On 12 February 2017 at 17:20, Tim Smith <[email protected]> wrote: > > Well surely amavis is using the same DNS servers as the server ? > Therefore a "dig" on the server indicates that my DNS lookups are > working, and therefore why I am saying amavis is not right when it > says "DNS timeout". > > If you could point me in the right direction of how to collect the > further troubleshooting data you need, I'll be happy to oblige ! > > On 12 February 2017 at 14:52, Patrick Domack <[email protected]> wrote: > > I don't see how the dig test has anything to do with amavis dns test. > > > > The amavis dns lookup could have timeout but still succeeded in your dns > > cache server, and your dig would return that result instantly. > > > > Without any more details, such as un-mung results, no more investigation can > > be done. > > > > > > > > Quoting Tim Smith <[email protected]>: > > > >> Hi, > >> > >> amavisd is adding the following header to my mails : > >> > >> Authentication-Results: my.example.com (amavisd-new); dkim=neutral > >> reason="invalid (public key: DNS query timeout for > >> their._domainkey.example.com)" header.d=example.com > >> > >> The problem is that this is a lie ! > >> > >> I have no DNS problems, and if I do : > >> > >> dig their._domainkey.example.com TXT > >> > >> dig returns fine without any substantial wait. > >> > >> What setting am I missing ? Where am I going wrong ? > >> > >> > >> Thanks !
I don't think the presence of (amavisd-new) in the Authentication Header means that the header was generated by or has anything to do with amavisd-new. The header looks to be from a dkim milter such as opendkim, which may not be correctly set up to generate the dkim header for your outgoing emails.
