Erik,
You wrote:
127.:allow,RELAYCLIENT="",DKSIGN="/var/qmail/control/domainkeys/%/private"
:allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="50",CHKUSER_WRONG
RCPTLIMIT="10",DKVERIFY="BDEGIJKfh",QMAILQUEUE="/var/qmail/bin/simscan",DKQU
EUE="/var/qmail/bin/qmail-queue.orig",DKSIGN="/var/qmail/control/domainkeys/
%/private"
Since 127. already is in the group allow, there is no real reason to add the
DKSIGN environment to the ip address alone, since it's already in the allow
group. A proper enviroemnt, without setting the environment again, should
look like
127.:allow,RELAYCLIENT=""
:allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="50",CHKUSER_WRONG
RCPTLIMIT="10",DKVERIFY="BDEGIJKfh",QMAILQUEUE="/var/qmail/bin/simscan",DKQU
EUE="/var/qmail/bin/qmail-queue.orig",DKSIGN="/var/qmail/control/domainkeys/
%/private"
-----Original Message-----
From: Erik Espinoza [mailto:[EMAIL PROTECTED]
Sent: den 22 maj 2006 19:16
To: [email protected]
Subject: Re: [qmailtoaster] Re: domainkeys signing failing?
Not sure I understand what you're asking.
On 5/22/06, Mattias Segerdahl <[EMAIL PROTECTED]> wrote:
> Erik,
>
> Why would you put up the domain key signing for both the ip address and
once
> again in the allow group? This should only be needed once.
>
> // Mattias
>
> -----Original Message-----
> From: John Q. Fernandez [mailto:[EMAIL PROTECTED]
> Sent: den 22 maj 2006 14:32
> To: [email protected]
> Subject: Re: [qmailtoaster] Re: domainkeys signing failing?
>
> I had it setup like this:
> 127.:allow,RELAYCLIENT=""
>
:allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="50",CHKUSER_WRONG
>
RCPTLIMIT="10",DKVERIFY="BDEGIJKfh",QMAILQUEUE="/var/qmail/bin/simscan",DKQU
>
EUE="/var/qmail/bin/qmail-queue.orig",DKSIGN="/var/qmail/control/domainkeys/
> %/private"
>
> Then I tried the way you said it should look like
> 127.:allow,RELAYCLIENT="",DKSIGN="/var/qmail/control/domainkeys/%/private"
>
:allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="50",CHKUSER_WRONG
>
RCPTLIMIT="10",DKVERIFY="BDEGIJKfh",QMAILQUEUE="/var/qmail/bin/simscan",DKQU
>
EUE="/var/qmail/bin/qmail-queue.orig",DKSIGN="/var/qmail/control/domainkeys/
> %/private"
>
> I am still getting:
> DomainKey-Status: bad
> .
> .
> DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=private; d=domain.com;
>
>
b=KXnemYAno0ThL4LaL7sTRY+4U1dlzwTefvLyz0AFjklEY8yEfSO+Qp6zrUqtMPpWla2F76LNpp
> EW7+etv2E1FhnkOowygaN6YZosad9E+QQcp6dNLfQRQHkzLMFstsz8
> ;
>
> Any help on resolution would be great.
>
> Thanks,
> John
>
> > Looks like your key is set up correctly in DNS. Perhaps your tcp.smtp
> > is misconfigured. Without these two lines, you will not be signing at
> > all.
> >
> > The default should look as follows (2 lines):
> >
127.:allow,RELAYCLIENT="",DKSIGN="/var/qmail/control/domainkeys/%/private"
> >
>
:allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="50",CHKUSER_WRONG
>
RCPTLIMIT="10",DKVERIFY="BDEGIJKfh",QMAILQUEUE="/var/qmail/bin/simscan",DKQU
>
EUE="/var/qmail/bin/qmail-queue.orig",DKSIGN="/var/qmail/control/domainkeys/
> %/private"
> >
> > Thanks,
> > Erik
> >
> > On 5/21/06, John Fernandez <[EMAIL PROTECTED]> wrote:
> >> $ host -t txt private._domainkey.domain.com
> >> private._domainkey.domain.com text "k=rsa\;
> >>
>
p=MEwwDQYJKoZIhvcNxdrvfeAIxAPL//Tp0mGa06ZYwnJWEfds4tgEFvvdV5/f2zEyrb5ohF#5fs
> dfsdfdh53fzGHXV+/087gKKwIDAQAB"
> >>
> >>
> >> Erik Espinoza wrote:
> >> > Oops. I pulled the wrong record. Type 'host -t txt
> >> > private._domainkey.domain.com'
> >> >
> >> > Thanks,
> >> > Erik
> >> >
> >> > On 5/21/06, John Fernandez <[EMAIL PROTECTED]> wrote:
> >> >> Maybe I didn't add it right but here is what I added.
> >> >>
> >> >> I added a TXT record using godaddy wizard
> >> >>
> >> >> TXT name is: private._domainkey.domain.com
> >> >> TXT value is: k=rsa;
> >> >> p=XXXxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.........
> >> >>
> >> >> I wasn't really sure what to put on the name. In my SPF I only had @
> >> in
> >> >> the TXT name. Should I be putting @ also for domainkeys?
> >> >>
> >> >> Here is the output you are asking for.
> >> >> $ host -t txt domain.com
> >> >> domain.com text "v=spf1 a mx:domain.com ip4:xxx.xxx.xxx.xxx/24 -all"
> >> >>
> >> >> Thanks,
> >> >>
> >> >> John.
> >> >>
> >> >>
> >> >> Erik Espinoza wrote:
> >> >> > What type of record did you add in GoDaddy? Did you make sure it
> >> was a
> >> >> > txt record? What shows up when you type host -t txt domain.com at
> >> the
> >> >> > command line?
> >> >> >
> >> >> > On 5/20/06, John Fernandez <[EMAIL PROTECTED]> wrote:
> >> >> >> I am getting the below results when sending to both yahoo
> >> and
> >> >> >> gmail.
> >> >> >>
> >> >> >> yahoo
> >> >> >> Authentication-Results: mta183.mail.re4.yahoo.com
> >> >> from=domain.com;
> >> >> >> domainkeys=fail (bad sig)
> >> >> >> .
> >> >> >> .
> >> >> >> DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=private;
> >> >> >> d=domain.com;
> >> >> >> b=Dxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
;
> >> >> >>
> >> >> >> gmail
> >> >> >> DomainKey-Status: bad
> >> >> >> .
> >> >> >> .
> >> >> >> DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=private;
> >> >> >> d=domain.com;
> >> >> >> b=Zxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx ;
> >> >> >>
> >> >> >> here is my tcp.smtp
> >> >> >> 127.:allow,RELAYCLIENT=""
> >> >> >>
> >> >>
>
:allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="50",CHKUSER_WRONG
>
RCPTLIMIT="10",DKVERIFY="DEGIJKfh",QMAILQUEUE="/var/qmail/bin/simscan",DKQUE
>
UE="/var/qmail/bin/qmail-queue.orig",DKSIGN="/var/qmail/control/domainkeys/d
> omain.com/private"
> >> >>
> >> >> >>
> >> >> >>
> >> >> >> Here is what I have in my dns. (i have godaddy and im guessing
> >> >> they are
> >> >> >> using bind).
> >> >> >>
> >> >> >>
> >> >> >>
> >> >> >> private._domainkey.domain.com
> >> >> >> k=rsa;
> >> >> >>
> >> >>
>
p=Mxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> xx
> >> >>
> >> >> >>
> >> >> >> 3600
> >> >> >>
> >> >> >>
> >> >>
---------------------------------------------------------------------
> >> >> >> QmailToaster hosted by: VR Hosted
> >> >> >>
> >> >>
---------------------------------------------------------------------
> >> To
> >> >> >> unsubscribe, e-mail:
> >> >> [EMAIL PROTECTED] For
> >> >> >> additional commands, e-mail:
> >> [EMAIL PROTECTED]
> >> >> >
> >> >> >
> ---------------------------------------------------------------------
> >> >> > QmailToaster hosted by: VR Hosted <http://www.vr.org>
> >> >> >
> ---------------------------------------------------------------------
> >> >> > To unsubscribe, e-mail:
> >> [EMAIL PROTECTED]
> >> >> > For additional commands, e-mail:
> >> >> [EMAIL PROTECTED]
> >> >> >
> >> >>
> >> >>
> >> >>
---------------------------------------------------------------------
> >> >> QmailToaster hosted by: VR Hosted <http://www.vr.org>
> >> >>
---------------------------------------------------------------------
> >> >> To unsubscribe, e-mail:
> >> [EMAIL PROTECTED]
> >> >> For additional commands, e-mail:
> >> [EMAIL PROTECTED]
> >> >>
> >> >>
> >> >
> >> > ---------------------------------------------------------------------
> >> > QmailToaster hosted by: VR Hosted <http://www.vr.org>
> >> > ---------------------------------------------------------------------
> >> > To unsubscribe, e-mail:
[EMAIL PROTECTED]
> >> > For additional commands, e-mail:
> >> [EMAIL PROTECTED]
> >> >
> >>
> >>
> >> ---------------------------------------------------------------------
> >> QmailToaster hosted by: VR Hosted <http://www.vr.org>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: [EMAIL PROTECTED]
> >> For additional commands, e-mail:
[EMAIL PROTECTED]
> >>
> >>
> >
> > ---------------------------------------------------------------------
> > QmailToaster hosted by: VR Hosted <http://www.vr.org>
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> >
> >
>
>
>
> ---------------------------------------------
> .how soon not now becomes never. _martin luther
>
>
> ---------------------------------------------------------------------
> QmailToaster hosted by: VR Hosted <http://www.vr.org>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
>
>
> ---------------------------------------------------------------------
> QmailToaster hosted by: VR Hosted <http://www.vr.org>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
---------------------------------------------------------------------
QmailToaster hosted by: VR Hosted <http://www.vr.org>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
QmailToaster hosted by: VR Hosted <http://www.vr.org>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
