为什么 smtplib.SMTP().sendmail 不发送 DKIM 签名的消息 [英] Why is smtplib.SMTP().sendmail not sending a DKIM signed message

问题描述

我已经在服务器上设置了 postfix，以及 openDKIM.

I have set up postfix on a server, along with openDKIM.

当我跑步时:

echo "Testing setup" | mail -s "Postfix test" {my_email_address}

我收到了电子邮件，在邮件标题中有一个 DKIM-Signature 标题.

I get the email, and in the mail headers there is a DKIM-Signature header.

然而，当我使用 smtplib 编写一个 python 脚本来发送电子邮件时:

When, however I write a python script to send an email, using smtplib:

import smtplib
from email.mime.text import MIMEText
from email.mime.multipart import MIMEMultipart
from email.utils import make_msgid

msg = MIMEMultipart('alternative')
part1 = MIMEText('Hello, world', 'plain')
msg.attach(part1)
msg['From'] = 'alert@{my_domain}'
msg['To'] = '{my_email_address}'
msg['Subject'] = 'Test Email'
msg['Message-ID'] = make_msgid()

mailer = smtplib.SMTP('localhost')
mailer.sendmail('alert@{my_domain}', '{my_email_address}', msg.as_string())
mailer.quit()

到达我的收件箱的电子邮件缺少 DKIM-Signature 标头，并且在 Authentication-Results 中我看到 dkim=none(未找到签名);

The email that arrives in my inbox is missing the DKIM-Signature header, and in the Authentication-Results I see dkim=none (no signatures found);

所以我的问题是:我是否需要手动签署我的电子邮件(例如使用 dkimpy)，或者是否可以启用一些设置来为我签名?

So my question is: Do I need to sign my email manually (eg. with dkimpy), or is there some setting I can enable to have it signed for me?

如果有任何您想要/需要的额外信息，请告诉我.

Let me know if there is any extra information you want/need.

推荐答案

很难确定，因为您没有包含任何配置或日志信息.但是OpenDKIM的资料是这样说的:

It's hard to say for sure since you haven't included any configuration or log information. But the OpenDKIM information has this to say:

消息将被验证，除非它符合签名标准，它们是: (1) From: 地址(如果存在)上的域必须是由 −d 命令行开关或 Domain 配置文件列出设置，以及 (2) (a) 连接到 MTA 的客户端必须具有已通过身份验证，或 (b) 必须列出连接到 MTA 的客户端在 InternalHosts 配置文件设置引用的文件中(或在该选项的默认列表中)，或 (c) 客户端必须是连接到由 MTA 配置文件命名的守护进程端口设置，或 (d) MTA 必须设置一个或多个与由 MacroList 配置文件设置设置的标准.

A message will be verified unless it conforms to the signing criteria, which are: (1) the domain on the From: address (if present) must be listed by the −d command line switch or the Domain configuration file setting, and (2) (a) the client connecting to the MTA must have authenticated, or (b) the client connecting to the MTA must be listed in the file referenced by the InternalHosts configuration file setting (or be in the default list for that option), or (c) the client must be connected to a daemon port named by the MTAs configuration file setting, or (d) the MTA must have set one or more macros matching the criteria set by the MacroList configuration file setting.

在您的 SMTP 代码中，您显然没有通过 MTA 的身份验证.那么问题来了，您的配置是否允许 OpenDKIM 以任何其他方式注意到您的愿望，例如在 InternalHosts 中使用 localhost?(我认为这是默认设置，但也许您已经覆盖了它.)

In your SMTP code, you have clearly not authenticated to the MTA. So then the question becomes, does your configuration allow OpenDKIM to notice your desire in any of the other ways, such as having localhost in InternalHosts? (I think that is the default, but maybe you've overridden it.)

这篇关于为什么 smtplib.SMTP().sendmail 不发送 DKIM 签名的消息的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！