Re: [qmailtoaster] dkim on qmailtoaster

Thu, 30 Jul 2020 13:10:14 -0700 

Hi,

You need to write sig file for each domain. like see my below file. and you
also need to put txt file content at your dns.

<dkimsign>
  <!-- per default sign all mails using dkim -->
  <global algorithm="rsa-sha1" domain="/var/qmail/control/me"
keyfile="/var/qmail/control/dkim/global.key" method="simple"
selector="dkim1">
    <types id="dkim" />
  </global>

<xyz.com domain="xyz.com" keyfile="/var/qmail/control/dkim/xyz.com.key"
selector="dkim1">
    <types id="dkim" />
    <types id="domainkey" method="nofws" />
  </xyz.com>

<abc.com domain="abc.com" keyfile="/var/qmail/control/dkim/abc.com.key"
selector="dkim1">
    <types id="dkim" />
    <types id="domainkey" method="nofws" />
  </abc.com>

<bbc.com domain="bbc.com" keyfile="/var/qmail/control/dkim/bbc.com.key"
selector="dkim1">
    <types id="dkim" />
    <types id="domainkey" method="nofws" />
  </bbc.com>

</dkimsign>


--
--

Best Regards
Muhammad Tahnan Al Anas


On Fri, Jul 31, 2020 at 2:00 AM Charles Amstutz <charl...@binary.net> wrote:

> Thanks, I appreciate you taking the time to write this up. As I understand
> the dkim doc (on the website)
>
> The globalkey is for all domains?  If I want to host multiple domains, I
> would need to create a key for each domain? And then put I in signconf.xml?
>
> Or do I need both?
>
> From: Eric Broch <ebr...@whitehorsetc.com>
>
> # cd /var/qmail/control/dkim
> # openssl genrsa -out ./global.key 2048 && openssl rsa -in ./global.key
> -pubout -out ./temp.txt
> # cat ./temp.txt | grep -v - | tr -d '\n' | sed '1s/^/dkim1 IN TXT "k=rsa;
> p=/' &> ./public.txt && echo "\"" >> ./public.txt && rm ./temp.txt
> On 7/30/2020 12:33 PM, Eric Broch wrote:
> You can generate a key with openssl
> https://lxadm.com/Generating_DKIM_key_with_openssl
> I'll do a write up for this. Sorry
> On 7/30/2020 12:30 PM, Charles Amstutz wrote:
> Hello,
>
> I'm trying to follow the steps on qmailtoaster's dkim steps.
>
> a. # dknewkey /var/qmail/control/dkim/global.key 1024 >
> /var/qmail/control/dkim/public.txt
> b. # perl -pi -e 's/global.key._domainkey/dkim1/'
> /var/qmail/control/dkim/public.txt
>
>
> I'm using centos 8. Everything is working fine except that I can't locate
> dknewkey and  not sure if /var/qmail/control/dkim/global.key was supposed
> to be generated beforehand. As it is not there. Is dknewkey depreciated?
> Also, is global.key supposed to be there? I saw in one mailing list archive
> from 2017 (something like libdomainkeys) to install this package that no
> longer exists.
>
> If it has been depreciated. Is there any replacement/updates.
>
> Thanks
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
>
>

Reply via email to