[CentOS] DKIM Pass - Fail - Solved !!!

Wed May 2 16:16:46 UTC 2012
Prabhpal S. Mavi <prabhpal at digital-infotech.net>

>> But when i restarted the server, dovecot failed to start on boot (it is
>> virtual machine). with this error.
>>
>> dovecot: dovecot: Fatal: Time just moved backwards by 537 seconds. This
>> might cause a lot of problems, so I'll just kill myself now.
>>
>> immediately then, i tried to send one email from command line, here are
>> the results. WORKED !!
>>
>> mta1001.mail.gq1.yahoo.com from=example.net; domainkeys=neutral (no
>> sig);
>> from=digital-infotech.net; dkim=pass (ok)
>>
>> i am sure i can deal with dovecot problem.
>>
>>
> When you use ntpdate and move the time by a large amount I found some
> programs did not like that, dovecot being one of them. All you have to
> do is start/restart it and it will be fine. Best make sure nothing else
> failed in your logs or just reboot after such a large time fix.

Dear BOB. H

Thank you very much for your response. i found some work around. Here it
is, might help someone.

if i do not enable "ntpd / ntpdate" to set the time correctly. Yahoo
Reports dkim check error = future_time_stemps. dkim=fail

But if i enable "ntpdate & ntpd" then dovecot fails with time shifted
backwards errors. dovecot kills it self

Objective: dkim must pass and dovecot must not stop

Solution:

Disable these daemons --> ntpd and ntpdate


1. Configure ESXi Server to receive the time from following servers

0.CC.pool.ntp.org
1.CC.pool.ntp.org
2.CC.pool.ntp.org


2. Restart NTP service on ESX

Note: Make sure upd:123 is open on corporate firewall for ESX IP to
synchronize with above servers

Right click virtual machine, click settings then Options -> VMware Tools
select "synchronize guest time with host"

time is now set correctly & dkim=pass (ok)

Authentication-Results:	 mta1224.mail.ac4.yahoo.com
from=digital-infotech.net; domainkeys=neutral (no sig);
from=digital-infotech.net; dkim=pass (ok)


Prabh S. Mavi