Hi all, The problem with the stock domainkey configuration is that it will only sign things when they enter the queue. If any application uses qmail as sendmail replacement (e.g. a locally installed squirrelmail or horde webmail can be configured to do it), then the message will not be signed. The DKIM replacement (there was a video Jake did on that) is much better - it will sign messages when they LEAVE the system and it can be configured to do DKIM and Domainkeys.
I'd really recommend replacing the stock domainkeys config by the dkim enhancement. There should also be a page on the wiki about it. Thanks, Martin -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 mar...@waschbuesch.de http://martin.waschbuesch.de Am 28.12.2010 um 18:53 schrieb Eric Shubert: > The stock qmail-dk is just plain broken. It sometimes works, but it also > fails to sign properly in some (unpredictable AFAICT) circumstances. I > recommmend using DKIM if you really need to sign messages with a key. > -- > -Eric 'shubes' > > On 12/28/2010 10:34 AM, ya...@ardmail.com wrote: >> SPF is configured and not causing any problem in both cases. >> I was contemplating the possibility that it could be some difference in >> the config line for localhost vs anything else, but i made them identical >> as well. and it doesn't help :( >> >> 127.:allow,RELAYCLIENT="",DKSIGN="/var/qmail/control/domainkeys/%/private",RBLSMTPD="",NOP0FCHECK="1" >> 192.168.1.60:allow,RELAYCLIENT="",DKSIGN="/var/qmail/control/domainkeys/%/private",RBLSMTPD="",NOP0FCHECK="1" >> :allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="50",CHKUSER_WRONGRCPTLIMIT="10",DKSIGN="/var/qmail/control/domainkeys/%/private" >> >> >> >> >>> On 12/28/2010 02:36 AM, Anil Aliyan wrote: >>>> Is your tcp.smtp configuration for localhost or mailserver and you >>>> client >>>> has the same configuration? >>> >>> This is on the right track. The 'stock' configuration for squirrelmail >>> presently uses an open relay configuration for localhost, with no >>> authentication (this will hopefully change in v2). For the sake of >>> consistency (and a little better security), I change my SM config to >>> submit via port 587 and authenticate, and remove the 127.: line from >>> tcp.smtp. See http://wiki.qmailtoaster.com/index.php/Fetchmail for such >>> SM configuration. >>> >>> I expect that this will not fix your problem, and will cause the problem >>> to exist with SM as well as Outlook. There's something to be said for >>> consistency. ;) >>> >>> How have you implemented DK? The 'stock' configuration is a bit flakey. >>> I think that there is a DKIM implementation that works well, although I >>> haven't used it personally yet. I would look into DKIM (as opposed to >>> using DK) if you haven't already. >>> >>>> Have you configured SPF records for your clients network in your DNS >>>> records? >>> >>> Shouldn't need this, as SPF has to do with the server which sends the >>> message, not client (origin) addresses. >>> >>>> Regards, >>>> >>>> Anil Aliyan >>> >>> Thanks for your input, Anil. I'll let you help Yuri on this further. >>> >>>> -----Original Message----- >>>> From: ya...@ardmail.com [mailto:ya...@ardmail.com] >>>> Sent: 28 December 2010 14:36 >>>> To: qmailtoaster-list@qmailtoaster.com >>>> Subject: [qmailtoaster] Strange Behavior of Domainkey >>>> >>>> >>>> Hello, >>>> >>>> I noticed very strange behavior of domainkey with yahoo :( if i am >>>> sending >>>> the mail from squirrelmail everything works and yahoo passing the >>>> signature. >>>> if i am sending the same mail from outlook client yahoo says the >>>> signature >>>> is bad. >>>> >>>> is this a problem of my configuration? >>>> Any help will be appreciated. >>>> >>>> Thanks, >>>> >>>> ~yuri >>>> >>>> >>>> >>>> ---------------------------------------------------------------------------- >>>> ----- >>>> Qmailtoaster is sponsored by Vickers Consulting Group >>>> (www.vickersconsulting.com) >>>> Vickers Consulting Group offers Qmailtoaster support and >>>> installations. >>>> If you need professional help with your setup, contact them >>>> today! >>>> ---------------------------------------------------------------------------- >>>> ----- >>>> Please visit qmailtoaster.com for the latest news, updates, and >>>> packages. >>>> >>>> To unsubscribe, e-mail: >>>> qmailtoaster-list-unsubscr...@qmailtoaster.com >>>> For additional commands, e-mail: >>>> qmailtoaster-list-h...@qmailtoaster.com >>>> >>>> >>>> >>>> >>>> --------------------------------------------------------------------------------- >>>> Qmailtoaster is sponsored by Vickers Consulting Group >>>> (www.vickersconsulting.com) >>>> Vickers Consulting Group offers Qmailtoaster support and >>>> installations. >>>> If you need professional help with your setup, contact them >>>> today! >>> >>> >>> -- >>> -Eric 'shubes' >>> >>> >>> --------------------------------------------------------------------------------- >>> Qmailtoaster is sponsored by Vickers Consulting Group >>> (www.vickersconsulting.com) >>> Vickers Consulting Group offers Qmailtoaster support and >>> installations. >>> If you need professional help with your setup, contact them today! >>> --------------------------------------------------------------------------------- >>> Please visit qmailtoaster.com for the latest news, updates, and >>> packages. >>> >>> To unsubscribe, e-mail: >>> qmailtoaster-list-unsubscr...@qmailtoaster.com >>> For additional commands, e-mail: >>> qmailtoaster-list-h...@qmailtoaster.com >>> >>> >>> >> >> >> >> --------------------------------------------------------------------------------- >> Qmailtoaster is sponsored by Vickers Consulting Group >> (www.vickersconsulting.com) >> Vickers Consulting Group offers Qmailtoaster support and installations. >> If you need professional help with your setup, contact them today! > > > > --------------------------------------------------------------------------------- > Qmailtoaster is sponsored by Vickers Consulting Group > (www.vickersconsulting.com) > Vickers Consulting Group offers Qmailtoaster support and installations. > If you need professional help with your setup, contact them today! > --------------------------------------------------------------------------------- > Please visit qmailtoaster.com for the latest news, updates, and packages. > To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com > For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com > > --------------------------------------------------------------------------------- Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! --------------------------------------------------------------------------------- Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
