RE: [qmailtoaster] dkim on qmailtoaster
Thanks everyone! I got it working with your help and used your openSSL commands (which I appreciate) / opendkim for the other domains. I really appreciate your time and explanations. > From: Eric Broch > The global entry is for everything not specified by domain entries and > disabled domain entries, e.g.: , in the > signconf.xml > > On 7/30/2020 2:11 PM, Charles Amstutz wrote: > > Thanks. That helps. Is the global for the server? And the domains for each > domain? > > > > From: Tahnan Al Anas > > > > Hi, > > > > You need to write sig file for each domain. like see my below file. and you > also need to put txt file content at your dns. > > > > > > > > > keyfile="/var/qmail/control/dkim/global.key" method="simple" > > selector="dkim1"> > > > > > > > > <http://xyz.com domain="http://xyz.com; > > keyfile="/var/qmail/control/dkim/xyz.com.key" selector="dkim1"> > > > > > > http://xyz.com> > > > > <http://abc.com domain="http://abc.com; > > keyfile="/var/qmail/control/dkim/abc.com.key" selector="dkim1"> > > > > > > http://abc.com> > > > > <http://bbc.com domain="http://bbc.com; > > keyfile="/var/qmail/control/dkim/bbc.com.key" selector="dkim1"> > > > > > > http://bbc.com> > > > > > > > > -- > > -- > > > > Best Regards > > Muhammad Tahnan Al Anas > > > > > > On Fri, Jul 31, 2020 at 2:00 AM Charles Amstutz > <mailto:charl...@binary.net> wrote: > > Thanks, I appreciate you taking the time to write this up. As I > > understand the dkim doc (on the website) > > > > The globalkey is for all domains? If I want to host multiple domains, I > would need to create a key for each domain? And then put I in signconf.xml? > > > > Or do I need both? > > > > From: Eric Broch <mailto:ebr...@whitehorsetc.com> > > > > # cd /var/qmail/control/dkim > > # openssl genrsa -out ./global.key 2048 && openssl rsa -in > > ./global.key -pubout -out ./temp.txt # cat ./temp.txt | grep -v - | tr > > -d '\n' | sed '1s/^/dkim1 IN TXT "k=rsa; p=/' &> ./public.txt && echo "\"" > >> ./public.txt && rm ./temp.txt On 7/30/2020 12:33 PM, Eric Broch wrote: > > You can generate a key with openssl > > https://lxadm.com/Generating_DKIM_key_with_openssl > > I'll do a write up for this. Sorry > > On 7/30/2020 12:30 PM, Charles Amstutz wrote: > > Hello, > > > > I'm trying to follow the steps on qmailtoaster's dkim steps. > > > > a. # dknewkey /var/qmail/control/dkim/global.key 1024 > > > /var/qmail/control/dkim/public.txt > > b. # perl -pi -e 's/global.key._domainkey/dkim1/' > > /var/qmail/control/dkim/public.txt > > > > > > I'm using centos 8. Everything is working fine except that I can't locate > dknewkey and not sure if /var/qmail/control/dkim/global.key was supposed > to be generated beforehand. As it is not there. Is dknewkey depreciated? > Also, is global.key supposed to be there? I saw in one mailing list archive > from 2017 (something like libdomainkeys) to install this package that no > longer exists. > > > > If it has been depreciated. Is there any replacement/updates. > > > > Thanks > > > > - > > To unsubscribe, e-mail: > > mailto:qmailtoaster-list-unsubscr...@qmailtoaster.com > > For additional commands, e-mail: > > mailto:qmailtoaster-list-h...@qmailtoaster.com > > > > - > > To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com > > For additional commands, e-mail: > > qmailtoaster-list-h...@qmailtoaster.com > > > > - > To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com > For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
RE: [qmailtoaster] dkim on qmailtoaster
Thanks. That helps. Is the global for the server? And the domains for each domain? From: Tahnan Al Anas Hi, You need to write sig file for each domain. like see my below file. and you also need to put txt file content at your dns. <http://xyz.com domain="http://xyz.com; keyfile="/var/qmail/control/dkim/xyz.com.key" selector="dkim1"> http://xyz.com> <http://abc.com domain="http://abc.com; keyfile="/var/qmail/control/dkim/abc.com.key" selector="dkim1"> http://abc.com> <http://bbc.com domain="http://bbc.com; keyfile="/var/qmail/control/dkim/bbc.com.key" selector="dkim1"> http://bbc.com> -- -- Best Regards Muhammad Tahnan Al Anas On Fri, Jul 31, 2020 at 2:00 AM Charles Amstutz <mailto:charl...@binary.net> wrote: Thanks, I appreciate you taking the time to write this up. As I understand the dkim doc (on the website) The globalkey is for all domains? If I want to host multiple domains, I would need to create a key for each domain? And then put I in signconf.xml? Or do I need both? From: Eric Broch <mailto:ebr...@whitehorsetc.com> # cd /var/qmail/control/dkim # openssl genrsa -out ./global.key 2048 && openssl rsa -in ./global.key -pubout -out ./temp.txt # cat ./temp.txt | grep -v - | tr -d '\n' | sed '1s/^/dkim1 IN TXT "k=rsa; p=/' &> ./public.txt && echo "\"" >> ./public.txt && rm ./temp.txt On 7/30/2020 12:33 PM, Eric Broch wrote: You can generate a key with openssl https://lxadm.com/Generating_DKIM_key_with_openssl I'll do a write up for this. Sorry On 7/30/2020 12:30 PM, Charles Amstutz wrote: Hello, I'm trying to follow the steps on qmailtoaster's dkim steps. a. # dknewkey /var/qmail/control/dkim/global.key 1024 > /var/qmail/control/dkim/public.txt b. # perl -pi -e 's/global.key._domainkey/dkim1/' /var/qmail/control/dkim/public.txt I'm using centos 8. Everything is working fine except that I can't locate dknewkey and not sure if /var/qmail/control/dkim/global.key was supposed to be generated beforehand. As it is not there. Is dknewkey depreciated? Also, is global.key supposed to be there? I saw in one mailing list archive from 2017 (something like libdomainkeys) to install this package that no longer exists. If it has been depreciated. Is there any replacement/updates. Thanks - To unsubscribe, e-mail: mailto:qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: mailto:qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
RE: [qmailtoaster] dkim on qmailtoaster
Thanks, I appreciate you taking the time to write this up. As I understand the dkim doc (on the website) The globalkey is for all domains? If I want to host multiple domains, I would need to create a key for each domain? And then put I in signconf.xml? Or do I need both? From: Eric Broch # cd /var/qmail/control/dkim # openssl genrsa -out ./global.key 2048 && openssl rsa -in ./global.key -pubout -out ./temp.txt # cat ./temp.txt | grep -v - | tr -d '\n' | sed '1s/^/dkim1 IN TXT "k=rsa; p=/' &> ./public.txt && echo "\"" >> ./public.txt && rm ./temp.txt On 7/30/2020 12:33 PM, Eric Broch wrote: You can generate a key with openssl https://lxadm.com/Generating_DKIM_key_with_openssl I'll do a write up for this. Sorry On 7/30/2020 12:30 PM, Charles Amstutz wrote: Hello, I'm trying to follow the steps on qmailtoaster's dkim steps. a. # dknewkey /var/qmail/control/dkim/global.key 1024 > /var/qmail/control/dkim/public.txt b. # perl -pi -e 's/global.key._domainkey/dkim1/' /var/qmail/control/dkim/public.txt I'm using centos 8. Everything is working fine except that I can't locate dknewkey and not sure if /var/qmail/control/dkim/global.key was supposed to be generated beforehand. As it is not there. Is dknewkey depreciated? Also, is global.key supposed to be there? I saw in one mailing list archive from 2017 (something like libdomainkeys) to install this package that no longer exists. If it has been depreciated. Is there any replacement/updates. Thanks - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] dkim on qmailtoaster
Hello, I'm trying to follow the steps on qmailtoaster's dkim steps. a. # dknewkey /var/qmail/control/dkim/global.key 1024 > /var/qmail/control/dkim/public.txt b. # perl -pi -e 's/global.key._domainkey/dkim1/' /var/qmail/control/dkim/public.txt I'm using centos 8. Everything is working fine except that I can't locate dknewkey and not sure if /var/qmail/control/dkim/global.key was supposed to be generated beforehand. As it is not there. Is dknewkey depreciated? Also, is global.key supposed to be there? I saw in one mailing list archive from 2017 (something like libdomainkeys) to install this package that no longer exists. If it has been depreciated. Is there any replacement/updates. Thanks
