Hi Remo,
This default settings are there. My doubt is do i need to replace this line
DKSIGN="/var/qmail/control/domainkeys/%/private to DKSIGN="/var/qmail/
control/dkim/%/public.txt.
Because now i am replacing the folder domainkeys to dkim.
Please correct me if i am wrong.

On Mon, Sep 30, 2019 at 1:00 PM Remo Mattei <r...@mattei.org> wrote:

> here is mine
>
>
> :allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="50",CHKUSER_WRONGRCPTLIMIT="10",NOP0FCHECK="1",QMAILQUEUE="/var/qmail/bin/simscan",DKQUEUE="/var/qmail/bin/qmail-queue.orig",DKVERIFY="DEGIJKfh",DKSIGN="/var/qmail/control/domainkeys/%/privateā€
>
>
>
>
>
> On Sunday, Sep 29, 2019 at 21:57, ChandranManikandan <kand...@gmail.com>
> wrote:
> Hi Eric,
>
> Thanks for your help.
> I have successfully rectified the issue with the following your steps
> above and tested in Gmail account from squirrel webmail.
> It is working now.
>
> I have notified in /etc/tcprules.d/tcp.smtp file in below lines. Do i need
> amend the lines in this file. please let me know.
>
> DKSIGN="/var/qmail/control/domainkeys/%/private"
>
> On Sun, Sep 29, 2019 at 10:47 PM Eric Broch <ebroch.w...@gmail.com> wrote:
>
>> Step 2) from http://www.qmailtoaster.com/dkim.html
>>
>> At the command line first create the key and txt record for the domain
>> you want signed (replace otherdomain.com with the domain you want in
>> every command below).
>> So if your domain is mydomain.com the command would be, '# dknewkey
>> /var/qmail/control/dkim/mydomain.com.key 1024 >
>> /var/qmail/control/dkim/mydomain.com.txt'
>> # dknewkey /var/qmail/control/dkim/otherdomain.com.key 1024 >
>> /var/qmail/control/dkim/otherdomain.com.txt
>>
>> At command line change the selector in the txt record from
>> 'otherdomain.com.key._domainkey'  to  'dkim1._domainkey'
>> # perl -pi -e 's/^.*\.key/dkim1/'
>> /var/qmail/control/dkim/otherdomain.com.txt
>>
>> Check the file to see if substitution happened.
>> # cat /var/qmail/control/dkim/otherdomain.com.txt
>>    dkim1._domainkey       IN      TXT     "k=rsa;
>> p=******************************"
>>
>>
>> Create DNS TXT record for otherdomain.com using the output from the text
>> file 'otherdomain.com.txt' where your DNS settings are managed, usually
>> your ISP (mine are Godaddy).
>>    Host                                Text
>>    dkim1._domainkey       IN       TXT v=DKIM1; k=rsa;
>> p=*************************
>>
>> Edit the signature file and add your domain. This is what the perl script
>> 'qmail-remote' will read and then call the original qmail-remote now
>> renamed to qmail-remote.orig.
>> # vi /var/qmail/control/dkim/signconf.xml
>>   <otherdomain.com domain="otherdomain.com"
>> keyfile="/var/qmail/control/dkim/otherdomain.com.key" selector="dkim1">
>>     <types id="dkim" />
>>     <types id="domainkey" method="nofws" />
>>   </otherdomain.com>
>>
>> So file looks like this:
>>
>> <dkimsign>
>>   <!-- per default sign all mails using dkim -->
>>   <global algorithm="rsa-sha1" domain="/var/qmail/control/me"
>> keyfile="/var/qmail/control/dkim/global.key" method="simple"
>> selector="dkim1">
>>     <types id="dkim" />
>>   </global>
>>   <otherdomain.com domain="otherdomain.com"
>> keyfile="/var/qmail/control/dkim/otherdomain.com.key" selector="dkim1">
>>     <types id="dkim" />
>>     <types id="domainkey" method="nofws" />
>>   </otherdomain.com>
>> </dkimsign>
>>
>>
>> Notes Step 2) Test your DKIM signature (Remember, replace otherdomain.com
>> with your domain).
>> # yum install epel-release opendkim
>> # opendkim-testkey -vvvv -d otherdomain.com  -k
>> /var/qmail/control/dkim/otherdomain.com.key -s dkim1
>>
>> On Sun, Sep 29, 2019 at 7:19 AM ChandranManikandan <kand...@gmail.com>
>> wrote:
>>
>>> Hi Eric,
>>>
>>> How do i implement DKIM for my domain. Really need your help.
>>> I have followed your 1 step only. do i need to follow all the four steps
>>> and how do i configure in DNS server.
>>> why the gmail marked into spam folder of my domains emails.
>>>
>>> Appreciate discussions and help.
>>>
>>>
>>> On Fri, Sep 27, 2019 at 11:51 PM Eric Broch <ebr...@whitehorsetc.com>
>>> wrote:
>>>
>>>> DKIM is not DomainKeys
>>>>
>>>>
>>>> On 9/27/2019 3:54 AM, ChandranManikandan wrote:
>>>>
>>>> Hi Eric,
>>>>
>>>> I have setup Global key (default for all domains)from your link and
>>>> also configured in dns server then i checked in mxtoolbox and getting the
>>>> result of the domain key. after that i tried to send an email to gmail it
>>>> is showing the error. the email header is below.
>>>>
>>>> Do i need to follow the all 4 steps.
>>>>
>>>> I will wait one day for the dns propagation and will update you.
>>>> Meanwhile could you look at the message header below.
>>>>
>>>> Delivered-To: kand...@gmail.com Received: by 2002:ac0:bf91:0:0:0:0:0 with 
>>>> SMTP id o17csp3358759imk; Fri, 27 Sep 2019 02:46:35 -0700 (PDT) 
>>>> X-Google-Smtp-Source: 
>>>> APXvYqxHJMofBlzODo5fRYA7j7xd5qZEt0t2DjgnfAXGA8ChxXq9w+4D0NB8ME1egn3uV3gOsfgn
>>>>  X-Received: by 2002:a65:5043:: with SMTP id 
>>>> k3mr8485146pgo.406.1569577595481; Fri, 27 Sep 2019 02:46:35 -0700 (PDT) 
>>>> ARC-Seal: i=1; a=rsa-sha256; t=1569577595; cv=none; d=google.com; 
>>>> s=arc-20160816; 
>>>> b=RFuQ52Ha1QndJ/rcALmW4+lfa1pnwK/ZJkH9jaupESEWm1/PtRA9kZyafMuPBecpAg 
>>>> YV9EeqVPixu33bKBCJejpSjM11/GACFlCwfR8pNZA43LWBNH+DhzvduVAFdrtUB0f8c7 
>>>> +QQxKJQ/hX9Lfjk9AdGzMAUITK23naokgpUGdThCz1pfKgweBZW0TZWbvPdUZp+5FjlX 
>>>> KhldCT1Q76+5Ec5SuxOqmqDpqxsJ8KZRAAdQs6IFm5/wGzrVyH2V7f4aB/AsqKuEtiRd 
>>>> PpWDunYjYGQJwbfUfC5APHTV6OxkiTIhVFSphLJdHu7JHF8AKOo/M4CbzYQeJTqAzvgH 
>>>> zMzQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; 
>>>> d=google.com; s=arc-20160816; 
>>>> h=importance:content-transfer-encoding:mime-version:user-agent:to 
>>>> :from:subject:date:message-id:dkim-signature; 
>>>> bh=g3zLYH4xKxcPrHOD18z9YfpQcnk/GaJedfustWU5uGs=; 
>>>> b=Q1EqIgKIoYX1ckvl46Hs88ezj8DlGnJ7/hOBQUaBEFimABh9utR16law3oLDNmvNcD 
>>>> O6LbpRcBYuwAimiplbgqWa8r7rQ0lYgbrJuZhJW1aGANQnoA9gZsNYBCIrbIlLtXNsGO 
>>>> xFDWArhAVHM7oAyTjF1gAejKmnmAFgWWWV5rj9LUg02LRwWenn++FOb/8ZkMfblJktag 
>>>> a/Vq/TWD9fx8pJz1b37D7AH2ymS8rdeD0mllY3mOMnRnPYslBxoUPdEny9UXsago21sg 
>>>> BHQKDodcmbNmXG9IqiKmePJxTLqxLM7/M9qajfPv0lP66kstcO15jF8wTwpSMjhYCHfZ 
>>>> zbSg== ARC-Authentication-Results: i=1; mx.google.com; dkim=temperror (no 
>>>> key for signature) header.i=@mail.pan-asia.in header.s=dkim1 
>>>> header.b=ia7qahkm; spf=pass (google.com: domain of 
>>>> m...@reliancehrconsulting.com designates 49.128.33.86 as permitted sender) 
>>>> smtp.mailfrom=m...@reliancehrconsulting.com; dmarc=pass (p=NONE sp=NONE 
>>>> dis=NONE) header.from=reliancehrconsulting.com Return-Path: 
>>>> <m...@reliancehrconsulting.com> Received: from mail.pan-asia.in 
>>>> ([49.128.33.86]) by mx.google.com with ESMTPS id 
>>>> 70si2236946plc.139.2019.09.27.02.46.34 for <kand...@gmail.com> 
>>>> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 27 
>>>> Sep 2019 02:46:35 -0700 (PDT) Received-SPF: pass (google.com: domain of 
>>>> m...@reliancehrconsulting.com designates 49.128.33.86 as permitted sender) 
>>>> client-ip=49.128.33.86; Authentication-Results: mx.google.com; 
>>>> dkim=temperror (no key for signature) header.i=@mail.pan-asia.in 
>>>> header.s=dkim1 header.b=ia7qahkm; spf=pass (google.com: domain of 
>>>> m...@reliancehrconsulting.com designates 49.128.33.86 as permitted sender) 
>>>> smtp.mailfrom=m...@reliancehrconsulting.com; dmarc=pass (p=NONE sp=NONE 
>>>> dis=NONE) header.from=reliancehrconsulting.com DKIM-Signature: v=1; 
>>>> a=rsa-sha1; c=simple; d=mail.pan-asia.in; h= 
>>>> message-id:date:subject:from:to:mime-version:content-type 
>>>> :content-transfer-encoding; s=dkim1; bh=/edzoYuyn17WXm8KeqcX/R+k hdQ=; 
>>>> b=ia7qahkmumkHx2g7FdiBdtJy5mkw5k/iesJrpNPz5Xswk5VIQ8KUGC0O 
>>>> UZPZEc+WCRME/xtYvU+JMG/86y96fy8NDbBZIOnBc9z7kp7EJxNFKt9WIowOGjpE 
>>>> RH6TgnTeFVW8IkRXb+eTZMO8D01wK27fdffYsp1FFf43v16WBak= Received: (qmail 
>>>> 27072 invoked by uid 89); 27 Sep 2019 09:46:33 -0000 Received: from 
>>>> unknown (HELO mail.reliancehrconsulting.com) 
>>>> (m...@reliancehrconsulting.com@127.0.0.1) by mail.pan-asia.in with ESMTPA; 
>>>> 27 Sep 2019 09:46:33 -0000 Received: from 129.126.169.22 (SquirrelMail 
>>>> authenticated user m...@reliancehrconsulting.com) by 
>>>> mail.reliancehrconsulting.com with HTTP; Fri, 27 Sep 2019 17:46:33 +0800 
>>>> Message-ID: 
>>>> <21567bbff8eb0eb22d4c8b720f400d23.squir...@mail.reliancehrconsulting.com> 
>>>> Date: Fri, 27 Sep 2019 17:46:33 +0800 Subject: test From: 
>>>> m...@reliancehrconsulting.com To: kand...@gmail.com User-Agent: 
>>>> SquirrelMail/1.4.22-0.qt.el6 MIME-Version: 1.0 Content-Type: 
>>>> text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 
>>>> 3 (Normal) Importance: Normal test
>>>>
>>>>
>>>>
>>>>
>>>> On Fri, Sep 27, 2019 at 2:53 PM Eric's mail <ebr...@whitehorsetc.com>
>>>> wrote:
>>>>
>>>>> http://www.qmailtoaster.com/dkim.html
>>>>>
>>>>> Get Outlook for Android <https://aka.ms/ghei36>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> On Thu, Sep 26, 2019 at 10:41 PM -0600, "ChandranManikandan" <
>>>>> kand...@gmail.com> wrote:
>>>>>
>>>>> Hi Andy,
>>>>>>
>>>>>> I have installed DKIM in our server and there is private and public
>>>>>> key on our server.
>>>>>> I have added the public like below in our dns hosting provider
>>>>>> (Godaddy) control panel
>>>>>>
>>>>>> TXT
>>>>>> Host: rhc._domainkey.domainname
>>>>>> TXT value:  k=rsa; p=private key
>>>>>> TTL 1 hour
>>>>>>
>>>>>> But it's not signed in the email.
>>>>>>
>>>>>> I have configured MX,SPF,DMARC and DKIM in DNS server settings.
>>>>>>
>>>>>> Did i made a mistake in DNS settings?
>>>>>>
>>>>>> Could you help me
>>>>>>
>>>>>> On Fri, Sep 27, 2019 at 11:50 AM Andrew Swartz <
>>>>>> awswa...@acsalaska.net> wrote:
>>>>>>
>>>>>>> Your email does not contain a DKIM signature.
>>>>>>>
>>>>>>> The ARC* headers are signatures added by gmail after receipt.
>>>>>>>
>>>>>>> If you had a DKIM signature, it would be below this part of the
>>>>>>> header chain:
>>>>>>>
>>>>>>> Received: from mail.pan-asia.in ([49.128.33.86]) by mx.google.com with 
>>>>>>> ESMTPS id t6si1129421pgt.557.2019.09.25.21.12.54 for 
>>>>>>> <kand...@gmail.com> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 
>>>>>>> bits=128/128); Wed, 25 Sep 2019 21:12:55 -0700 (PDT) Received-SPF: pass 
>>>>>>> (google.com: domain of m...@reliancehrconsulting.com designates 
>>>>>>> 49.128.33.86 as permitted sender) client-ip=49.128.33.86; 
>>>>>>> Authentication-Results: mx.google.com; spf=pass (google.com: domain of 
>>>>>>> m...@reliancehrconsulting.com designates 49.128.33.86 as permitted 
>>>>>>> sender) smtp.mailfrom=m...@reliancehrconsulting.com; dmarc=pass (p=NONE 
>>>>>>> sp=NONE dis=NONE) header.from=reliancehrconsulting.com
>>>>>>>
>>>>>>>
>>>>>>> That and everything above it was added by gmail.
>>>>>>>
>>>>>>> You may have set up the DNS part of DKIM, but your server does not
>>>>>>> seem to be signing the emails.
>>>>>>>
>>>>>>> When you get it working, you can test by sending an email to a
>>>>>>> reflector, like this:
>>>>>>>
>>>>>>> sa-t...@sendmail.net
>>>>>>>
>>>>>>> It will analyze the smtp session and the email and then email the
>>>>>>> results back to you.
>>>>>>>
>>>>>>> There are several other reflectors listed at the bottom of this
>>>>>>> page:
>>>>>>>
>>>>>>>
>>>>>>> https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/118571-technote-esa-00.html
>>>>>>>
>>>>>>>
>>>>>>> Hope this helps,
>>>>>>>
>>>>>>> -Andy
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On 9/25/2019 8:39 PM, ChandranManikandan wrote:
>>>>>>>
>>>>>>> Hi Friends,
>>>>>>>
>>>>>>> I have tried to send an test email from my domain to gmail.
>>>>>>> It is going the gmail spam folder and i have configured SPF and
>>>>>>> DMARC in dns.
>>>>>>>
>>>>>>> Could you look at the below message header in gmail and help me to
>>>>>>> solve this problem.
>>>>>>>
>>>>>>> Delivered-To: kand...@gmail.com Received: by 2002:ac0:bf91:0:0:0:0:0 
>>>>>>> with SMTP id o17csp1656435imk; Wed, 25 Sep 2019 21:12:55 -0700 (PDT) 
>>>>>>> X-Google-Smtp-Source: 
>>>>>>> APXvYqxiLedyv3u6JDrnZQHvyrvIcmrH9n2kSrdj3NOCigD3cs53Rm6tgsJPdMbI9UBNqbqOc1Hz
>>>>>>>  X-Received: by 2002:a63:1720:: with SMTP id 
>>>>>>> x32mr1332168pgl.289.1569471175444; Wed, 25 Sep 2019 21:12:55 -0700 
>>>>>>> (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1569471175; cv=none; d=google.com; 
>>>>>>> s=arc-20160816; 
>>>>>>> b=JGxA7PMxFt1qrwUPb9SXj40SHUhyOOPo+pENSvAaYhLkzdijEWpCgu5KWAW3yEfvWA 
>>>>>>> a2+Q9sPT9qJQZlwFvFmH4ZRi20KCLo9RMvbkRSW3L/L8Lzztic/OCfj2+o1HKmCKl4gk 
>>>>>>> bPWD4Tv9a/0Zg+EqIFUgJD0QhpFnSXMHmw59RoD3EurAA7zex+55NNRdnS2o7aluru0U 
>>>>>>> dYI9xixpZd276FwfDDy+FLSh5EYuYTmjkXEMEgmbNCMhGQ5WQ9AASzwVyDbXhFt9ixSN 
>>>>>>> JB8MKPw3P8cDyX/+Db1WoflU82H2KbVV+ON4GFhrvDVYkpQiWHbASNVipQfPj2YSItPP 
>>>>>>> g6Ng== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; 
>>>>>>> d=google.com; s=arc-20160816; 
>>>>>>> h=importance:content-transfer-encoding:mime-version:user-agent:cc:to 
>>>>>>> :from:subject:date:message-id; 
>>>>>>> bh=g3zLYH4xKxcPrHOD18z9YfpQcnk/GaJedfustWU5uGs=; 
>>>>>>> b=XDv2dnoYR6tpeltyJ8tD82IKUIGCs0888LAX5xt4MqpL8IPAcUqA8xYLJvNx+heJH/ 
>>>>>>> 5xT0tBciuRolqjCA7jRI2BSSTGmO7wKoEuuL8uvaYfpxM+7eGTNpnIV0mLH3V9z7SUr0 
>>>>>>> /Wcr/O3KstHzBxoYgAc71UguXyLG6LarOFgjcxvpVh4k3FbMKXJy+7wDDJC5zCfAcSQr 
>>>>>>> VrmJqYWJsc4VcgFrs0+O024BqMmlrLn5WycmtpLAZ0LP/tflbx4OzMMoL+K3AvpIdccB 
>>>>>>> hHtkCIyNislpUv6EqxxZLvumM2ysFL4Dd7M06ZpBxm5gIA3HVOL33E7JY2YQefIHv/io 
>>>>>>> vIpg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass 
>>>>>>> (google.com: domain of m...@reliancehrconsulting.com designates 
>>>>>>> 49.128.33.86 as permitted sender) 
>>>>>>> smtp.mailfrom=m...@reliancehrconsulting.com; dmarc=pass (p=NONE sp=NONE 
>>>>>>> dis=NONE) header.from=reliancehrconsulting.com Return-Path: 
>>>>>>> <m...@reliancehrconsulting.com> Received: from mail.pan-asia.in 
>>>>>>> ([49.128.33.86]) by mx.google.com with ESMTPS id 
>>>>>>> t6si1129421pgt.557.2019.09.25.21.12.54 for <kand...@gmail.com> 
>>>>>>> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 
>>>>>>> 25 Sep 2019 21:12:55 -0700 (PDT) Received-SPF: pass (google.com: domain 
>>>>>>> of m...@reliancehrconsulting.com designates 49.128.33.86 as permitted 
>>>>>>> sender) client-ip=49.128.33.86; Authentication-Results: mx.google.com; 
>>>>>>> spf=pass (google.com: domain of m...@reliancehrconsulting.com 
>>>>>>> designates 49.128.33.86 as permitted sender) 
>>>>>>> smtp.mailfrom=m...@reliancehrconsulting.com; dmarc=pass (p=NONE sp=NONE 
>>>>>>> dis=NONE) header.from=reliancehrconsulting.com Received: (qmail 11583 
>>>>>>> invoked by uid 89); 26 Sep 2019 04:12:53 -0000 Received: from unknown 
>>>>>>> (HELO mail.reliancehrconsulting.com) 
>>>>>>> (m...@reliancehrconsulting.com@127.0.0.1) by mail.pan-asia.in with 
>>>>>>> ESMTPA; 26 Sep 2019 04:12:53 -0000 Received: from 129.126.169.22 
>>>>>>> (SquirrelMail authenticated user m...@reliancehrconsulting.com) by 
>>>>>>> mail.reliancehrconsulting.com with HTTP; Thu, 26 Sep 2019 12:12:53 
>>>>>>> +0800 Message-ID: 
>>>>>>> <afd61f84dae4a2d7454e332d9f725c75.squir...@mail.reliancehrconsulting.com>
>>>>>>>  Date: Thu, 26 Sep 2019 12:12:53 +0800 Subject: test From: 
>>>>>>> m...@reliancehrconsulting.com To: kand...@gmail.com Cc: 
>>>>>>> m...@reliancehrconsulting.com User-Agent: SquirrelMail/1.4.22-0.qt.el6 
>>>>>>> MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 
>>>>>>> Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: 
>>>>>>> Normal test
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>>
>>>>>>>
>>>>>>> *Regards, Manikandan.C *
>>>>>>>
>>>>>>>
>>>>>>
>>>>>> --
>>>>>>
>>>>>>
>>>>>> *Regards, Manikandan.C *
>>>>>>
>>>>>
>>>>
>>>> --
>>>>
>>>>
>>>> *Regards, Manikandan.C *
>>>>
>>>>
>>>
>>> --
>>>
>>>
>>> *Regards,Manikandan.C*
>>>
>>
>
> --
>
>
> *Regards,Manikandan.C*
>
>

-- 


*Regards,Manikandan.C*

Reply via email to