DKIM fail, bad RSA signature

[alex6999]

Здравствуй All.
Настроил Sendmail и opendkim, последний правда настраивается через одно место, но всё гуглится
письма уходят

как я генерировал ключи
opendkim-genkey -b 1024 -d funnysquirrel.ca -D /etc/opendkim/keys/funnysquirrel.ca -s default -v

ключам дал
chmod 640 /etc/opendkim/keys/funnysquirrel.ca/default.private
chmod 644 /etc/opendkim/keys/funnysquirrel.ca/default.txt
chown opendkim:opendkim /etc/opendkim/keys/funnysquirrel.ca/default.private
chown opendkim:opendkim /etc/opendkim/keys/funnysquirrel.ca/default.txt
ибо ругается opendkim

из содержимого default.txt сформировал DNS рекорд.

куда копать?

(Нажмите, чтобы показать/скрыть)

Received: from funnysquirrel.ca (funnysquirrel.ca [142.54.173.238])
   by relay-2.us-west-2.relay-prod (Postfix) with ESMTPS id A7C4625439
   for <RBZ1FX9m6Ct@dkimvalidator.com>; Wed, 25 Jan 2023 17:44:19 +0000 (UTC)
Received: from funnysquirrel.ca (localhost [127.0.0.1])
   by funnysquirrel.ca (8.15.2/8.15.2/Debian-14~deb10u1) with ESMTP id 30PHiIdq014750
   for <RBZ1FX9m6Ct@dkimvalidator.com>; Wed, 25 Jan 2023 11:44:18 -0600
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=funnysquirrel.ca;
   s=default; t=1674668658;
   bh=sIAi0xXPHrEtJmW97Q5q9AZTwKC+l1Iy+0m8vQIc/DY=;
   h=Date:To:From:Subject:From;
   b=MxuATJNaF2bm2aa1dOn0hZZETO2b0+bQJ+O0KMY9gYO5sH1okcyJtKfdDS5ldM/eJ
    lGf72vlOdbfBczoiUkI2nAJpJEP7okZvaNRo5njUp8RBxYaxPHsju002ye/jZ+vgu4
    FPqxA0Rj9aovy7O9QXSRaY6rbVRvYt+izCrgO4p8=
Received: (from root@localhost)
   by funnysquirrel.ca (8.15.2/8.15.2/Submit) id 30PHiDka014749
   for RBZ1FX9m6Ct@dkimvalidator.com; Wed, 25 Jan 2023 11:44:13 -0600
Date: Wed, 25 Jan 2023 11:44:13 -0600
Message-Id: <202301251744.30PHiDka014749@funnysquirrel.ca>
To: RBZ1FX9m6Ct@dkimvalidator.com
From: sales@funnysquirrel.ca
Subject: Test Send Mail

Hello World

(Нажмите, чтобы показать/скрыть)

DKIM Information:

DKIM Signature

Message contains this DKIM Signature:
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=funnysquirrel.ca;
   s=default; t=1674668658;
   bh=sIAi0xXPHrEtJmW97Q5q9AZTwKC+l1Iy+0m8vQIc/DY=;
   h=Date:To:From:Subject:From;
   b=MxuATJNaF2bm2aa1dOn0hZZETO2b0+bQJ+O0KMY9gYO5sH1okcyJtKfdDS5ldM/eJ
    lGf72vlOdbfBczoiUkI2nAJpJEP7okZvaNRo5njUp8RBxYaxPHsju002ye/jZ+vgu4
    FPqxA0Rj9aovy7O9QXSRaY6rbVRvYt+izCrgO4p8=


Signature Information:
v= Version:         1
a= Algorithm:       rsa-sha256
c= Method:          simple/simple
d= Domain:          funnysquirrel.ca
s= Selector:        default
q= Protocol:       
bh=                 sIAi0xXPHrEtJmW97Q5q9AZTwKC+l1Iy+0m8vQIc/DY=
h= Signed Headers:  Date:To:From:Subject:From
b= Data:            MxuATJNaF2bm2aa1dOn0hZZETO2b0+bQJ+O0KMY9gYO5sH1okcyJtKfdDS5ldM/eJ
    lGf72vlOdbfBczoiUkI2nAJpJEP7okZvaNRo5njUp8RBxYaxPHsju002ye/jZ+vgu4
    FPqxA0Rj9aovy7O9QXSRaY6rbVRvYt+izCrgO4p8=
Public Key DNS Lookup

Building DNS Query for default._domainkey.funnysquirrel.ca
Retrieved this publickey from DNS: v=DKIM1;t=s;p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDdC58Qfr01Wjvl0Lpfu+0OGm3guIgoUjd/LOVmSfeb5egf3RHpNEZ9cufecgndWK7la2mEPUFiw2ZU+3hbHj3oFnMnEUfzPcpoEAn2jLpSdY7GKdg0rvTE7gkejFKMZvDrgzPXe1rdl0UtDhKxaQbJdWIQNRJMPy/HjKZ7NMaY6wIDAQAB
Validating Signature

result = fail
Details: bad RSA signature

Попытка генерить ключи так помогло
openssl genrsa -out /etc/opendkim/keys/funnysquirrel.ca/default.private
openssl rsa -pubout -in /etc/opendkim/keys/funnysquirrel.ca/default.private -out /etc/opendkim/keys/funnysquirrel.ca/default.txt

вернее не так, один раз помогло, а последующий разы пишет

result = fail
Details: OpenSSL error: data too large for key size

зато гугл говорит DKIM:   'PASS' with domain funnysquirrel.ca Learn more

вот уж незнаю, это означает настроил или нет