Context
I've seen this in logs
key retrieval failed (s=20161025, d=gmail.com): '20161025._domainkey.gmail.com' query timed out
Searched the issues and found #1204 which has been fixed by #1205, checked nameserver in /etc/resolv.conf which is 127.0.0.11 and fine, installed dnsutils in container and executed this command:
docker-compose exec mail dig txt 20161025._domainkey.gmail.com
; <<>> DiG 9.11.5-P4-5.1-Debian <<>> txt 20161025._domainkey.gmail.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 22668
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;20161025._domainkey.gmail.com. IN TXT
;; ANSWER SECTION:
20161025._domainkey.gmail.com. 289 IN TXT "k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAviPGBk4ZB64UfSqWyAicdR7lodhytae+EYRQVtKDhM+1mXjEqRtP/pDT3sBhazkmA48n2k5NJUyMEoO8nc2r6sUA+/Dom5jRBZp6qDKJOwjJ5R/OpHamlRG+YRJQqR" "tqEgSiJWG7h7efGYWmh4URhFM9k9+rmG/CwCgwx7Et+c8OMlngaLl04/bPmfpjdEyLWyNimk761CX6KymzYiRDNz1MOJOJ7OzFaS4PFbVLn0m5mf0HVNtBpPwWuCNvaFVflUYxEyblbB6h/oWOPGbzoSgtRA47SHV53SwZjIsVpbq4LxUW9IxAEwYzGcSgZ4n5Q8X8TndowsDUzoccPFGhdwIDAQAB"
;; Query time: 4003 msec
;; SERVER: 127.0.0.11#53(127.0.0.11)
;; WHEN: Mon May 18 08:45:35 UTC 2020
;; MSG SIZE rcvd: 473
This shows me that dns is ok and google is OK too:)
Why can't OpenDKIM retrieve key yet?
What is affected by this bug?
Check DKIM on receiving mails.
When does this occur?
Sometimes. I have both this in my logs showing sometimes it fails:
Fail:
mail | May 18 07:16:46 mail opendkim[214]: 509E1380DC00: mail-pj1-f46.google.com [209.85.216.46] not internal
mail | May 18 07:16:46 mail opendkim[214]: 509E1380DC00: not authenticated
mail | May 18 07:16:51 mail opendkim[214]: 509E1380DC00: key retrieval failed (s=20161025, d=gmail.com): '20161025._domainkey.gmail.com' query timed out
Success:
mail | May 18 08:36:51 mail opendkim[214]: 53C3A380DC00: [172.21.0.1] [172.21.0.1] not internal
mail | May 18 08:36:51 mail opendkim[214]: 53C3A380DC00: not authenticated
mail | May 18 08:36:55 mail opendkim[214]: 53C3A380DC00: DKIM verification successful
mail | May 18 08:36:55 mail opendkim[214]: 53C3A380DC00: s=20161025 d=gmail.com SSL
Also:
Fail:
mail | May 18 08:47:14 mail opendkim[214]: AF47A380DC05: o2.email.medium.com [167.89.47.62] not internal
mail | May 18 08:47:14 mail opendkim[214]: AF47A380DC05: not authenticated
mail | May 18 08:47:19 mail opendkim[214]: AF47A380DC05: key retrieval failed (s=m1, d=medium.com): 'm1._domainkey.medium.com' query timed out
Success:
mail | May 18 08:40:37 mail opendkim[214]: 55CDD380DC00: o10.email.medium.com [149.72.133.59] not internal
mail | May 18 08:40:37 mail opendkim[214]: 55CDD380DC00: not authenticated
mail | May 18 08:40:41 mail opendkim[214]: 55CDD380DC00: DKIM verification successful
mail | May 18 08:40:41 mail opendkim[214]: 55CDD380DC00: s=m1 d=medium.com SSL
Your Environment
- Amount of RAM available: 2GB
- Mailserver version used: v7.0.0 until this commit f19fb9a
- Docker version used: Docker version 19.03.8, build afacb8b
- Environment settings relevant to the config: Please tell me if there is something specific required to check this issue
It's a vm installed on a Proxmox hypervisor in hetzner datacenters and I'm using hetzner DNSs which they have not been with any issue since a long time I'm using, also I've checked https://www.hetzner-status.de/en.html and there isn't any problem related to this DNS servers.
Context
I've seen this in logs
key retrieval failed (s=20161025, d=gmail.com): '20161025._domainkey.gmail.com' query timed outSearched the issues and found #1204 which has been fixed by #1205, checked
nameserverin/etc/resolv.confwhich is127.0.0.11and fine, installed dnsutils in container and executed this command:This shows me that dns is ok and google is OK too:)
Why can't OpenDKIM retrieve key yet?
What is affected by this bug?
Check DKIM on receiving mails.
When does this occur?
Sometimes. I have both this in my logs showing sometimes it fails:
Fail:
Success:
Also:
Fail:
Success:
Your Environment
It's a vm installed on a Proxmox hypervisor in hetzner datacenters and I'm using hetzner DNSs which they have not been with any issue since a long time I'm using, also I've checked https://www.hetzner-status.de/en.html and there isn't any problem related to this DNS servers.