_dkim_domainkeys_identified_mail.html
>
> the value of the dkim_private_key option is taken as a
> filename if it starts with a "/". If is doesn't, and
> isn't null (or a synonym) it is take to be the actual
> key.


Ouch... didn't take that in with my initial reading.

Well - that greatly weakens my argument. Need to vent my wasted hour on
someone though.. ;-)

The Armoured Key itself can have the '/' character. I presume this can
never be the first character? It can't have a '.' (dot) or '-' (dash)
though - so if these chars exist - its probably someone like me - doing
the wrong thing. So (apart from case 3, Zero or Null) if the Key doesn't
validate as a Key (Ascii into binary) - perhaps the error should read:
"dkim_private_key: Invalid ASCII armoured Key, Is this a filename?
Filenames always have a leading '/'"
Would this not help those who add a syntactically incorrect Armoured
Key?

-- 
Mark James ELKINS  -  Posix Systems - (South) Africa
mje@???       Tel: +27.128070590  Cell: +27.826010496
For fast, reliable, low cost Internet in ZA: https://ftth.posix.co.za