Hello,
I've got a problem with my DKIM on associated domains. When people receive mail from us, for parent domain no problem, i've :
dkim=pass (signature was verified)
but for associated domains dkim can't be verify, i've :
dkim=fail (signature did not verify)
i've the same key on all my parent and associated domain, In Domain "DKIM signing for outgoing email" is enable, an in session "Enable DKIM signing for outgoing messages" is also enable.
Could you tell me what is wrong in my settings ?
Thanks
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello
Created on 07-09-2024 07:29 AM Edited on 07-09-2024 07:34 AM
Hello
I'v read this on internet, is that true ? no dkim for associated domains ?
https://www.fortinetguru.com/2016/04/configuring-mail-settings/7/
Hello Mcorlou
Sorry I just released now that you are using associated domains while I thought before that you where using protected domains (I confused them). In fact I didn't used them before but instead I always configured the additional domains as protected domains, that's why I didn't have issues with DKIM for additional domains.
Regarding associated domains, I can read in admin guide that the associated domain uses the same DKIM as the parent.
FortiMail performs DKIM signing for an associated domain with its parent domain DKIM key. You must publish the DKIM public key for the associated domain in order for the receiving MTA to validate the DKIM signature.
So I understand from this (and I guess you agree) that you have to insert the same dkim public key in DNS of the protected domain and DNS of the associated domains.
Like this, on main domain:
default._domainkey.maindomain.com. 14400 IN TXT "v=DKIM1; k=rsa; p=XYZ..."
And on associated domain:
default._domainkey.associateddomain.com. 14400 IN TXT "v=DKIM1; k=rsa; p=XYZ..."
If this is what you did than please try send an e-mail to mail-tester.com from an associated domain and then the diagnostic it provides about your dkim signing. I hope it will provide further information about your issue.
You may also check if the dkim public key record is valid using this tool: https://dkimcore.org/tools/keycheck.html
Hope it helps.
Created on 07-10-2024 12:23 AM Edited on 07-10-2024 12:34 AM
Problem solved, there was an error in the DKIM key declaration on the DNS zone... some one as made a bad copy/paste.
Thank you for your time
Hola Buen dia, como se tiene que declarar la clave DKIM?
Hello
You add it as TXT record in your public DNS.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1663 | |
1077 | |
752 | |
446 | |
220 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.