Django reset password email signed using DomainKey with Amazon SES

Question

The application I am trying to experiment allows users to reset their password using djangos inbuilt PasswordResetForm , currently I am overriding it to be able to send HTML emails using EmailMultiAlternatives.

How it currently looks and works fine.

c ={'name':'Shabeer'}
subject = 'Test Amazon SES'
txt_content = loader.render_to_string('registration/password_reset_email.txt', c)
html_content = loader.render_to_string(email_template_name, c)

msg = EmailMultiAlternatives(subject, txt_content, from_email, [user.email]);            
msg.attach_alternative(html_content, 'text/html')
msg.send()

So now I started with the help of this Getting started example by hmarr,here is the code I added to my settings.py

EMAIL_BACKEND = 'django_ses.SESBackend'

DEFAULT_FROM_EMAIL = 'shabeer@sheffa.com'

AWS_ACCESS_KEY_ID = 'MyAcCeSsKeYiD'
AWS_SECRET_ACCESS_KEY = 'MySeCrEtAcCeSsKeY'
AWS_SES_REGION_NAME = 'us-east-1'
AWS_SES_REGION_ENDPOINT = 'email.us-east-1.amazonaws.com'
AWS_SES_RETURN_PATH = 'shabeer@sheffa.com'

And the emails get successfully sent to users via amazon SES.

So now here is my problem.

I am trying to avoid seeing "via" followed by a domain name next to the sender's name.

To achieve that I started to follow the next step DKIM of the guide. :

1. Added the DKIM settings for my domain that was generated by Amazon SES
2. Added the following to settings.py

DKIM_DOMAIN = 'myDomainName.com'`

2. Downloaded openssl-for windows , and followed the commands

   • openssl genrsa -out myDomainName.com.key 512
   • openssl rsa -in myDomainName.com.key -out rsa.public -pubout -outform PEM
     
     Two files got created : myDomainName.com.key and rsa.public

3. Added the DKIM_PRIVATE_KEY to settings.py

   DKIM_PRIVATE_KEY = ''' xxxxxxxxxxxxxxxxxxxxxxxxxx
   MY Long Private Key
   xxxxxxxxxxxxxxxxxxxxxxxxxx
   '''

4. Added the DNS Entry

   ses._domainkey.myDomainName.com TXT '"v=DKIM1; p=myPublicKey"'

With all the above done, I run my project and try to reset my password, and this error gets thrown :

Exception Type: KeyFormatError at /password_reset/
Exception Value: Private key not found

I trying to understand what I have missed or gone wrong, some advice/assistance on how I could solve this would be really help full.

I am a rookie at Django/Python so please bear with me.

Thanks you in advance.

UPDATE 28 Oct 2013:

I am still trying to figure out which Private Key django is looking for while I have already added DKIM_PRIVATE_KEY in my settings.py

UPDATE 29 Oct 2013:

• With the help of Paul Egan I updated my DKIM_PRIVATE_KEY in my settings.py to include PEM header looks like this now :

  DKIM_PRIVATE_KEY = '''
-----BEGIN RSA PRIVATE KEY-----
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
-----END RSA PRIVATE KEY----- '''

The emails get sent now without any errors, but the email I receive still shows via amazonses.com

Answer 1

The Private key not found error is thrown from parse_pem_private_key. This suggests that your setting doesn't include the PEM headers. Double check that it looks something like:

DKIM_PRIVATE_KEY = '''
-----BEGIN RSA PRIVATE KEY-----
xxxxxxxxxxx
-----END RSA PRIVATE KEY-----
'''

There's another option you might also want to consider. Last year AWS added support for adding the DKIM signature on their side: http://docs.aws.amazon.com/ses/latest/DeveloperGuide/easy-dkim.html. You might find this easier to configure and it has the added advantage of keeping the private key away from your source code.