Hi Eric, Thanks for your help. I have successfully rectified the issue with the following your steps above and tested in Gmail account from squirrel webmail. It is working now.
I have notified in /etc/tcprules.d/tcp.smtp file in below lines. Do i need amend the lines in this file. please let me know. DKSIGN="/var/qmail/control/domainkeys/%/private" On Sun, Sep 29, 2019 at 10:47 PM Eric Broch <ebroch.w...@gmail.com> wrote: > Step 2) from http://www.qmailtoaster.com/dkim.html > > At the command line first create the key and txt record for the domain you > want signed (replace otherdomain.com with the domain you want in every > command below). > So if your domain is mydomain.com the command would be, '# dknewkey > /var/qmail/control/dkim/mydomain.com.key 1024 > > /var/qmail/control/dkim/mydomain.com.txt' > # dknewkey /var/qmail/control/dkim/otherdomain.com.key 1024 > > /var/qmail/control/dkim/otherdomain.com.txt > > At command line change the selector in the txt record from > 'otherdomain.com.key._domainkey' to 'dkim1._domainkey' > # perl -pi -e 's/^.*\.key/dkim1/' > /var/qmail/control/dkim/otherdomain.com.txt > > Check the file to see if substitution happened. > # cat /var/qmail/control/dkim/otherdomain.com.txt > dkim1._domainkey IN TXT "k=rsa; > p=******************************" > > > Create DNS TXT record for otherdomain.com using the output from the text > file 'otherdomain.com.txt' where your DNS settings are managed, usually > your ISP (mine are Godaddy). > Host Text > dkim1._domainkey IN TXT v=DKIM1; k=rsa; > p=************************* > > Edit the signature file and add your domain. This is what the perl script > 'qmail-remote' will read and then call the original qmail-remote now > renamed to qmail-remote.orig. > # vi /var/qmail/control/dkim/signconf.xml > <otherdomain.com domain="otherdomain.com" > keyfile="/var/qmail/control/dkim/otherdomain.com.key" selector="dkim1"> > <types id="dkim" /> > <types id="domainkey" method="nofws" /> > </otherdomain.com> > > So file looks like this: > > <dkimsign> > <!-- per default sign all mails using dkim --> > <global algorithm="rsa-sha1" domain="/var/qmail/control/me" > keyfile="/var/qmail/control/dkim/global.key" method="simple" > selector="dkim1"> > <types id="dkim" /> > </global> > <otherdomain.com domain="otherdomain.com" > keyfile="/var/qmail/control/dkim/otherdomain.com.key" selector="dkim1"> > <types id="dkim" /> > <types id="domainkey" method="nofws" /> > </otherdomain.com> > </dkimsign> > > > Notes Step 2) Test your DKIM signature (Remember, replace otherdomain.com > with your domain). > # yum install epel-release opendkim > # opendkim-testkey -vvvv -d otherdomain.com -k > /var/qmail/control/dkim/otherdomain.com.key -s dkim1 > > On Sun, Sep 29, 2019 at 7:19 AM ChandranManikandan <kand...@gmail.com> > wrote: > >> Hi Eric, >> >> How do i implement DKIM for my domain. Really need your help. >> I have followed your 1 step only. do i need to follow all the four steps >> and how do i configure in DNS server. >> why the gmail marked into spam folder of my domains emails. >> >> Appreciate discussions and help. >> >> >> On Fri, Sep 27, 2019 at 11:51 PM Eric Broch <ebr...@whitehorsetc.com> >> wrote: >> >>> DKIM is not DomainKeys >>> >>> >>> On 9/27/2019 3:54 AM, ChandranManikandan wrote: >>> >>> Hi Eric, >>> >>> I have setup Global key (default for all domains)from your link and >>> also configured in dns server then i checked in mxtoolbox and getting the >>> result of the domain key. after that i tried to send an email to gmail it >>> is showing the error. the email header is below. >>> >>> Do i need to follow the all 4 steps. >>> >>> I will wait one day for the dns propagation and will update you. >>> Meanwhile could you look at the message header below. >>> >>> Delivered-To: kand...@gmail.com >>> Received: by 2002:ac0:bf91:0:0:0:0:0 with SMTP id o17csp3358759imk; >>> Fri, 27 Sep 2019 02:46:35 -0700 (PDT) >>> X-Google-Smtp-Source: >>> APXvYqxHJMofBlzODo5fRYA7j7xd5qZEt0t2DjgnfAXGA8ChxXq9w+4D0NB8ME1egn3uV3gOsfgn >>> X-Received: by 2002:a65:5043:: with SMTP id >>> k3mr8485146pgo.406.1569577595481; >>> Fri, 27 Sep 2019 02:46:35 -0700 (PDT) >>> ARC-Seal: i=1; a=rsa-sha256; t=1569577595; cv=none; >>> d=google.com; s=arc-20160816; >>> b=RFuQ52Ha1QndJ/rcALmW4+lfa1pnwK/ZJkH9jaupESEWm1/PtRA9kZyafMuPBecpAg >>> >>> YV9EeqVPixu33bKBCJejpSjM11/GACFlCwfR8pNZA43LWBNH+DhzvduVAFdrtUB0f8c7 >>> >>> +QQxKJQ/hX9Lfjk9AdGzMAUITK23naokgpUGdThCz1pfKgweBZW0TZWbvPdUZp+5FjlX >>> >>> KhldCT1Q76+5Ec5SuxOqmqDpqxsJ8KZRAAdQs6IFm5/wGzrVyH2V7f4aB/AsqKuEtiRd >>> >>> PpWDunYjYGQJwbfUfC5APHTV6OxkiTIhVFSphLJdHu7JHF8AKOo/M4CbzYQeJTqAzvgH >>> zMzQ== >>> ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; >>> s=arc-20160816; >>> h=importance:content-transfer-encoding:mime-version:user-agent:to >>> :from:subject:date:message-id:dkim-signature; >>> bh=g3zLYH4xKxcPrHOD18z9YfpQcnk/GaJedfustWU5uGs=; >>> b=Q1EqIgKIoYX1ckvl46Hs88ezj8DlGnJ7/hOBQUaBEFimABh9utR16law3oLDNmvNcD >>> >>> O6LbpRcBYuwAimiplbgqWa8r7rQ0lYgbrJuZhJW1aGANQnoA9gZsNYBCIrbIlLtXNsGO >>> >>> xFDWArhAVHM7oAyTjF1gAejKmnmAFgWWWV5rj9LUg02LRwWenn++FOb/8ZkMfblJktag >>> >>> a/Vq/TWD9fx8pJz1b37D7AH2ymS8rdeD0mllY3mOMnRnPYslBxoUPdEny9UXsago21sg >>> >>> BHQKDodcmbNmXG9IqiKmePJxTLqxLM7/M9qajfPv0lP66kstcO15jF8wTwpSMjhYCHfZ >>> zbSg== >>> ARC-Authentication-Results: i=1; mx.google.com; >>> dkim=temperror (no key for signature) header.i=@mail.pan-asia.in >>> header.s=dkim1 header.b=ia7qahkm; >>> spf=pass (google.com: domain of m...@reliancehrconsulting.com >>> designates 49.128.33.86 as permitted sender) >>> smtp.mailfrom=m...@reliancehrconsulting.com; >>> dmarc=pass (p=NONE sp=NONE dis=NONE) >>> header.from=reliancehrconsulting.com >>> Return-Path: <m...@reliancehrconsulting.com> >>> Received: from mail.pan-asia.in ([49.128.33.86]) >>> by mx.google.com with ESMTPS id >>> 70si2236946plc.139.2019.09.27.02.46.34 >>> for <kand...@gmail.com> >>> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); >>> Fri, 27 Sep 2019 02:46:35 -0700 (PDT) >>> Received-SPF: pass (google.com: domain of m...@reliancehrconsulting.com >>> designates 49.128.33.86 as permitted sender) client-ip=49.128.33.86; >>> Authentication-Results: mx.google.com; >>> dkim=temperror (no key for signature) header.i=@mail.pan-asia.in >>> header.s=dkim1 header.b=ia7qahkm; >>> spf=pass (google.com: domain of m...@reliancehrconsulting.com >>> designates 49.128.33.86 as permitted sender) >>> smtp.mailfrom=m...@reliancehrconsulting.com; >>> dmarc=pass (p=NONE sp=NONE dis=NONE) >>> header.from=reliancehrconsulting.com >>> DKIM-Signature: v=1; a=rsa-sha1; c=simple; d=mail.pan-asia.in; h= >>> message-id:date:subject:from:to:mime-version:content-type >>> :content-transfer-encoding; s=dkim1; bh=/edzoYuyn17WXm8KeqcX/R+k hdQ=; >>> b=ia7qahkmumkHx2g7FdiBdtJy5mkw5k/iesJrpNPz5Xswk5VIQ8KUGC0O >>> UZPZEc+WCRME/xtYvU+JMG/86y96fy8NDbBZIOnBc9z7kp7EJxNFKt9WIowOGjpE >>> RH6TgnTeFVW8IkRXb+eTZMO8D01wK27fdffYsp1FFf43v16WBak= >>> Received: (qmail 27072 invoked by uid 89); 27 Sep 2019 09:46:33 -0000 >>> Received: from unknown (HELO mail.reliancehrconsulting.com) >>> (m...@reliancehrconsulting.com@127.0.0.1) >>> by mail.pan-asia.in with ESMTPA; 27 Sep 2019 09:46:33 -0000 >>> Received: from 129.126.169.22 >>> (SquirrelMail authenticated user m...@reliancehrconsulting.com) >>> by mail.reliancehrconsulting.com with HTTP; >>> Fri, 27 Sep 2019 17:46:33 +0800 >>> Message-ID: >>> <21567bbff8eb0eb22d4c8b720f400d23.squir...@mail.reliancehrconsulting.com> >>> Date: Fri, 27 Sep 2019 17:46:33 +0800 >>> Subject: test >>> From: m...@reliancehrconsulting.com >>> To: kand...@gmail.com >>> User-Agent: SquirrelMail/1.4.22-0.qt.el6 >>> MIME-Version: 1.0 >>> Content-Type: text/plain;charset=iso-8859-1 >>> Content-Transfer-Encoding: 8bit >>> X-Priority: 3 (Normal) >>> Importance: Normal >>> >>> test >>> >>> >>> >>> >>> On Fri, Sep 27, 2019 at 2:53 PM Eric's mail <ebr...@whitehorsetc.com> >>> wrote: >>> >>>> http://www.qmailtoaster.com/dkim.html >>>> >>>> Get Outlook for Android <https://aka.ms/ghei36> >>>> >>>> >>>> >>>> >>>> On Thu, Sep 26, 2019 at 10:41 PM -0600, "ChandranManikandan" < >>>> kand...@gmail.com> wrote: >>>> >>>> Hi Andy, >>>>> >>>>> I have installed DKIM in our server and there is private and public >>>>> key on our server. >>>>> I have added the public like below in our dns hosting provider >>>>> (Godaddy) control panel >>>>> >>>>> TXT >>>>> Host: rhc._domainkey.domainname >>>>> TXT value: k=rsa; p=private key >>>>> TTL 1 hour >>>>> >>>>> But it's not signed in the email. >>>>> >>>>> I have configured MX,SPF,DMARC and DKIM in DNS server settings. >>>>> >>>>> Did i made a mistake in DNS settings? >>>>> >>>>> Could you help me >>>>> >>>>> On Fri, Sep 27, 2019 at 11:50 AM Andrew Swartz <awswa...@acsalaska.net> >>>>> wrote: >>>>> >>>>>> Your email does not contain a DKIM signature. >>>>>> >>>>>> The ARC* headers are signatures added by gmail after receipt. >>>>>> >>>>>> If you had a DKIM signature, it would be below this part of the >>>>>> header chain: >>>>>> >>>>>> Received: from mail.pan-asia.in ([49.128.33.86]) >>>>>> by mx.google.com with ESMTPS id >>>>>> t6si1129421pgt.557.2019.09.25.21.12.54 >>>>>> for <kand...@gmail.com> >>>>>> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); >>>>>> Wed, 25 Sep 2019 21:12:55 -0700 (PDT) >>>>>> Received-SPF: pass (google.com: domain of m...@reliancehrconsulting.com >>>>>> designates 49.128.33.86 as permitted sender) client-ip=49.128.33.86; >>>>>> Authentication-Results: mx.google.com; >>>>>> spf=pass (google.com: domain of m...@reliancehrconsulting.com >>>>>> designates 49.128.33.86 as permitted sender) >>>>>> smtp.mailfrom=m...@reliancehrconsulting.com; >>>>>> dmarc=pass (p=NONE sp=NONE dis=NONE) >>>>>> header.from=reliancehrconsulting.com >>>>>> >>>>>> >>>>>> That and everything above it was added by gmail. >>>>>> >>>>>> You may have set up the DNS part of DKIM, but your server does not >>>>>> seem to be signing the emails. >>>>>> >>>>>> When you get it working, you can test by sending an email to a >>>>>> reflector, like this: >>>>>> >>>>>> sa-t...@sendmail.net >>>>>> >>>>>> It will analyze the smtp session and the email and then email the >>>>>> results back to you. >>>>>> >>>>>> There are several other reflectors listed at the bottom of this >>>>>> page: >>>>>> >>>>>> >>>>>> https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118571-technote-esa-00.html >>>>>> >>>>>> >>>>>> Hope this helps, >>>>>> >>>>>> -Andy >>>>>> >>>>>> >>>>>> >>>>>> On 9/25/2019 8:39 PM, ChandranManikandan wrote: >>>>>> >>>>>> Hi Friends, >>>>>> >>>>>> I have tried to send an test email from my domain to gmail. >>>>>> It is going the gmail spam folder and i have configured SPF and DMARC >>>>>> in dns. >>>>>> >>>>>> Could you look at the below message header in gmail and help me to >>>>>> solve this problem. >>>>>> >>>>>> Delivered-To: kand...@gmail.com >>>>>> Received: by 2002:ac0:bf91:0:0:0:0:0 with SMTP id o17csp1656435imk; >>>>>> Wed, 25 Sep 2019 21:12:55 -0700 (PDT) >>>>>> X-Google-Smtp-Source: >>>>>> APXvYqxiLedyv3u6JDrnZQHvyrvIcmrH9n2kSrdj3NOCigD3cs53Rm6tgsJPdMbI9UBNqbqOc1Hz >>>>>> X-Received: by 2002:a63:1720:: with SMTP id >>>>>> x32mr1332168pgl.289.1569471175444; >>>>>> Wed, 25 Sep 2019 21:12:55 -0700 (PDT) >>>>>> ARC-Seal: i=1; a=rsa-sha256; t=1569471175; cv=none; >>>>>> d=google.com; s=arc-20160816; >>>>>> >>>>>> b=JGxA7PMxFt1qrwUPb9SXj40SHUhyOOPo+pENSvAaYhLkzdijEWpCgu5KWAW3yEfvWA >>>>>> >>>>>> a2+Q9sPT9qJQZlwFvFmH4ZRi20KCLo9RMvbkRSW3L/L8Lzztic/OCfj2+o1HKmCKl4gk >>>>>> >>>>>> bPWD4Tv9a/0Zg+EqIFUgJD0QhpFnSXMHmw59RoD3EurAA7zex+55NNRdnS2o7aluru0U >>>>>> >>>>>> dYI9xixpZd276FwfDDy+FLSh5EYuYTmjkXEMEgmbNCMhGQ5WQ9AASzwVyDbXhFt9ixSN >>>>>> >>>>>> JB8MKPw3P8cDyX/+Db1WoflU82H2KbVV+ON4GFhrvDVYkpQiWHbASNVipQfPj2YSItPP >>>>>> g6Ng== >>>>>> ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; >>>>>> d=google.com; s=arc-20160816; >>>>>> >>>>>> h=importance:content-transfer-encoding:mime-version:user-agent:cc:to >>>>>> :from:subject:date:message-id; >>>>>> bh=g3zLYH4xKxcPrHOD18z9YfpQcnk/GaJedfustWU5uGs=; >>>>>> >>>>>> b=XDv2dnoYR6tpeltyJ8tD82IKUIGCs0888LAX5xt4MqpL8IPAcUqA8xYLJvNx+heJH/ >>>>>> >>>>>> 5xT0tBciuRolqjCA7jRI2BSSTGmO7wKoEuuL8uvaYfpxM+7eGTNpnIV0mLH3V9z7SUr0 >>>>>> >>>>>> /Wcr/O3KstHzBxoYgAc71UguXyLG6LarOFgjcxvpVh4k3FbMKXJy+7wDDJC5zCfAcSQr >>>>>> >>>>>> VrmJqYWJsc4VcgFrs0+O024BqMmlrLn5WycmtpLAZ0LP/tflbx4OzMMoL+K3AvpIdccB >>>>>> >>>>>> hHtkCIyNislpUv6EqxxZLvumM2ysFL4Dd7M06ZpBxm5gIA3HVOL33E7JY2YQefIHv/io >>>>>> vIpg== >>>>>> ARC-Authentication-Results: i=1; mx.google.com; >>>>>> spf=pass (google.com: domain of m...@reliancehrconsulting.com >>>>>> designates 49.128.33.86 as permitted sender) >>>>>> smtp.mailfrom=m...@reliancehrconsulting.com; >>>>>> dmarc=pass (p=NONE sp=NONE dis=NONE) >>>>>> header.from=reliancehrconsulting.com >>>>>> Return-Path: <m...@reliancehrconsulting.com> >>>>>> Received: from mail.pan-asia.in ([49.128.33.86]) >>>>>> by mx.google.com with ESMTPS id >>>>>> t6si1129421pgt.557.2019.09.25.21.12.54 >>>>>> for <kand...@gmail.com> >>>>>> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); >>>>>> Wed, 25 Sep 2019 21:12:55 -0700 (PDT) >>>>>> Received-SPF: pass (google.com: domain of m...@reliancehrconsulting.com >>>>>> designates 49.128.33.86 as permitted sender) client-ip=49.128.33.86; >>>>>> Authentication-Results: mx.google.com; >>>>>> spf=pass (google.com: domain of m...@reliancehrconsulting.com >>>>>> designates 49.128.33.86 as permitted sender) >>>>>> smtp.mailfrom=m...@reliancehrconsulting.com; >>>>>> dmarc=pass (p=NONE sp=NONE dis=NONE) >>>>>> header.from=reliancehrconsulting.com >>>>>> Received: (qmail 11583 invoked by uid 89); 26 Sep 2019 04:12:53 -0000 >>>>>> Received: from unknown (HELO mail.reliancehrconsulting.com) >>>>>> (m...@reliancehrconsulting.com@127.0.0.1) >>>>>> by mail.pan-asia.in with ESMTPA; 26 Sep 2019 04:12:53 -0000 >>>>>> Received: from 129.126.169.22 >>>>>> (SquirrelMail authenticated user m...@reliancehrconsulting.com) >>>>>> by mail.reliancehrconsulting.com with HTTP; >>>>>> Thu, 26 Sep 2019 12:12:53 +0800 >>>>>> Message-ID: >>>>>> <afd61f84dae4a2d7454e332d9f725c75.squir...@mail.reliancehrconsulting.com> >>>>>> Date: Thu, 26 Sep 2019 12:12:53 +0800 >>>>>> Subject: test >>>>>> From: m...@reliancehrconsulting.com >>>>>> To: kand...@gmail.com >>>>>> Cc: m...@reliancehrconsulting.com >>>>>> User-Agent: SquirrelMail/1.4.22-0.qt.el6 >>>>>> MIME-Version: 1.0 >>>>>> Content-Type: text/plain;charset=iso-8859-1 >>>>>> Content-Transfer-Encoding: 8bit >>>>>> X-Priority: 3 (Normal) >>>>>> Importance: Normal >>>>>> >>>>>> test >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> >>>>>> >>>>>> *Regards, Manikandan.C * >>>>>> >>>>>> >>>>> >>>>> -- >>>>> >>>>> >>>>> *Regards, Manikandan.C * >>>>> >>>> >>> >>> -- >>> >>> >>> *Regards, Manikandan.C * >>> >>> >> >> -- >> >> >> *Regards,Manikandan.C* >> > -- *Regards,Manikandan.C*