The global entry is for everything not specified by domain entries and
disabled domain entries, e.g.: <nonsigneddomain.com />, in the signconf.xml
On 7/30/2020 2:11 PM, Charles Amstutz wrote:
Thanks. That helps. Is the global for the server? And the domains for each
domain?
From: Tahnan Al Anas <tah...@gmail.com>
Hi,
You need to write sig file for each domain. like see my below file. and you
also need to put txt file content at your dns.
<dkimsign>
<!-- per default sign all mails using dkim -->
<global algorithm="rsa-sha1" domain="/var/qmail/control/me"
keyfile="/var/qmail/control/dkim/global.key" method="simple" selector="dkim1">
<types id="dkim" />
</global>
<http://xyz.com domain="http://xyz.com" keyfile="/var/qmail/control/dkim/xyz.com.key"
selector="dkim1">
<types id="dkim" />
<types id="domainkey" method="nofws" />
</http://xyz.com>
<http://abc.com domain="http://abc.com" keyfile="/var/qmail/control/dkim/abc.com.key"
selector="dkim1">
<types id="dkim" />
<types id="domainkey" method="nofws" />
</http://abc.com>
<http://bbc.com domain="http://bbc.com" keyfile="/var/qmail/control/dkim/bbc.com.key"
selector="dkim1">
<types id="dkim" />
<types id="domainkey" method="nofws" />
</http://bbc.com>
</dkimsign>
--
--
Best Regards
Muhammad Tahnan Al Anas
On Fri, Jul 31, 2020 at 2:00 AM Charles Amstutz <mailto:charl...@binary.net>
wrote:
Thanks, I appreciate you taking the time to write this up. As I understand the
dkim doc (on the website)
The globalkey is for all domains? If I want to host multiple domains, I would
need to create a key for each domain? And then put I in signconf.xml?
Or do I need both?
From: Eric Broch <mailto:ebr...@whitehorsetc.com>
# cd /var/qmail/control/dkim
# openssl genrsa -out ./global.key 2048 && openssl rsa -in ./global.key -pubout
-out ./temp.txt
# cat ./temp.txt | grep -v - | tr -d '\n' | sed '1s/^/dkim1 IN TXT "k=rsa; p=/' &> ./public.txt && echo
"\"" >> ./public.txt && rm ./temp.txt
On 7/30/2020 12:33 PM, Eric Broch wrote:
You can generate a key with openssl
https://lxadm.com/Generating_DKIM_key_with_openssl
I'll do a write up for this. Sorry
On 7/30/2020 12:30 PM, Charles Amstutz wrote:
Hello,
I'm trying to follow the steps on qmailtoaster's dkim steps.
a. # dknewkey /var/qmail/control/dkim/global.key 1024 > /var/qmail/control/dkim/public.txt
b. # perl -pi -e 's/global.key._domainkey/dkim1/'
/var/qmail/control/dkim/public.txt
I'm using centos 8. Everything is working fine except that I can't locate dknewkey and not sure if /var/qmail/control/dkim/global.key was supposed to be generated beforehand. As it is not there. Is dknewkey depreciated? Also, is global.key supposed to be there? I saw in one mailing list archive from 2017 (something like libdomainkeys) to install this package that no longer exists.
If it has been depreciated. Is there any replacement/updates.
Thanks
---------------------------------------------------------------------
To unsubscribe, e-mail: mailto:qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: mailto:qmailtoaster-list-h...@qmailtoaster.com
---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
---------------------------------------------------------------------
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com