Thank you so much Eric! Appreciate your quick help! It's showing it is signed with v=1 now...
DKIM-Signature: v=1; a=rsa-sha1; c=simple; d=geekgoddess.com; h=date :subject:from:to:message-id:mime-version:content-type; s=dkim1; bh=9sA6PYXljO64Lmr7hUa3XFZHkFo=; b=Biqw0M5pY2ecwqjEtDykJHKvWtmk VXejz9cQzUph59geqcPhcvnQIrAdSm91IbnJzNkz8E2e0/NTDYZVabuHQrirMoSc QhB/X5MtE4Fr8JZ3N3tuerxS9dEf+yql1/5T9SAxFmiuBatUZRDuRmgUiwdL9aia 5FdNBkZtv3iCCgE= And I tested by sending to port25.com: This message is an automatic response from Port25's authentication verifier service at verifier.port25.com. The service allows email senders to perform a simple check of various sender authentication mechanisms. It is provided free of charge, in the hope that it is useful to the email community. While it is not officially supported, we welcome any feedback you may have at <verifier-feedb...@port25.com>. Thank you for using the verifier, The Port25 Solutions, Inc. team ========================================================== Summary of Results ========================================================== SPF check: pass "iprev" check: pass DKIM check: pass SpamAssassin check: ham From: Eric Broch <ebr...@whitehorsetc.com> Reply-To: <qmailtoaster-list@qmailtoaster.com> Date: Monday, December 16, 2019 at 1:33 PM To: <qmailtoaster-list@qmailtoaster.com> Subject: Re: [qmailtoaster] DKIM not signed? Observations on your system: 1) qmail-remote is a binary (should be a perl script) 2) qmail-remote is newer than qmail-remote.orig (qmail-remote.orig is not being used at all) 3) qmail-remote with QMT DKIM setup should be a perl script and is not. I can tell that qmail-remote is a binary by the size of the file Save qmail-remote.orig to qmail-remote.orig.bak and go through the process I outlined in the previous email. On 12/16/2019 11:26 AM, Jaime Lerner wrote: > > Sorry, it's there: > > > > > > > -rws--x--x 1 qmailq qmail 27040 Apr 20 2017 qmail-queue.orig > > > -rwx--x--x 1 root qmail 56080 Apr 20 2017 qmail-remote > > > -rwx--x--x 1 root qmail 56080 Feb 6 2015 qmail-remote.orig > > > > > > > > > From: Eric Broch <ebr...@whitehorsetc.com> > Reply-To: <qmailtoaster-list@qmailtoaster.com> > Date: Monday, December 16, 2019 at 1:18 PM > To: <qmailtoaster-list@qmailtoaster.com> > Subject: Re: [qmailtoaster] DKIM not signed? > > > > > > > > > Jamie, > > > From the looks of your setup I'd recommend the following procedure (In a > directory other than /var/qmail/bin) : > > > 1. # wget https://raw.githubusercontent.com/qmtoaster/dkim/master/qmail-remote > 2. # qmailctl stop > 3. # mv /var/qmail/bin/qmail-remote /var/qmail/bin/qmail-remote.orig > 4. # mv qmail-remote /var/qmail/bin > 5. # chmod 777 /var/qmail/bin/qmail-remote > 6. # chown root:qmail /var/qmail/bin/qmail-remote > 7. # qmailctl start > > Eric > > > > > On 12/16/2019 10:41 AM, Eric's mail wrote: > > >> >> qmail-remote should be the perl script and the original remote renamed to >> qmail-remote.orig >> >> >> >> >> Eric's email, phone >> >> >> >> >> >> >> On Mon, Dec 16, 2019 at 9:28 AM -0700, "Jaime Lerner" >> <jaimeler...@geekgoddess.com> wrote: >> >> >>> >>> >>> >>> >>> [root@mail bin]# ls -al >>> >>> >>> total 1452 >>> >>> >>> drwxr-xr-x 2 root qmail 4096 Dec 16 10:36 . >>> >>> >>> drwxr-xr-x 12 root qmail 4096 Apr 8 2019 .. >>> >>> >>> -rwxr-xr-x 1 root qmail 14480 Apr 20 2017 bouncesaying >>> >>> >>> -rwxr-xr-x 1 root qmail 31184 Apr 20 2017 condredirect >>> >>> >>> -rwxr-xr-x 1 root qmail 1087 Apr 20 2017 config-fast >>> >>> >>> -rwxr-xr-x 1 root qmail 126 Apr 20 2017 datemail >>> >>> >>> -rwxr-xr-x 1 root qmail 928 Apr 20 2017 dh_key >>> >>> >>> -rwxr-xr-x 1 root qmail 114 Apr 20 2017 elq >>> >>> >>> -rwxr-xr-x 1 root qmail 14480 Apr 20 2017 except >>> >>> >>> -rwxr-xr-x 1 root qmail 31152 Apr 20 2017 forward >>> >>> >>> -rwxr-xr-x 1 root qmail 26824 Apr 20 2017 instcheck >>> >>> >>> -rwxr-xr-x 1 root qmail 26920 Apr 20 2017 maildir2mbox >>> >>> >>> -rwxr-xr-x 1 root qmail 14504 Apr 20 2017 maildirmake >>> >>> >>> -rwxr-xr-x 1 root qmail 22856 Apr 20 2017 maildirwatch >>> >>> >>> -rwxr-xr-x 1 root qmail 179 Apr 20 2017 mailsubj >>> >>> >>> -rwxr-xr-x 1 root qmail 8259 Apr 20 2017 makecert.sh >>> >>> >>> -rwxr-xr-x 1 root qmail 115 Apr 20 2017 pinq >>> >>> >>> -rwxr-xr-x 1 root qmail 18824 Apr 20 2017 predate >>> >>> >>> -rwxr-xr-x 1 root qmail 18760 Apr 20 2017 preline >>> >>> >>> -rwxr-xr-x 1 root qmail 115 Apr 20 2017 qail >>> >>> >>> -rwxr-xr-x 1 root qmail 18728 Apr 20 2017 qbiff >>> >>> >>> -rwxr-xr-x 1 root qmail 18672 Apr 20 2017 qmail-badloadertypes >>> >>> >>> -rwxr-xr-x 1 root qmail 18672 Apr 20 2017 qmail-badmimetypes >>> >>> >>> -rwx--x--x 1 root qmail 14680 Apr 20 2017 qmail-clean >>> >>> >>> -rws--x--x 1 qmailq qmail 52096 Apr 20 2017 qmail-dk >>> >>> >>> -rwx--x--x 1 root qmail 10416 Apr 20 2017 qmail-getpw >>> >>> >>> -rwxr-xr-x 1 root qmail 51728 Apr 20 2017 qmail-inject >>> >>> >>> -rwx--x--x 1 root qmail 64120 Apr 20 2017 qmail-local >>> >>> >>> -rwx------ 1 root qmail 22848 Apr 20 2017 qmail-lspawn >>> >>> >>> -rwx------ 1 root qmail 18672 Apr 20 2017 qmail-newmrh >>> >>> >>> -rwx------ 1 root qmail 14576 Apr 20 2017 qmail-newu >>> >>> >>> -rwx--x--x 1 root qmail 22904 Apr 20 2017 qmail-pw2u >>> >>> >>> -rwxr-xr-x 1 root qmail 18744 Apr 20 2017 qmail-qmqpc >>> >>> >>> -rwxr-xr-x 1 root qmail 22832 Apr 20 2017 qmail-qmqpd >>> >>> >>> -rwxr-xr-x 1 root qmail 31032 Apr 20 2017 qmail-qmtpd >>> >>> >>> -rwxr-xr-x 1 root qmail 22776 Apr 20 2017 qmail-qread >>> >>> >>> -rwxr-xr-x 1 root qmail 371 Apr 20 2017 qmail-qstat >>> >>> >>> lrwxrwxrwx 1 root root 23 Apr 8 2019 qmail-queue -> >>> /var/qmail/bin/qmail-dk >>> >>> >>> -rws--x--x 1 qmailq qmail 27040 Apr 20 2017 qmail-queue.orig >>> >>> >>> -rwx--x--x 1 root qmail 56080 Apr 20 2017 qmail-remote >>> >>> >>> -rwx--x--x 1 root qmail 18704 Apr 20 2017 qmail-rspawn >>> >>> >>> -rwx--x--x 1 root qmail 59936 Apr 20 2017 qmail-send >>> >>> >>> -rwxr-xr-x 1 root qmail 22816 Apr 20 2017 qmail-showctl >>> >>> >>> -rwxr-xr-x 1 root qmail 205680 Apr 20 2017 qmail-smtpd >>> >>> >>> -rwx------ 1 root qmail 10424 Apr 20 2017 qmail-start >>> >>> >>> -rwxr-xr-x 1 root qmail 14512 Apr 20 2017 qmail-tcpok >>> >>> >>> -rwxr-xr-x 1 root qmail 14544 Apr 20 2017 qmail-tcpto >>> >>> >>> -rwxr-xr-x 1 root qmail 31152 Apr 20 2017 qreceipt >>> >>> >>> -rwxr-xr-x 1 root qmail 14568 Apr 20 2017 qsmhook >>> >>> >>> -rwxr-xr-x 1 root qmail 14576 Apr 20 2017 sendmail >>> >>> >>> -rws--x--x 1 clamav root 34774 Apr 6 2016 simscan >>> >>> >>> -rwsr-xr-x 1 root root 24461 Apr 6 2016 simscanmk >>> >>> >>> -rwxr-xr-x 1 root qmail 35528 Apr 20 2017 spfquery >>> >>> >>> -rwx--x--x 1 root qmail 10504 Apr 20 2017 splogger >>> >>> >>> -rwxr-xr-x 1 root qmail 31152 Apr 20 2017 srsfilter >>> >>> >>> -rwxr-xr-x 1 root qmail 26864 Apr 20 2017 tcp-env >>> >>> >>> -rwxr-xr-x 1 root root 618 Dec 24 2013 update-simscan >>> >>> >>> >>> >>> >>> >>> >>> >>> From: Eric's mail <ebr...@whitehorsetc.com> >>> Reply-To: <qmailtoaster-list@qmailtoaster.com> >>> Date: Monday, December 16, 2019 at 11:03 AM >>> To: <qmailtoaster-list@qmailtoaster.com> >>> Subject: Re: [qmailtoaster] DKIM not signed? >>> >>> >>> >>> >>> >>> >>> >>> Soory list bin dir as well >>> >>> >>> >>> >>> Eric's email, phone >>> >>> >>> >>> >>> >>> >>> On Mon, Dec 16, 2019 at 8:46 AM -0700, "Jaime Lerner" >>> <jaimeler...@geekgoddess.com> wrote: >>> >>> >>>> >>>> >>>> Not sure what you mean by "dump qmail-remote"? You mean just do a hexdump? >>>> (hex and ascii side by side?) >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> [root@mail control]# ls -al >>>> >>>> >>>> total 180 >>>> >>>> >>>> drwxr-xr-x 4 root qmail 4096 Dec 16 06:21 . >>>> >>>> >>>> drwxr-xr-x 12 root qmail 4096 Apr 8 2019 .. >>>> >>>> >>>> -rw-r--r-- 1 root qmail 32 Apr 20 2017 badloadertypes >>>> >>>> >>>> -rw-r--r-- 1 root root 2048 Apr 8 2019 badloadertypes.cdb >>>> >>>> >>>> -rw-r--r-- 1 root qmail 39 Jun 20 2016 badmailfrom >>>> >>>> >>>> -rw-r--r-- 1 root qmail 123 Jun 11 2016 badmailto >>>> >>>> >>>> -rw-r--r-- 1 root qmail 360 Apr 20 2017 badmimetypes >>>> >>>> >>>> -rw-r--r-- 1 root root 2048 Apr 8 2019 badmimetypes.cdb >>>> >>>> >>>> lrwxrwxrwx 1 root qmail 14 Apr 8 2019 clientcert.pem -> >>>> servercert.pem >>>> >>>> >>>> -rw-r--r-- 1 root qmail 4 Apr 20 2017 concurrencyincoming >>>> >>>> >>>> -rw-r--r-- 1 root qmail 3 Apr 20 2017 concurrencyremote >>>> >>>> >>>> -rw-r--r-- 1 root qmail 9 May 18 2016 databytes >>>> >>>> >>>> -rw-r--r-- 1 root qmail 11 Apr 20 2017 defaultdelivery >>>> >>>> >>>> -rw-r--r-- 1 root qmail 16 May 17 2016 defaultdomain >>>> >>>> >>>> -rw-r--r-- 1 root qmail 16 May 17 2016 defaulthost >>>> >>>> >>>> -rw-r--r-- 1 root qmail 245 Dec 16 01:01 dh1024.pem >>>> >>>> >>>> -rw-r--r-- 1 root qmail 156 Dec 16 01:01 dh512.pem >>>> >>>> >>>> drwxr-xr-x 2 qmailr qmail 4096 May 20 2016 dkim >>>> >>>> >>>> drwxr-xr-x 4 root qmail 4096 Apr 20 2017 domainkeys >>>> >>>> >>>> -rw-r--r-- 1 root root 13 Jun 11 2016 doublebounceto >>>> >>>> >>>> -rw-r--r-- 1 root root 10 Jul 3 11:40 locals >>>> >>>> >>>> -rw------- 1 root root 0 May 17 2016 locals.lock >>>> >>>> >>>> -rw-r--r-- 1 root qmail 4 Apr 20 2017 logcount >>>> >>>> >>>> -rw-r--r-- 1 root qmail 8 Apr 20 2017 logsize >>>> >>>> >>>> -rw-r--r-- 1 root qmail 16 May 20 2016 me >>>> >>>> >>>> -rw-r--r-- 1 root qmail 16 May 17 2016 plusdomain >>>> >>>> >>>> -rw-r--r-- 1 root qmail 0 Apr 20 2017 policy >>>> >>>> >>>> -rw-r--r-- 1 root qmail 6 Apr 20 2017 queuelifetime >>>> >>>> >>>> -rw-r--r-- 1 root root 254 Jul 3 11:40 rcpthosts >>>> >>>> >>>> -rw------- 1 root root 0 May 17 2016 rcpthosts.lock >>>> >>>> >>>> -rw-r--r-- 1 root qmail 497 Dec 16 01:01 rsa512.pem >>>> >>>> >>>> -rw-r--r-- 1 root qmail 493 May 17 2016 rsa512.pem.safe >>>> >>>> >>>> -rw-r----- 1 root vchkpw 8844 Dec 12 02:08 servercert.pem >>>> >>>> >>>> -rw-r--r-- 1 clamav root 53 Aug 9 2018 simcontrol >>>> >>>> >>>> -rw-r--r-- 1 root clamav 2123 Dec 16 06:21 simcontrol.cdb >>>> >>>> >>>> -rw-r--r-- 1 root clamav 2167 Dec 16 06:21 simversions.cdb >>>> >>>> >>>> -rw-r--r-- 1 root qmail 49 May 19 2016 smtpgreeting >>>> >>>> >>>> -rw-r--r-- 1 root qmail 0 Apr 20 2017 smtproutes >>>> >>>> >>>> -rw-r--r-- 1 root qmail 2 Apr 20 2017 spfbehavior >>>> >>>> >>>> lrwxrwxrwx 1 root root 35 Apr 8 2019 tlsclientciphers -> >>>> /var/qmail/control/tlsserverciphers >>>> >>>> >>>> -rw-r--r-- 1 root qmail 1767 Apr 8 2019 tlsserverciphers >>>> >>>> >>>> -rw-r--r-- 1 root root 466 Jul 3 11:40 virtualdomains >>>> >>>> >>>> -rw------- 1 root root 0 May 17 2016 virtualdomains.lock >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> From: Eric Broch <ebr...@whitehorsetc.com> >>>> Reply-To: <qmailtoaster-list@qmailtoaster.com> >>>> Date: Monday, December 16, 2019 at 10:28 AM >>>> To: <qmailtoaster-list@qmailtoaster.com> >>>> Subject: Re: [qmailtoaster] DKIM not signed? >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> >>>> Can you list the control directory and dump qmail-remote? >>>> >>>> >>>> >>>> >>>> >>>> On 12/16/2019 8:25 AM, Jaime Lerner wrote: >>>> >>>> >>>>> >>>>> Yes, I have the directory: >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> [root@mail dkim]# ls -al >>>>> >>>>> >>>>> total 20 >>>>> >>>>> >>>>> drwxr-xr-x 2 qmailr qmail 4096 May 20 2016 . >>>>> >>>>> >>>>> drwxr-xr-x 4 root qmail 4096 Dec 16 06:21 .. >>>>> >>>>> >>>>> -rw-r--r-- 1 root root 891 May 20 2016 global.key >>>>> >>>>> >>>>> -rw-r--r-- 1 root root 241 May 20 2016 public.txt >>>>> >>>>> >>>>> -rw-r--r-- 1 qmailr qmail 250 May 20 2016 signconf.xml >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> From: Remo Mattei <r...@mattei.org> >>>>> Reply-To: <qmailtoaster-list@qmailtoaster.com> >>>>> Date: Sunday, December 15, 2019 at 12:56 AM >>>>> To: <qmailtoaster-list@qmailtoaster.com> >>>>> Subject: Re: [qmailtoaster] DKIM not signed? >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> Well when I check google for the signature itβs not there. So my answer >>>>> will be yes. If I use other clients the DKIM is there. >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> β >>>>> Remo >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> >>>>>> >>>>>> >>>>>> On Saturday, Dec 14, 2019 at 21:47, Erics mail <ebr...@whitehorsetc.com> >>>>>> wrote: >>>>>> >>>>>> >>>>>> >>>>>> Does it stop the qmail server from signing a message? >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> Get Outlook for Android <https://aka.ms/ghei36> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> On Sat, Dec 14, 2019 at 10:40 PM -0700, "Remo Mattei" <r...@mattei.org> >>>>>> wrote: >>>>>> >>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> You are right Eric, I was just refering to Apple Mail client as it does >>>>>>> not set DKIM on the msg. Different issue. >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> β >>>>>>> Remo >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> On Saturday, Dec 14, 2019 at 21:32, Erics mail <ebr...@whitehorsetc.com> >>>>>>> wrote: >>>>>>> >>>>>>> >>>>>>> >>>>>>> Is apple mail a client? Not sure how that will stop the server from >>>>>>> signing an email. >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> Get Outlook for Android <https://aka.ms/ghei36> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> On Sat, Dec 14, 2019 at 6:08 PM -0700, "Remo Mattei" <r...@mattei.org> >>>>>>> wrote: >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> I found that if you use Apple Mail it will not sign it. Just my 2 cents >>>>>>> on that. >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> β >>>>>>> Remo >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> On Saturday, Dec 14, 2019 at 16:43, Eric Broch <ebr...@whitehorsetc.com> >>>>>>> wrote: >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> Do you have a directory /var/qmail/control/dkim? >>>>>>> >>>>>>> >>>>>>> What's in that directory if it exists? >>>>>>> >>>>>>> >>>>>>> On 12/13/2019 10:20 AM, Jaime Lerner wrote: >>>>>>> >>>>>>> >>>>>>> >>>>>>> I was doing some testing and every test is showing my DKIM is not >>>>>>> signed. It used to be signed when I set it up in 2016, but I'm thinking >>>>>>> something has changed since then? I followed this >>>>>>> http://wiki.qmailtoaster.com/index.php/How_to_Setup_DKIM_with_Qmail_Toas >>>>>>> ter at the time, but I can see that the VERSION of DKIM is now required >>>>>>> and may not have been required at the time. I updated my DNS to include >>>>>>> the "v=DKIM1" tag, but I don't know how to add the "v=1" tag to the >>>>>>> signature that is generated out of Qmail. Where can I change the tags >>>>>>> that are generated? >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> It's also signing as "DomainKey-Signature" and not "DKIM-Signature" >>>>>>> which I believe is the new header to use? (Generated header below) >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=private; >>>>>>> d=geekgoddess.com; >>>>>>> b=MoE5S1hg4Oii5QddaknpLRwvr6BLFjRxGb6yqFQyTbqOegkhbUiIbKKQNF1/CXabl5rSwJ >>>>>>> 60MTkOwKKQGJBzKL9XFlgbKw1pyPfep5D/vTrcMvxXdFjNWOYq3rZgbbnUjQh4yJc9H5XZHA >>>>>>> nvZJOnNfkjQoAk7lZ+mTiZ1zomiKM=; >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>> >>>>> >>>>> >>>> >>>> >>>> >>>> >>> >>> >>> >>> >>> >> >> > > >