DKIM issue : cannot sign - no identifiable sending address
I try to setup DKIM signing for outgoing mail on our C300D appliance with 7.1.2-020 AsyncOS but I could not get rid of that "cannot sign - no identifiable sending address" issue.
I've a public and private IP interface. I inject mail to the Private listener with RELAYED activated for my sender group 192.168.0.x. I've defined a outgoing filter which detects mails injected from the private listener to deliver them through the public interface (alt-src-host). On the RELAYED Mail flow policy for the public interface, I've activated the DKIM signing.
I've also defined two profiles for DK and DKIM with the same key. DNS records are ok, test is ok. For those profiles, I've defined a sender user firstname.lastname@example.org.
So when I telnet to the private interface and forge a test mail to check with myiptest website :
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...