Databases
StackOverflow2013
Postsdbo
POphpMailer DKIM Sign for Amazon SES
 

Note that there are some explanatory texts on larger screens.

plurals
  1. POphpMailer DKIM Sign for Amazon SES
    primarykey
    data
    text
    <p>I run a virtual machine under AWS EC2, it is a Turnkey Linux, which AFAIK is based on Ubuntu / Debian.</p> <p>I have a website wich runs on Wordpress and it has a Newsletter subscriber base of about 10.000 people, so i want to use Amazon SES to send e-mails, cheap and good deliverability rate.</p> <p>Problem is i have to DKIM Sign e-mails by myself... so i am using a Wordpress plugin which is based on phpMailer.</p> <p>Plugin sends the e-mail correctly, my SPF records are fine, Amazon SES works perfectly, only problem is the DKIM SIGN - e-mails are not being correctly signed.</p> <p>I am stuck @ a point where the plugin tries to do a <strong>openssl_pkey_get_private</strong> - it should return something but it returns nothing. It also throws an error on openssl_error_string() object, as shown below:</p> <pre><code>error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt </code></pre> <p>This error does not stop the script, i had to dig to find it.</p> <p>Well, the script then goes on, as it tries to openssl_sign with a empty privKey.</p> <p>The result is a email wich does not validate DKIM. Below is a header DKIM bit from my Gmail inbox:</p> <pre><code>DKIM-Signature: v=1; a=rsa-sha1; q=dns/txt; l=233; s=ses; t=1336494976; c=relaxed/simple; h=From:To:Subject; d=joaodedeus.com.br; z=From:=20=3D?UTF-8?Q?Casa_Dom_In=3DC3=3DA1cio_de_Loyola?=3D=20&lt;novidades@joaodedeus.com.br&gt; |To:=20ddutra@cristalinacomunicacao.com.br |Subject:=20Test=20message=20from=20your=20WordPress=20blog; bh=Z+aAYGyi+5Sk1vIJcjjdy28rCuQ=; b= </code></pre> <p>Here is what <a href="http://www.brandonchecketts.com/emailtest.php" rel="nofollow">http://www.brandonchecketts.com/emailtest.php</a> says about this e-mail's DKIM Sign:</p> <pre><code>result = fail Details: OpenSSL error: data too small for key size Message contains this DKIM Signature: DKIM-Signature: v=1; a=rsa-sha1; q=dns/txt; l=270; s=ses; t=1336494983; c=relaxed/simple; h=From:To:Subject; d=joaodedeus.com.br; z=From:=20=3D?UTF-8?Q?Casa_Dom_In=3DC3=3DA1cio_de_Loyola?=3D=20 |To:=20fb7oNYUCwX@www.brandonchecketts.com |Subject:=20Test=20message=20from=20your=20WordPress=20blog; bh=LVAqBtz26jyffwhHPhhXdLQOLhA=; b= Signature Information: v= Version: 1 a= Algorithm: rsa-sha1 c= Method: relaxed/simple d= Domain: joaodedeus.com.br s= Selector: ses q= Protocol: dns/txt bh= LVAqBtz26jyffwhHPhhXdLQOLhA= h= Signed Headers: From:To:Subject b= Data: **Public Key DNS Lookup** Building DNS Query for ses._domainkey.joaodedeus.com.br Retrieved this publickey from DNS: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDYCkhM+6KDL5ndu4uhaP+jBp1BYBVN8Z8/BnXJ7JFc/HXcqW9Emt1vgmlcVqzBcHLFLk6GRRMbm4RIgOV1TCkr41ZTB8UYCjmUB6qqSY88hCdVIBQmTHgxq2DWhzlWiiOlqzeIQuMiMc0lgEaO8Zq3+d5gntPZXoxmTPQH32zA7wIDAQAB </code></pre> <p>Here is what the phpmailer DKIM_Sign function tries to do:</p> <pre><code> public function DKIM_Sign($s) { $privKeyStr = file_get_contents($this-&gt;DKIM_private); if ($this-&gt;DKIM_passphrase!='') { $privKey = openssl_pkey_get_private($privKeyStr,$this-&gt;DKIM_passphrase); } else { $privKey = $privKeyStr; } $privKey = $privKeyStr; if (openssl_sign($s, $signature, $privKey)) { return base64_encode($signature); } } </code></pre> <p>Problem is openssl_pkey_get_private returns nothing. Then the openssl_sign function tries to sign with a <strong>EMPTY</strong> $privKey.</p> <p>$privKeyStr reads the key correctly (file_get_contents), if i echo it, its the same content as the key.</p> <p>$this->DKIM_passphrase is also correct, <strong>j0@0d3deus5</strong>.</p> <p>Here is how i generated the keys, following the Wordpress Amazon SES DKIM Mailer plugin's instruction:</p> <pre><code>openssl genrsa -des3 -passout pass:change-me -out .htkeyprivate 1024 &amp;&amp; openssl rsa -in .htkeyprivate -passin pass:change-me -pubout -out .htkeypublic </code></pre> <p>Of course i changed pass:change-me to the correct passphrase, <strong>j0@0d3deus5</strong>.</p> <p>I cannot do without DKIM. Seems like hotmail relies heavily on it.</p> <p>Here is a exemple from my hotmail account -> note that it goes directly to Junk Folder due to DKIM ERROR.</p> <pre><code>x-store-info:4r51+eLowCe79NzwdU2kRyU+pBy2R9QCQ1WNUtV+VDcgEpN5KOTd9UyMPxTZoGJzS/h26zeEkCEVmH2zMg90yYxKot4DO0sKOsk98MBHLTNpOuzjxN5a42AR5Kz/5hEhx7XveDgnXqY= Authentication-Results: hotmail.com; sender-id=pass (sender IP is 199.255.192.147) header.from=novidades@joaodedeus.com.br; dkim=permerror header.d=joaodedeus.com.br; x-hmca=pass X-SID-PRA: novidades@joaodedeus.com.br X-DKIM-Result: PermError X-Message-Status: n:0:n X-SID-Result: Pass X-AUTH-Result: PASS X-Message-Delivery: Vj0xLjE7dXM9MDtsPTA7YT0wO0Q9MjtHRD0yO1NDTD00 X-Message-Info: 11chDOWqoTkwLXPc6a+BBmU8PZ8Fa4uSQFuX56QoKCDSXsl9i7U4MyfUnfj2m3DtVW2PyTXMqyT/fwR9UtNuG4HNxTPmpoMwQBL+DemPeAzSpRs8zDKsN3uVpfPKiw+g1EW50e42Qd0= Received: from a192-147.smtp-out.amazonses.com ([199.255.192.147]) by BAY0-MC4-F33.Bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4900); Tue, 8 May 2012 10:26:29 -0700 X-PHPMAILER-DKIM: phpmailer.anatta.com DKIM-Signature: v=1; a=rsa-sha1; q=dns/txt; l=233; s=ses; t=1336497986; c=relaxed/simple; h=From:To:Subject; d=joaodedeus.com.br; z=From:=20=3D?UTF-8?Q?Casa_Dom_In=3DC3=3DA1cio_de_Loyola?=3D=20&lt;novidades@joaodedeus.com.br&gt; |To:=20dmnq_sl@hotmail.com |Subject:=20Test=20message=20from=20your=20WordPress=20blog; bh=X6QtcRzw7+F7llznB77GikLQnko=; b= </code></pre> <p>Any help is welcome.</p> <p>Best regards and sorry for my english.</p>
    singulars
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. PTQuestion
    1. USddutra
    1. USddutra
    plurals
    1. PL
      singulars
      1. LTLinked
    1. This table or related slice is empty.
    1. This table or related slice is empty.
    1. PO
      singulars
      1. PTAnswer
    2. PO
      singulars
      1. PTAnswer
    1. VO
      singulars
      1. POphpMailer DKIM Sign for Amazon SES
      1. This table or related slice is empty.
      1. VTDownMod
    2. VO
      singulars
      1. POphpMailer DKIM Sign for Amazon SES
      1. This table or related slice is empty.
      1. VTDownMod
    3. VO
      singulars
      1. POphpMailer DKIM Sign for Amazon SES
      1. This table or related slice is empty.
      1. VTUpMod
    1. COis there a question here?
      singulars
      1. POphpMailer DKIM Sign for Amazon SES
      1. USTheOx
    2. COSorry TheOx, i messed up when i was writing the question.
      singulars
      1. POphpMailer DKIM Sign for Amazon SES
      1. USddutra
 

Querying!

 
Guidance
A row detail

Detail views are divided into sections. All the information in the data section comes from columns in the selected row. The other sections display data from other, related rows.

Related data can be related in a to-one or a to-many fashion. Captions of data related in a to-many fashion link to a list view showing a filtered view of the table.

Try moving around until you find a non-empty to-many entry and click on the label to get to one. You can move back to the root by clicking on the database name in the header.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload