Hi Eric,

Thanks for your help.
I have successfully rectified the issue with the following your steps above
and tested in Gmail account from squirrel webmail.
It is working now.

I have notified in /etc/tcprules.d/tcp.smtp file in below lines. Do i need
amend the lines in this file. please let me know.

DKSIGN="/var/qmail/control/domainkeys/%/private"

On Sun, Sep 29, 2019 at 10:47 PM Eric Broch <ebroch.w...@gmail.com> wrote:

> Step 2) from http://www.qmailtoaster.com/dkim.html
>
> At the command line first create the key and txt record for the domain you
> want signed (replace otherdomain.com with the domain you want in every
> command below).
> So if your domain is mydomain.com the command would be, '# dknewkey
> /var/qmail/control/dkim/mydomain.com.key 1024 >
> /var/qmail/control/dkim/mydomain.com.txt'
> # dknewkey /var/qmail/control/dkim/otherdomain.com.key 1024 >
> /var/qmail/control/dkim/otherdomain.com.txt
>
> At command line change the selector in the txt record from
> 'otherdomain.com.key._domainkey'  to  'dkim1._domainkey'
> # perl -pi -e 's/^.*\.key/dkim1/'
> /var/qmail/control/dkim/otherdomain.com.txt
>
> Check the file to see if substitution happened.
> # cat /var/qmail/control/dkim/otherdomain.com.txt
>    dkim1._domainkey       IN      TXT     "k=rsa;
> p=******************************"
>
>
> Create DNS TXT record for otherdomain.com using the output from the text
> file 'otherdomain.com.txt' where your DNS settings are managed, usually
> your ISP (mine are Godaddy).
>    Host                                Text
>    dkim1._domainkey       IN       TXT v=DKIM1; k=rsa;
> p=*************************
>
> Edit the signature file and add your domain. This is what the perl script
> 'qmail-remote' will read and then call the original qmail-remote now
> renamed to qmail-remote.orig.
> # vi /var/qmail/control/dkim/signconf.xml
>   <otherdomain.com domain="otherdomain.com"
> keyfile="/var/qmail/control/dkim/otherdomain.com.key" selector="dkim1">
>     <types id="dkim" />
>     <types id="domainkey" method="nofws" />
>   </otherdomain.com>
>
> So file looks like this:
>
> <dkimsign>
>   <!-- per default sign all mails using dkim -->
>   <global algorithm="rsa-sha1" domain="/var/qmail/control/me"
> keyfile="/var/qmail/control/dkim/global.key" method="simple"
> selector="dkim1">
>     <types id="dkim" />
>   </global>
>   <otherdomain.com domain="otherdomain.com"
> keyfile="/var/qmail/control/dkim/otherdomain.com.key" selector="dkim1">
>     <types id="dkim" />
>     <types id="domainkey" method="nofws" />
>   </otherdomain.com>
> </dkimsign>
>
>
> Notes Step 2) Test your DKIM signature (Remember, replace otherdomain.com
> with your domain).
> # yum install epel-release opendkim
> # opendkim-testkey -vvvv -d otherdomain.com  -k
> /var/qmail/control/dkim/otherdomain.com.key -s dkim1
>
> On Sun, Sep 29, 2019 at 7:19 AM ChandranManikandan <kand...@gmail.com>
> wrote:
>
>> Hi Eric,
>>
>> How do i implement DKIM for my domain. Really need your help.
>> I have followed your 1 step only. do i need to follow all the four steps
>> and how do i configure in DNS server.
>> why the gmail marked into spam folder of my domains emails.
>>
>> Appreciate discussions and help.
>>
>>
>> On Fri, Sep 27, 2019 at 11:51 PM Eric Broch <ebr...@whitehorsetc.com>
>> wrote:
>>
>>> DKIM is not DomainKeys
>>>
>>>
>>> On 9/27/2019 3:54 AM, ChandranManikandan wrote:
>>>
>>> Hi Eric,
>>>
>>> I have setup Global key (default for all domains)from your link and
>>> also configured in dns server then i checked in mxtoolbox and getting the
>>> result of the domain key. after that i tried to send an email to gmail it
>>> is showing the error. the email header is below.
>>>
>>> Do i need to follow the all 4 steps.
>>>
>>> I will wait one day for the dns propagation and will update you.
>>> Meanwhile could you look at the message header below.
>>>
>>> Delivered-To: kand...@gmail.com
>>> Received: by 2002:ac0:bf91:0:0:0:0:0 with SMTP id o17csp3358759imk;
>>>         Fri, 27 Sep 2019 02:46:35 -0700 (PDT)
>>> X-Google-Smtp-Source: 
>>> APXvYqxHJMofBlzODo5fRYA7j7xd5qZEt0t2DjgnfAXGA8ChxXq9w+4D0NB8ME1egn3uV3gOsfgn
>>> X-Received: by 2002:a65:5043:: with SMTP id 
>>> k3mr8485146pgo.406.1569577595481;
>>>         Fri, 27 Sep 2019 02:46:35 -0700 (PDT)
>>> ARC-Seal: i=1; a=rsa-sha256; t=1569577595; cv=none;
>>>         d=google.com; s=arc-20160816;
>>>         b=RFuQ52Ha1QndJ/rcALmW4+lfa1pnwK/ZJkH9jaupESEWm1/PtRA9kZyafMuPBecpAg
>>>          
>>> YV9EeqVPixu33bKBCJejpSjM11/GACFlCwfR8pNZA43LWBNH+DhzvduVAFdrtUB0f8c7
>>>          
>>> +QQxKJQ/hX9Lfjk9AdGzMAUITK23naokgpUGdThCz1pfKgweBZW0TZWbvPdUZp+5FjlX
>>>          
>>> KhldCT1Q76+5Ec5SuxOqmqDpqxsJ8KZRAAdQs6IFm5/wGzrVyH2V7f4aB/AsqKuEtiRd
>>>          
>>> PpWDunYjYGQJwbfUfC5APHTV6OxkiTIhVFSphLJdHu7JHF8AKOo/M4CbzYQeJTqAzvgH
>>>          zMzQ==
>>> ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; 
>>> s=arc-20160816;
>>>         h=importance:content-transfer-encoding:mime-version:user-agent:to
>>>          :from:subject:date:message-id:dkim-signature;
>>>         bh=g3zLYH4xKxcPrHOD18z9YfpQcnk/GaJedfustWU5uGs=;
>>>         b=Q1EqIgKIoYX1ckvl46Hs88ezj8DlGnJ7/hOBQUaBEFimABh9utR16law3oLDNmvNcD
>>>          
>>> O6LbpRcBYuwAimiplbgqWa8r7rQ0lYgbrJuZhJW1aGANQnoA9gZsNYBCIrbIlLtXNsGO
>>>          
>>> xFDWArhAVHM7oAyTjF1gAejKmnmAFgWWWV5rj9LUg02LRwWenn++FOb/8ZkMfblJktag
>>>          
>>> a/Vq/TWD9fx8pJz1b37D7AH2ymS8rdeD0mllY3mOMnRnPYslBxoUPdEny9UXsago21sg
>>>          
>>> BHQKDodcmbNmXG9IqiKmePJxTLqxLM7/M9qajfPv0lP66kstcO15jF8wTwpSMjhYCHfZ
>>>          zbSg==
>>> ARC-Authentication-Results: i=1; mx.google.com;
>>>        dkim=temperror (no key for signature) header.i=@mail.pan-asia.in 
>>> header.s=dkim1 header.b=ia7qahkm;
>>>        spf=pass (google.com: domain of m...@reliancehrconsulting.com 
>>> designates 49.128.33.86 as permitted sender) 
>>> smtp.mailfrom=m...@reliancehrconsulting.com;
>>>        dmarc=pass (p=NONE sp=NONE dis=NONE) 
>>> header.from=reliancehrconsulting.com
>>> Return-Path: <m...@reliancehrconsulting.com>
>>> Received: from mail.pan-asia.in ([49.128.33.86])
>>>         by mx.google.com with ESMTPS id 
>>> 70si2236946plc.139.2019.09.27.02.46.34
>>>         for <kand...@gmail.com>
>>>         (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
>>>         Fri, 27 Sep 2019 02:46:35 -0700 (PDT)
>>> Received-SPF: pass (google.com: domain of m...@reliancehrconsulting.com 
>>> designates 49.128.33.86 as permitted sender) client-ip=49.128.33.86;
>>> Authentication-Results: mx.google.com;
>>>        dkim=temperror (no key for signature) header.i=@mail.pan-asia.in 
>>> header.s=dkim1 header.b=ia7qahkm;
>>>        spf=pass (google.com: domain of m...@reliancehrconsulting.com 
>>> designates 49.128.33.86 as permitted sender) 
>>> smtp.mailfrom=m...@reliancehrconsulting.com;
>>>        dmarc=pass (p=NONE sp=NONE dis=NONE) 
>>> header.from=reliancehrconsulting.com
>>> DKIM-Signature: v=1; a=rsa-sha1; c=simple; d=mail.pan-asia.in; h= 
>>> message-id:date:subject:from:to:mime-version:content-type 
>>> :content-transfer-encoding; s=dkim1; bh=/edzoYuyn17WXm8KeqcX/R+k hdQ=; 
>>> b=ia7qahkmumkHx2g7FdiBdtJy5mkw5k/iesJrpNPz5Xswk5VIQ8KUGC0O 
>>> UZPZEc+WCRME/xtYvU+JMG/86y96fy8NDbBZIOnBc9z7kp7EJxNFKt9WIowOGjpE 
>>> RH6TgnTeFVW8IkRXb+eTZMO8D01wK27fdffYsp1FFf43v16WBak=
>>> Received: (qmail 27072 invoked by uid 89); 27 Sep 2019 09:46:33 -0000
>>> Received: from unknown (HELO mail.reliancehrconsulting.com) 
>>> (m...@reliancehrconsulting.com@127.0.0.1)
>>>   by mail.pan-asia.in with ESMTPA; 27 Sep 2019 09:46:33 -0000
>>> Received: from 129.126.169.22
>>>         (SquirrelMail authenticated user m...@reliancehrconsulting.com)
>>>         by mail.reliancehrconsulting.com with HTTP;
>>>         Fri, 27 Sep 2019 17:46:33 +0800
>>> Message-ID: 
>>> <21567bbff8eb0eb22d4c8b720f400d23.squir...@mail.reliancehrconsulting.com>
>>> Date: Fri, 27 Sep 2019 17:46:33 +0800
>>> Subject: test
>>> From: m...@reliancehrconsulting.com
>>> To: kand...@gmail.com
>>> User-Agent: SquirrelMail/1.4.22-0.qt.el6
>>> MIME-Version: 1.0
>>> Content-Type: text/plain;charset=iso-8859-1
>>> Content-Transfer-Encoding: 8bit
>>> X-Priority: 3 (Normal)
>>> Importance: Normal
>>>
>>> test
>>>
>>>
>>>
>>>
>>> On Fri, Sep 27, 2019 at 2:53 PM Eric's mail <ebr...@whitehorsetc.com>
>>> wrote:
>>>
>>>> http://www.qmailtoaster.com/dkim.html
>>>>
>>>> Get Outlook for Android <https://aka.ms/ghei36>
>>>>
>>>>
>>>>
>>>>
>>>> On Thu, Sep 26, 2019 at 10:41 PM -0600, "ChandranManikandan" <
>>>> kand...@gmail.com> wrote:
>>>>
>>>> Hi Andy,
>>>>>
>>>>> I have installed DKIM in our server and there is private and public
>>>>> key on our server.
>>>>> I have added the public like below in our dns hosting provider
>>>>> (Godaddy) control panel
>>>>>
>>>>> TXT
>>>>> Host: rhc._domainkey.domainname
>>>>> TXT value:  k=rsa; p=private key
>>>>> TTL 1 hour
>>>>>
>>>>> But it's not signed in the email.
>>>>>
>>>>> I have configured MX,SPF,DMARC and DKIM in DNS server settings.
>>>>>
>>>>> Did i made a mistake in DNS settings?
>>>>>
>>>>> Could you help me
>>>>>
>>>>> On Fri, Sep 27, 2019 at 11:50 AM Andrew Swartz <awswa...@acsalaska.net>
>>>>> wrote:
>>>>>
>>>>>> Your email does not contain a DKIM signature.
>>>>>>
>>>>>> The ARC* headers are signatures added by gmail after receipt.
>>>>>>
>>>>>> If you had a DKIM signature, it would be below this part of the
>>>>>> header chain:
>>>>>>
>>>>>> Received: from mail.pan-asia.in ([49.128.33.86])
>>>>>>         by mx.google.com with ESMTPS id 
>>>>>> t6si1129421pgt.557.2019.09.25.21.12.54
>>>>>>         for <kand...@gmail.com>
>>>>>>         (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
>>>>>>         Wed, 25 Sep 2019 21:12:55 -0700 (PDT)
>>>>>> Received-SPF: pass (google.com: domain of m...@reliancehrconsulting.com 
>>>>>> designates 49.128.33.86 as permitted sender) client-ip=49.128.33.86;
>>>>>> Authentication-Results: mx.google.com;
>>>>>>        spf=pass (google.com: domain of m...@reliancehrconsulting.com 
>>>>>> designates 49.128.33.86 as permitted sender) 
>>>>>> smtp.mailfrom=m...@reliancehrconsulting.com;
>>>>>>        dmarc=pass (p=NONE sp=NONE dis=NONE) 
>>>>>> header.from=reliancehrconsulting.com
>>>>>>
>>>>>>
>>>>>> That and everything above it was added by gmail.
>>>>>>
>>>>>> You may have set up the DNS part of DKIM, but your server does not
>>>>>> seem to be signing the emails.
>>>>>>
>>>>>> When you get it working, you can test by sending an email to a
>>>>>> reflector, like this:
>>>>>>
>>>>>> sa-t...@sendmail.net
>>>>>>
>>>>>> It will analyze the smtp session and the email and then email the
>>>>>> results back to you.
>>>>>>
>>>>>> There are several other reflectors listed at the bottom of this
>>>>>> page:
>>>>>>
>>>>>>
>>>>>> https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118571-technote-esa-00.html
>>>>>>
>>>>>>
>>>>>> Hope this helps,
>>>>>>
>>>>>> -Andy
>>>>>>
>>>>>>
>>>>>>
>>>>>> On 9/25/2019 8:39 PM, ChandranManikandan wrote:
>>>>>>
>>>>>> Hi Friends,
>>>>>>
>>>>>> I have tried to send an test email from my domain to gmail.
>>>>>> It is going the gmail spam folder and i have configured SPF and DMARC
>>>>>> in dns.
>>>>>>
>>>>>> Could you look at the below message header in gmail and help me to
>>>>>> solve this problem.
>>>>>>
>>>>>> Delivered-To: kand...@gmail.com
>>>>>> Received: by 2002:ac0:bf91:0:0:0:0:0 with SMTP id o17csp1656435imk;
>>>>>>         Wed, 25 Sep 2019 21:12:55 -0700 (PDT)
>>>>>> X-Google-Smtp-Source: 
>>>>>> APXvYqxiLedyv3u6JDrnZQHvyrvIcmrH9n2kSrdj3NOCigD3cs53Rm6tgsJPdMbI9UBNqbqOc1Hz
>>>>>> X-Received: by 2002:a63:1720:: with SMTP id 
>>>>>> x32mr1332168pgl.289.1569471175444;
>>>>>>         Wed, 25 Sep 2019 21:12:55 -0700 (PDT)
>>>>>> ARC-Seal: i=1; a=rsa-sha256; t=1569471175; cv=none;
>>>>>>         d=google.com; s=arc-20160816;
>>>>>>         
>>>>>> b=JGxA7PMxFt1qrwUPb9SXj40SHUhyOOPo+pENSvAaYhLkzdijEWpCgu5KWAW3yEfvWA
>>>>>>          
>>>>>> a2+Q9sPT9qJQZlwFvFmH4ZRi20KCLo9RMvbkRSW3L/L8Lzztic/OCfj2+o1HKmCKl4gk
>>>>>>          
>>>>>> bPWD4Tv9a/0Zg+EqIFUgJD0QhpFnSXMHmw59RoD3EurAA7zex+55NNRdnS2o7aluru0U
>>>>>>          
>>>>>> dYI9xixpZd276FwfDDy+FLSh5EYuYTmjkXEMEgmbNCMhGQ5WQ9AASzwVyDbXhFt9ixSN
>>>>>>          
>>>>>> JB8MKPw3P8cDyX/+Db1WoflU82H2KbVV+ON4GFhrvDVYkpQiWHbASNVipQfPj2YSItPP
>>>>>>          g6Ng==
>>>>>> ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; 
>>>>>> d=google.com; s=arc-20160816;
>>>>>>         
>>>>>> h=importance:content-transfer-encoding:mime-version:user-agent:cc:to
>>>>>>          :from:subject:date:message-id;
>>>>>>         bh=g3zLYH4xKxcPrHOD18z9YfpQcnk/GaJedfustWU5uGs=;
>>>>>>         
>>>>>> b=XDv2dnoYR6tpeltyJ8tD82IKUIGCs0888LAX5xt4MqpL8IPAcUqA8xYLJvNx+heJH/
>>>>>>          
>>>>>> 5xT0tBciuRolqjCA7jRI2BSSTGmO7wKoEuuL8uvaYfpxM+7eGTNpnIV0mLH3V9z7SUr0
>>>>>>          
>>>>>> /Wcr/O3KstHzBxoYgAc71UguXyLG6LarOFgjcxvpVh4k3FbMKXJy+7wDDJC5zCfAcSQr
>>>>>>          
>>>>>> VrmJqYWJsc4VcgFrs0+O024BqMmlrLn5WycmtpLAZ0LP/tflbx4OzMMoL+K3AvpIdccB
>>>>>>          
>>>>>> hHtkCIyNislpUv6EqxxZLvumM2ysFL4Dd7M06ZpBxm5gIA3HVOL33E7JY2YQefIHv/io
>>>>>>          vIpg==
>>>>>> ARC-Authentication-Results: i=1; mx.google.com;
>>>>>>        spf=pass (google.com: domain of m...@reliancehrconsulting.com 
>>>>>> designates 49.128.33.86 as permitted sender) 
>>>>>> smtp.mailfrom=m...@reliancehrconsulting.com;
>>>>>>        dmarc=pass (p=NONE sp=NONE dis=NONE) 
>>>>>> header.from=reliancehrconsulting.com
>>>>>> Return-Path: <m...@reliancehrconsulting.com>
>>>>>> Received: from mail.pan-asia.in ([49.128.33.86])
>>>>>>         by mx.google.com with ESMTPS id 
>>>>>> t6si1129421pgt.557.2019.09.25.21.12.54
>>>>>>         for <kand...@gmail.com>
>>>>>>         (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
>>>>>>         Wed, 25 Sep 2019 21:12:55 -0700 (PDT)
>>>>>> Received-SPF: pass (google.com: domain of m...@reliancehrconsulting.com 
>>>>>> designates 49.128.33.86 as permitted sender) client-ip=49.128.33.86;
>>>>>> Authentication-Results: mx.google.com;
>>>>>>        spf=pass (google.com: domain of m...@reliancehrconsulting.com 
>>>>>> designates 49.128.33.86 as permitted sender) 
>>>>>> smtp.mailfrom=m...@reliancehrconsulting.com;
>>>>>>        dmarc=pass (p=NONE sp=NONE dis=NONE) 
>>>>>> header.from=reliancehrconsulting.com
>>>>>> Received: (qmail 11583 invoked by uid 89); 26 Sep 2019 04:12:53 -0000
>>>>>> Received: from unknown (HELO mail.reliancehrconsulting.com) 
>>>>>> (m...@reliancehrconsulting.com@127.0.0.1)
>>>>>>   by mail.pan-asia.in with ESMTPA; 26 Sep 2019 04:12:53 -0000
>>>>>> Received: from 129.126.169.22
>>>>>>         (SquirrelMail authenticated user m...@reliancehrconsulting.com)
>>>>>>         by mail.reliancehrconsulting.com with HTTP;
>>>>>>         Thu, 26 Sep 2019 12:12:53 +0800
>>>>>> Message-ID: 
>>>>>> <afd61f84dae4a2d7454e332d9f725c75.squir...@mail.reliancehrconsulting.com>
>>>>>> Date: Thu, 26 Sep 2019 12:12:53 +0800
>>>>>> Subject: test
>>>>>> From: m...@reliancehrconsulting.com
>>>>>> To: kand...@gmail.com
>>>>>> Cc: m...@reliancehrconsulting.com
>>>>>> User-Agent: SquirrelMail/1.4.22-0.qt.el6
>>>>>> MIME-Version: 1.0
>>>>>> Content-Type: text/plain;charset=iso-8859-1
>>>>>> Content-Transfer-Encoding: 8bit
>>>>>> X-Priority: 3 (Normal)
>>>>>> Importance: Normal
>>>>>>
>>>>>> test
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>>
>>>>>>
>>>>>> *Regards, Manikandan.C *
>>>>>>
>>>>>>
>>>>>
>>>>> --
>>>>>
>>>>>
>>>>> *Regards, Manikandan.C *
>>>>>
>>>>
>>>
>>> --
>>>
>>>
>>> *Regards, Manikandan.C *
>>>
>>>
>>
>> --
>>
>>
>> *Regards,Manikandan.C*
>>
>

-- 


*Regards,Manikandan.C*

Reply via email to