I am running a Postfix mail server for my client. Mail is relayed through Mandrill. Mandrill requires a valid DKIM signature.
This works all right for relayed mail. That is, mail sent through Roundcube (on the same host) works fine. Mail sent from Icedove (from client's machines) works fine.
But mail sent from the local host is rejected by Mandrill. Reason: "not signed". Sending from local host means here using the mail command, or Postfix itself. The latter is dramatic, mail sent by MAILER-DAEMON is also rejected.
What I know is that the sender's email address is reflecting correctly the domain. Using the wrong domain name also has Mandrill rejecting the mail for the same reason.
So for relayed mail, my sender address is jlinkels@abc.nl. For locally sent mail my address is also jlinkels@abc.nl.
What I understand is that Postfix does not have to DKIM sign the mail which is relayed through Mandrill. Mandrill itself is fetching the DKIM from my DNS server.
Nevertheless, DKIM is set up properly in Postfix. When I send directly (not using Mandrill as relay host) my DKIM is valid. Disabling DKIM completely in Postfix does not make a difference for Mandrill.
I am not running DNS on this host, it is an external DNS. The domain is administered using Virtualmin.
I don't know where to start to look, so I did not include any configuration details yet. If you indicate which information is relevant, I'll post it.
