Re: [qmailtoaster] DKIM problem.

2020-03-18 Thread Eric Broch 
I believe it is the way in which the mail client formats the header. 
I've not been able to figure it out although I haven't put much time 
into it.


On 3/18/2020 10:12 AM, Erald (nnservices) wrote:
Actually I did.. Tested it again with webmail and this is working. Is 
there any way to get this working correctly with apple mail? Are there 
any other mail programs which do not work (I know about round cube text)


Thank you

On Mar 17, 2020, at 9:28 AM, Remo Mattei > wrote:


Hello if you are using Apple Mail it will fail.

Remo

On Mar 17, 2020, at 09:08, Erald Non > wrote:


I used both tests test one gave me back Result: fail 
(signature doesn't verify)

Checking the dkim key it was using the right one
Test two gave me Key ok




Sent from my iPad

On Mar 17, 2020, at 8:16 AM, Eric Broch > wrote:




What methods did you use to test that domain. There are 2 on the 
link http://www.qmailtoaster.com/dkim.html


1) In order to test your settings, simply send an email 
to:check-a...@verifier.port25.com  and/orcheck-au...@verifier.port25.com
with the suject of "test" (without the quotes) and "Just testing" in the 
body (also without quotes). It is best but not required
to have a subject and body because this service will also show you how 
spamassassin rated your email. If you have a GMAIL or Yahoo
email account sending to either or both accounts DKIM signatures could be 
verified.
Click to test  
2) To test your DKIM signature wiith OpenDKIM's 'opendkim-testkey' utility 
install opendkim and run the utility:
a) # yum install epel-release opendkim
b) # opendkim-testkey - -dotherdomain.com     
-k /var/qmail/control/dkim/otherdomain.com.key -s dkim1

   opendkim-testkey: using default configfile /etc/opendkim.conf 
opendkim-testkey: /var/qmail/control/dkim/otherdomain.com.key: 
WARNING: unsafe permissions opendkim-testkey: key loaded from 
/var/qmail/control/dkim/otherdomain.com.key opendkim-testkey: 
checking key 'dkim1._domainkey.otherdomain.com 
' opendkim-testkey: key OK



On 3/17/2020 9:04 AM, Erald Non wrote:
Ok that is clear thank you but remains the problem that the dkim 
for a specific domain is not working. See my original posting what 
am I missing


Sent from my iPad


On Mar 16, 2020, at 11:04 PM, ebr...@whitehorsetc.com wrote:


DKIM is the successor to domainkeys (DK).

Have a look here for an explanation: 
https://stackoverflow.com/questions/5580136/differences-between-domainkeys-vs-dkim/5668081#5668081


There are other ways of testing besides yahoo. Look in the notes 
on the qmailtoaster.com  DKIM link.


Get Outlook for Android 




On Mon, Mar 16, 2020 at 11:25 PM -0600, "Erald Non" 
mailto:er...@nn-services.com>> wrote:


Ok can I use domain keys with dkim? Am confused about the two.
Yes I do have the dkim keys in the dns and as said the global works but 
since I have a lot of domains yahoo is sometimes not accepting due to domain 
mismatch so wanted to setup the keys per domain but there a
I always get the fail signature doesn’t verify
I did setup the dns with the new key

Sent from my iPad

> On Mar 16, 2020, at 8:13 PM, Eric Broch wrote: > > The DK* settings in 
tcp.smtp are for domainkeys
which is different than domain keys identified mail (dkim). >
> If you don't use domainkeys you can remove DKSIGN and
DKVERIFY from tcp.smtp and rebuild. > > Also, do you have
your DKIM key set up in your DNS settings? >  On
3/16/2020 5:09 PM, Erald (nnservices) wrote: >> I have
followed the instructions on the page
http://www.qmailtoaster.net/dkim.html >> The global domain
keys are working but when I add an domain key for one of my
domains it indicates me a fail (signature doesn't verify)
when testing. The key is there but seems it cannot verify. >>
My config >> >> >> >> >> >> >> >> >> >> >> Am confused about
the smtp.tcp and think something is wrong there >>
127.:allow,RELAYCLIENT="",DKSIGN="/var/qmail/control/domainkeys/%/private"
>>

:allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="50",CHKUSER_WRONGRCPTLIMIT="10",NOP0FCHECK="1",QMAILQUEUE="/var/qmail/bin/simscan",DKQUEUE="/var/qmail/bin/qmail-queue.orig",DKVERIFY="DEGIJKfh",DKSIGN="/var/qmail/control/domainkeys/%/private"
>> This because I have an old
/var/qmail/control/domainkeys/%/ directory but not for the
domain I am trying to get working. >> What am I missing > >
-
> To unsubscribe, e-mail:
qmailtoaster-list-unsubscr...@qmailtoaster.com > For
additional commands, e-mail:
qmailtoaster-list-h...@qmailtoaster.com
-
To unsubscribe, e-mail:

Re: [qmailtoaster] DKIM problem.

2020-03-18 Thread Erald (nnservices) 
Actually I did.. Tested it again with webmail and this is working. Is there any 
way to get this working correctly with apple mail? Are there any other mail 
programs which do not work (I know about round cube text)

Thank you

> On Mar 17, 2020, at 9:28 AM, Remo Mattei  wrote:
> 
> Hello if you are using Apple Mail it will fail.
> 
> Remo
> 
>> On Mar 17, 2020, at 09:08, Erald Non > > wrote:
>> 
>> I used both tests test one gave me back Result: fail (signature 
>> doesn't verify)
>> Checking the dkim key it was using the right one
>> Test two gave me Key ok
>> 
>> 
>> 
>> 
>> Sent from my iPad
>> 
>>> On Mar 17, 2020, at 8:16 AM, Eric Broch >> > wrote:
>>> 
>>> 
>>> What methods did you use to test that domain. There are 2 on the link 
>>> http://www.qmailtoaster.com/dkim.html 
>>> 
>>> 1) In order to test your settings, simply send an email to: 
>>> check-a...@verifier.port25.com  
>>> and/or check-au...@verifier.port25.com 
>>> 
>>>with the suject of "test" (without the quotes) and "Just testing" in the 
>>> body (also without quotes). It is best but not required
>>>to have a subject and body because this service will also show you how 
>>> spamassassin rated your email. If you have a GMAIL or Yahoo
>>>email account sending to either or both accounts DKIM signatures could 
>>> be verified.
>>>Click to test >> check-a...@verifier.port25.com?subject=test=Just%20testing>
>>> 2) To test your DKIM signature wiith OpenDKIM's 'opendkim-testkey' utility 
>>> install opendkim and run the utility:
>>>a) # yum install epel-release opendkim
>>>b) # opendkim-testkey - -d otherdomain.com  
>>>  -k /var/qmail/control/dkim/otherdomain.com.key -s dkim1
>>> 
>>>   opendkim-testkey: using default configfile /etc/opendkim.conf
>>>   opendkim-testkey: /var/qmail/control/dkim/otherdomain.com.key: 
>>> WARNING: unsafe permissions
>>>   opendkim-testkey: key loaded from 
>>> /var/qmail/control/dkim/otherdomain.com.key
>>>   opendkim-testkey: checking key 'dkim1._domainkey.otherdomain.com 
>>> '
>>>   opendkim-testkey: key OK
>>> 
>>> 
>>> On 3/17/2020 9:04 AM, Erald Non wrote:
 Ok that is clear thank you but remains the problem that the dkim for a 
 specific domain is not working. See my original posting what am I missing
 
 Sent from my iPad
 
> On Mar 16, 2020, at 11:04 PM, ebr...@whitehorsetc.com 
>  wrote:
> 
> 
> DKIM is the successor to domainkeys (DK). 
> 
> Have a look here for an explanation: 
> https://stackoverflow.com/questions/5580136/differences-between-domainkeys-vs-dkim/5668081#5668081
>  
> 
> 
> There are other ways of testing besides yahoo. Look in the notes on the 
> qmailtoaster.com  DKIM link. 
> 
> Get Outlook for Android 
> 
> 
> 
> On Mon, Mar 16, 2020 at 11:25 PM -0600, "Erald Non" 
> mailto:er...@nn-services.com>> wrote:
> 
> Ok can I use domain keys with dkim? Am confused about the two.
> Yes I do have the dkim keys in the dns and as said the global works but 
> since I have a lot of domains yahoo is sometimes not accepting due to 
> domain mismatch so wanted to setup the keys per domain but there a
> I always get the fail signature doesn’t verify
> I did setup the dns with the new key 
> 
> Sent from my iPad
> 
> > On Mar 16, 2020, at 8:13 PM, Eric Broch  wrote:
> > 
> > The DK* settings in tcp.smtp are for domainkeys which is different 
> > than domain keys identified mail (dkim).
> > 
> > If you don't use domainkeys you can remove DKSIGN and DKVERIFY from 
> > tcp.smtp and rebuild.
> > 
> > Also, do you have your DKIM key set up in your DNS settings?
> > 
>  On 3/16/2020 5:09 PM, Erald (nnservices) wrote:
> >> I have followed the instructions on the page 
> >> http://www.qmailtoaster.net/dkim.html 
> >> 
> >> The global domain keys are working but when I add an domain key for 
> >> one of my domains it indicates me a fail  (signature doesn't verify) 
> >> when testing. The key is there but seems it cannot verify.
> >> My config
> >> 
> >> 
> >> 
> >>   
> >> 
> >> 
> >>   
> >>   
> >> 
> >> 
> >> Am confused about the smtp.tcp and think something is wrong there
> >> 127.:allow,RELAYCLIENT="",DKSIGN="/var/qmail/control/domainkeys/%/private"
> >>