nixCraft

I am using sendmail as my MTA and dkim-filter to sign my mails with DKIM, I already able to sign the messages, that means that at least dkim-filter seems to be working but the problem is that when I run the test (sending mails to test emails) I keep getting errors.
What I did:
(My mail server ethic.sempresariales.com)

1. Create my keys private/publilc, rename them and move it to the appropiate directory
openssl genrsa -out rsa.private 1024
openssl rsa -in rsa.private -out rsa.public -pubout -outform PEM
mv rsa.private mails.key.pem
mv mails.key.pem /var/db/dkim
(selector name "mails")

2. Add public key to a TXT record in the DNS
mails._domainkey IN TXT
"v=DKIM1; g=*; k=rsa; t=y; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCGIRExnR3 vbXjaOGnIpsYO+IeSP/WGmdAuplJsiNC/NbOHOh+06mKFuSUP0ZYCRUuJjLwtqD36trhFajHxeVDIDDyfHF MsQmkGfOqEXE3Owm4SomIt2la8K+/v06zRidecNIAkEffERqD32QxPI9iOnufRBRdvNV9dNDDcKvltQ IDAQAB"

3.
dkim-filter -s s -k /var/db/dkim/s.key.pem -p inet:8892@localhost -d sempresariales.com -D

I added the -D option becausse I noticed that if I didn't the message weren't signed because the FQDN of the mail server is ethic.sempresariales.com once I did it the messages were signed.

4.
Add this line to the sendmail.mc and do "make"
INPUT_MAIL_FILTER(`dkim-filter', `S=inet:8892@localhost')

5. Restar sendmail
service sendmail restart

6. Finally send an email to see if my mails were being signed, and it actually did but my happiness didn't last because once I did the test to sa-test@sendmail.net and check-auth@verifier.port25.com I got a failed test. Here is an example of what I got from port25.com

-------------------------------------------------------------------------
DKIM check details:
----------------------------------------------------------
Result: fail (signature doesn't verify)
ID(s) verified:
Canonicalized Headers:
Date:'20'Thu,'20'14'20'May'20'2009'20'17:24:46'20'-0500'0D''0A'
From:'20'Alfredo'20'Osorio'20'<ethic@sempresariale s.com>'0D''0A'
Message-Id:'20'<200905142224.n4EMOkR9006100@ethic.sempresa riales.com>'0D''0A'
To:'20'check-auth@verifier.port25.com'0D''0A'
Subject:'20'sd'0D''0A'
DKIM-Signature:'20'v=1;'20'a=rsa-sha256;'20'c=simple/simple;'20'd=sempresariales.com;'0D''0A'
'09's=mails;'20't=1242339887;'20'i=@sempresariales .com;'0D''0A'
'09'bh=GFCzb5dKQEn9tG2PMLRwQeSoJQ5tLnk22PLwiDUXtSg '0D''0A'
'09'h=Date:From:Message-Id:To:Subject;'0D''0A'
'09'b=

Canonicalized Body:
sd'0D''0A'


DNS record(s):
mails._domainkey.sempresariales.com. 3600 IN TXT "v=DKIM1; g=*; k=rsa; t=y; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCGIRExnR3 vbXjaOGnIpsYO+IeSP/WGmdAuplJsiNC/NbOHOh+06mKFuSUP0ZYCRUuJjLwtqD36trhFajHxeVDIDDyfHF MsQmkGfOqEXE3Owm4SomIt2la8K+/v06zRidecNIAkEffERqD32QxPI9iOnufRBRdvNV9dNDDcKvltQ IDAQAB"

NOTE: DKIM checking has been performed based on the latest DKIM specs (RFC 4871 or draft-ietf-dkim-base-10) and verification may fail for older versions. If you are using Port25's PowerMTA, you need to use version 3.2r11 or later to get a compatible version of DKIM.
-------------------------------------------------------------------------
As you can see it says "fail (signature doesn't verify)", and I've been checking that my public key in the DNS is not misspelled or anything (spaces, etc) and actually it appears to be fine.

mails._domainkey.sempresariales.com text = "v=DKIM1\; g=*\; k=rsa\; t=y\; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCGIRExnR3 vbXjaOGnIpsYO+IeSP/WGmdAuplJsiNC/NbOHOh+06mKFuSUP0ZYCRUuJjLwtqD36trhFajHxeVDIDDyfHF MsQmkGfOqEXE3Owm4SomIt2la8K+/v06zRidecNIAkEffERqD32QxPI9iOnufRBRdvNV9dNDDcKvltQ IDAQAB"

I don't know what else to do, so please help me out,

Thank You in advance

Alfredo