Greetings, Kyle. On 20 декабря 2006 г., 23:25:36 you wrote:
Normally you will generate keys like this: # cd ~ # dknewkey myserverkey 1024 myserverkey._domainkey IN TXT "k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDtXq1/gjQ4iXnytD7bff5P1BWqkAQN0qjwgDn9rYWyywEze97jPnIX3dWYRxRU8vxTbwWoFnWF8+oJQz4NILfZ5QD/EeopTIjRtNAXNCCN2FtmnIiSbxzF7SpPpROEQ37kZaUcgYGsiL97///cJ1YQTCAQ8xnNKNtTyqDj++3E8QIDAQAB" # ls mys* myserverkey # chmod 0600 myserverkey That's it. Copy to somewhere the output from dknewkey - that is your public key. Head on to your domains' zone file and edit it inserting the line you're copied somewhere. Don't forget to increment zone serial in SOA record, then check the zone file for spelling errors using named-checkzone (I assume that you're using Bind), and reload named using "service named reload". Check if all is ok using: # host -a myserverkey._domainkey.your.domain.com To be totally DK-Draft-02 complaint you will also have to add _domainkey TXT record for your domain specifying your domain DK policy. Read more about it in the draft itself, I'm to lazy to write about it here :-). The file myserverkey contains the private key. Copy it to the /var/qmail/control/domainkeys/your.domain.com/ folder, head on to /etc/tcprules.d and edit tcp.smtp so your DKSIGN will look like this: DKSIGN="/var/qmail/control/domainkeys/%/myserverkey". Do # qmailctl cdb and you should be done. -- Best regards, Alexey Loukianov mailto:[EMAIL PROTECTED] System Engineer, IT Department, Lavtech Corp --------------------------------------------------------------------- QmailToaster hosted by: VR Hosted <http://www.vr.org> --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
