Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

DKIM issue : cannot sign - no identifiable sending address

Hi,

I try to setup DKIM signing for outgoing mail on our C300D appliance with 7.1.2-020 AsyncOS but I could not get rid of that "cannot sign - no identifiable sending address" issue.

I've a public and private IP interface. I inject mail to the Private listener with RELAYED activated for my sender group 192.168.0.x. I've defined a outgoing filter which detects mails injected from the private listener to deliver them through the public interface (alt-src-host). On the RELAYED Mail flow policy for the public interface, I've activated the DKIM signing.

I've also defined two profiles for DK and DKIM with the same key. DNS records are ok, test is ok. For those profiles, I've defined a sender user xxx@foo.com.

So when I telnet to the private interface and forge a test mail to check with myiptest website :

MAIL FROM:<xxx@foo.com>

RCPT TO:<kdrexg-dktest@test.myiptest.com>

DATA

From:<xxx@foo.com>

To:<kdrexg-dktest@test.myiptest.com>

Subject:test

.

quit

The website after receiving my email indicates that there is no signature for DomainKey.
When I look at the logs on the appliance, I've got these lines :
Wed Aug 25 17:37:11 2010 Info: MID 240576203 Subject 'test'
Wed Aug 25 17:37:11 2010 Info: MID 240576203 ready 16 bytes from <xxx@foo.com>
Wed Aug 25 17:37:11 2010 Info: MID 240576203 DomainKeys: cannot sign - no identifiable sending address
Wed Aug 25 17:37:11 2010 Info: MID 240576203 DKIM: cannot sign - no identifiable sending address
Wed Aug 25 17:37:11 2010 Info: MID 240576203 matched all recipients for per-recipient policy Out Policy newsletter Genealogia in the outbound table
Wed Aug 25 17:37:11 2010 Info: MID 240576203 queued for delivery
I've payed attention to indicate the From Header in the DATA bloc with the DKIM profile user but I still got that issue.
Where am I wrong please. Thanks for your help.
Regards

1 ACCEPTED SOLUTION

Accepted Solutions
New Member

Re: DKIM issue : cannot sign - no identifiable sending address

I THink the DKIM signing is based on The "Sender" Header.

Can you please try with Sender header:

MAIL FROM:<xxx@foo.com>

RCPT TO:<kdrexg-dktest@test.myiptest.com>

DATA

From:<xxx@foo.com>

To:<kdrexg-dktest@test.myiptest.com>

sender: <xxx@foo.com>

Subject:test

this should work..

2 REPLIES
New Member

Re: DKIM issue : cannot sign - no identifiable sending address

I THink the DKIM signing is based on The "Sender" Header.

Can you please try with Sender header:

MAIL FROM:<xxx@foo.com>

RCPT TO:<kdrexg-dktest@test.myiptest.com>

DATA

From:<xxx@foo.com>

To:<kdrexg-dktest@test.myiptest.com>

sender: <xxx@foo.com>

Subject:test

this should work..

New Member

Re: DKIM issue : cannot sign - no identifiable sending address

Thanks a lot for your answer...it works !!!

Oh my god, it was only due to that tiny header .....

Nicolas

404
Views
5
Helpful
2
Replies