subject:"\[qmailtoaster\] Domainkeys"

Dear Amit,

 

Have u published the dkim public in the DNS records of all these domains If 
you are using single key for all the domain then all the domain should have 
same key in the dns records.

 

Regards,

 

Anil Aliyan

 

From: Rob Wellard [mailto:r...@brainiacmedia.net] 
Sent: Wednesday, April 14, 2010 12:56 PM
To: qmailtoaster-list@qmailtoaster.com
Subject: RE: [qmailtoaster] domainkeys mulitple domain issue

 

I Guess nobody knows the answer, if i work it out, ill let you know. 

 

Rob

 

From: Amit Dalia [mailto:a...@ikf.co.in] 
Sent: 14 April 2010 05:40
To: qmailtoaster-list@qmailtoaster.com
Subject: Re: [qmailtoaster] domainkeys mulitple domain issue

 

Hi Everyone,

Any help on how to setup DKIM for multiple domains on the same QMT server? I'm 
getting below error.

Regards,

Amit

At Tuesday, 13-04-2010 on 15:46 Amit Dalia wrote:

Hi Everyone,

Even I was going to post this today. I had got around 15 domains on the same 
toaster. I had configure DKIM as per Jake's Video on How to setup DKIM, but it 
is signing only 1 domain perfectly but other domains are getting bad signature.

Authentication-Results: mx.google.com; spf=neutral (google.com: 180.92.170.125 
is neither permitted nor denied by domain of i...@sem-pune.in 
mailto:a...@vanaz.com ) smtp.mail= mailto:smtp.mail=a...@vanaz.com 
i...@sem-pune.in mailto:a...@vanaz.com ; dkim=neutral (no key)  
mailto:header...@mailserver header...@webapplication.co.in

My server hostname is mail.webapplication.co.in.

How do I replace header.i value for respective domain.

Thanks and regards,

Amit


At Tuesday, 13-04-2010 on 13:57 Rob Wellard wrote:

I have the latest toaster installed, Everything works beautifully. However i 
seem to be getting a weird problem with the domainkey. I have several domains 
on the one toaster, and i can get the last one working perfectly, however the 
rest come back with bad signature. And it’s always the latest one that seems to 
work. Is there something i am doing wrong.  Please can you help

RE: [qmailtoaster] domainkeys mulitple domain issue

Hi All,

 

First of all mail server must be configured properly to work everything 
smoothly, such as hostname and other virtual domains etc must exists in the 
/etc/hosts file.

 

Most Importantly RDNS must exist for all the domains.

 

If all the domain share single ip address then all domain must be entered in 
the /etc/hosts file against that ip address.

 Example:

 

1.2.3.1   mail.vanaz.com mail.bbc.com 
mail.cnn.com 

 

Secondly, the key that all the domain get signed by the DKIM for all the domain 
is the singconf.xml file. Example given below:

 

The default signconf.xml file contains the first section in brown color below 
with a domain=”/var/qmail/control/me” in it. Remove this line and add 
query=dns. Coz of this the dkim looks for the hostname or domains in the 
“/var/qmail/control/me” file to sign the mails for.  Add your domains 
individually as shown in the example below. 

 

dkimsign

  !-- per default sign all mails using dkim --

  global algorithm=rsa-sha1 domain=/var/qmail/control/me 
keyfile=/var/qmail/control/dkim/global.key method=simple selector=dkim1

types id=dkim /

  /global

 

After modification your signconf.xml file should look like as in example given 
below, and if everything is set accordingly then everything should work:

 

dkimsign

  !-- per default sign all mails using dkim --

  global algorithm=rsa-sha1 query=dns 
keyfile=/var/qmail/control/dkim/global.key method=simple selector=dkim1

types id=dkim /

types id=domainkey method=nofws /

  /global

 

  vanaz.com selector=dkim1

types id=dkim /

types id=domainkey method=nofws /

  /vanaz.com

 

  bbc.com selector=dkim1

types id=dkim /

types id=domainkey method=nofws /

  /bbc.com

 

  cnn.com selector=dkim1

types id=dkim /

types id=domainkey method=nofws /

  /cnn.com

 

/dkimsign   

 

Regards,

 

Anil Aliyan   

 

From: Rob Wellard [mailto:r...@brainiacmedia.net] 
Sent: Wednesday, April 14, 2010 12:56 PM
To: qmailtoaster-list@qmailtoaster.com
Subject: RE: [qmailtoaster] domainkeys mulitple domain issue

 

I Guess nobody knows the answer, if i work it out, ill let you know. 

 

Rob

 

From: Amit Dalia [mailto:a...@ikf.co.in] 
Sent: 14 April 2010 05:40
To: qmailtoaster-list@qmailtoaster.com
Subject: Re: [qmailtoaster] domainkeys mulitple domain issue

 

Hi Everyone,

Any help on how to setup DKIM for multiple domains on the same QMT server? I'm 
getting below error.

Regards,

Amit

At Tuesday, 13-04-2010 on 15:46 Amit Dalia wrote:

Hi Everyone,

Even I was going to post this today. I had got around 15 domains on the same 
toaster. I had configure DKIM as per Jake's Video on How to setup DKIM, but it 
is signing only 1 domain perfectly but other domains are getting bad signature.

Authentication-Results: mx.google.com; spf=neutral (google.com: 180.92.170.125 
is neither permitted nor denied by domain of i...@sem-pune.in 
mailto:a...@vanaz.com ) smtp.mail= mailto:smtp.mail=a...@vanaz.com 
i...@sem-pune.in mailto:a...@vanaz.com ; dkim=neutral (no key)  
mailto:header...@mailserver header...@webapplication.co.in

My server hostname is mail.webapplication.co.in.

How do I replace header.i value for respective domain.

Thanks and regards,

Amit


At Tuesday, 13-04-2010 on 13:57 Rob Wellard wrote:

I have the latest toaster installed, Everything works beautifully. However i 
seem to be getting a weird problem with the domainkey. I have several domains 
on the one toaster, and i can get the last one working perfectly, however the 
rest come back with bad signature. And it’s always the latest one that seems to 
work. Is there something i am doing wrong.  Please can you help

RE: [qmailtoaster] domainkeys mulitple domain issue

2010-04-14 Thread Rob Wellard

Hi Anil 

 

Thanks a million for answering my question, i really appreciate it. 

 

Quick question. Are you referring to domainkeys here or dkim? I am having a 
problem with domainkeys and have not setup dkim, thats my next step. 

 

Thanks

 

Rob

 

 

From: Anil Aliyan [mailto:acali...@gnvfc.net] 
Sent: 14 April 2010 11:15
To: qmailtoaster-list@qmailtoaster.com
Subject: RE: [qmailtoaster] domainkeys mulitple domain issue

 

Hi All,

 

First of all mail server must be configured properly to work everything 
smoothly, such as hostname and other virtual domains etc must exists in the 
/etc/hosts file.

 

Most Importantly RDNS must exist for all the domains.

 

If all the domain share single ip address then all domain must be entered in 
the /etc/hosts file against that ip address.

 Example:

 

1.2.3.1   mail.vanaz.com mail.bbc.com 
mail.cnn.com 

 

Secondly, the key that all the domain get signed by the DKIM for all the domain 
is the singconf.xml file. Example given below:

 

The default signconf.xml file contains the first section in brown color below 
with a domain=”/var/qmail/control/me” in it. Remove this line and add 
query=dns. Coz of this the dkim looks for the hostname or domains in the 
“/var/qmail/control/me” file to sign the mails for.  Add your domains 
individually as shown in the example below. 

 

dkimsign

  !-- per default sign all mails using dkim --

  global algorithm=rsa-sha1 domain=/var/qmail/control/me 
keyfile=/var/qmail/control/dkim/global.key method=simple selector=dkim1

types id=dkim /

  /global

 

After modification your signconf.xml file should look like as in example given 
below, and if everything is set accordingly then everything should work:

 

dkimsign

  !-- per default sign all mails using dkim --

  global algorithm=rsa-sha1 query=dns 
keyfile=/var/qmail/control/dkim/global.key method=simple selector=dkim1

types id=dkim /

types id=domainkey method=nofws /

  /global

 

  vanaz.com selector=dkim1

types id=dkim /

types id=domainkey method=nofws /

  /vanaz.com

 

  bbc.com selector=dkim1

types id=dkim /

types id=domainkey method=nofws /

  /bbc.com

 

  cnn.com selector=dkim1

types id=dkim /

types id=domainkey method=nofws /

  /cnn.com

 

/dkimsign   

 

Regards,

 

Anil Aliyan   

 

From: Rob Wellard [mailto:r...@brainiacmedia.net] 
Sent: Wednesday, April 14, 2010 12:56 PM
To: qmailtoaster-list@qmailtoaster.com
Subject: RE: [qmailtoaster] domainkeys mulitple domain issue

 

I Guess nobody knows the answer, if i work it out, ill let you know. 

 

Rob

 

From: Amit Dalia [mailto:a...@ikf.co.in] 
Sent: 14 April 2010 05:40
To: qmailtoaster-list@qmailtoaster.com
Subject: Re: [qmailtoaster] domainkeys mulitple domain issue

 

Hi Everyone,

Any help on how to setup DKIM for multiple domains on the same QMT server? I'm 
getting below error.

Regards,

Amit

At Tuesday, 13-04-2010 on 15:46 Amit Dalia wrote:

Hi Everyone,

Even I was going to post this today. I had got around 15 domains on the same 
toaster. I had configure DKIM as per Jake's Video on How to setup DKIM, but it 
is signing only 1 domain perfectly but other domains are getting bad signature.

Authentication-Results: mx.google.com; spf=neutral (google.com: 180.92.170.125 
is neither permitted nor denied by domain of i...@sem-pune.in 
mailto:a...@vanaz.com ) smtp.mail= mailto:smtp.mail=a...@vanaz.com 
i...@sem-pune.in mailto:a...@vanaz.com ; dkim=neutral (no key)  
mailto:header...@mailserver header...@webapplication.co.in

My server hostname is mail.webapplication.co.in.

How do I replace header.i value for respective domain.

Thanks and regards,

Amit


At Tuesday, 13-04-2010 on 13:57 Rob Wellard wrote:

I have the latest toaster installed, Everything works beautifully. However i 
seem to be getting a weird problem with the domainkey. I have several domains 
on the one toaster, and i can get the last one working perfectly, however the 
rest come back with bad signature. And it’s always the latest one that seems to 
work. Is there something i am doing wrong.  Please can you help

RE: [qmailtoaster] domainkeys mulitple domain issue

Hi Rob,

 

My answer are regarding DKIM which signs mails for both DKIM and Domainkeys.

 

Regards,

 

Anil Aliyan

 

From: Rob Wellard [mailto:r...@brainiacmedia.net] 
Sent: Wednesday, April 14, 2010 4:25 PM
To: qmailtoaster-list@qmailtoaster.com
Subject: RE: [qmailtoaster] domainkeys mulitple domain issue

 

Hi Anil 

 

Thanks a million for answering my question, i really appreciate it. 

 

Quick question. Are you referring to domainkeys here or dkim? I am having a 
problem with domainkeys and have not setup dkim, thats my next step. 

 

Thanks

 

Rob

 

 

From: Anil Aliyan [mailto:acali...@gnvfc.net] 
Sent: 14 April 2010 11:15
To: qmailtoaster-list@qmailtoaster.com
Subject: RE: [qmailtoaster] domainkeys mulitple domain issue

 

Hi All,

 

First of all mail server must be configured properly to work everything 
smoothly, such as hostname and other virtual domains etc must exists in the 
/etc/hosts file.

 

Most Importantly RDNS must exist for all the domains.

 

If all the domain share single ip address then all domain must be entered in 
the /etc/hosts file against that ip address.

 Example:

 

1.2.3.1   mail.vanaz.com mail.bbc.com 
mail.cnn.com 

 

Secondly, the key that all the domain get signed by the DKIM for all the domain 
is the singconf.xml file. Example given below:

 

The default signconf.xml file contains the first section in brown color below 
with a domain=”/var/qmail/control/me” in it. Remove this line and add 
query=dns. Coz of this the dkim looks for the hostname or domains in the 
“/var/qmail/control/me” file to sign the mails for.  Add your domains 
individually as shown in the example below. 

 

dkimsign

  !-- per default sign all mails using dkim --

  global algorithm=rsa-sha1 domain=/var/qmail/control/me 
keyfile=/var/qmail/control/dkim/global.key method=simple selector=dkim1

types id=dkim /

  /global

 

After modification your signconf.xml file should look like as in example given 
below, and if everything is set accordingly then everything should work:

 

dkimsign

  !-- per default sign all mails using dkim --

  global algorithm=rsa-sha1 query=dns 
keyfile=/var/qmail/control/dkim/global.key method=simple selector=dkim1

types id=dkim /

types id=domainkey method=nofws /

  /global

 

  vanaz.com selector=dkim1

types id=dkim /

types id=domainkey method=nofws /

  /vanaz.com

 

  bbc.com selector=dkim1

types id=dkim /

types id=domainkey method=nofws /

  /bbc.com

 

  cnn.com selector=dkim1

types id=dkim /

types id=domainkey method=nofws /

  /cnn.com

 

/dkimsign   

 

Regards,

 

Anil Aliyan   

 

From: Rob Wellard [mailto:r...@brainiacmedia.net] 
Sent: Wednesday, April 14, 2010 12:56 PM
To: qmailtoaster-list@qmailtoaster.com
Subject: RE: [qmailtoaster] domainkeys mulitple domain issue

 

I Guess nobody knows the answer, if i work it out, ill let you know. 

 

Rob

 

From: Amit Dalia [mailto:a...@ikf.co.in] 
Sent: 14 April 2010 05:40
To: qmailtoaster-list@qmailtoaster.com
Subject: Re: [qmailtoaster] domainkeys mulitple domain issue

 

Hi Everyone,

Any help on how to setup DKIM for multiple domains on the same QMT server? I'm 
getting below error.

Regards,

Amit

At Tuesday, 13-04-2010 on 15:46 Amit Dalia wrote:

Hi Everyone,

Even I was going to post this today. I had got around 15 domains on the same 
toaster. I had configure DKIM as per Jake's Video on How to setup DKIM, but it 
is signing only 1 domain perfectly but other domains are getting bad signature.

Authentication-Results: mx.google.com; spf=neutral (google.com: 180.92.170.125 
is neither permitted nor denied by domain of i...@sem-pune.in 
mailto:a...@vanaz.com ) smtp.mail= mailto:smtp.mail=a...@vanaz.com 
i...@sem-pune.in mailto:a...@vanaz.com ; dkim=neutral (no key)  
mailto:header...@mailserver header...@webapplication.co.in

My server hostname is mail.webapplication.co.in.

How do I replace header.i value for respective domain.

Thanks and regards,

Amit


At Tuesday, 13-04-2010 on 13:57 Rob Wellard wrote:

I have the latest toaster installed, Everything works beautifully. However i 
seem to be getting a weird problem with the domainkey. I have several domains 
on the one toaster, and i can get the last one working perfectly, however the 
rest come back with bad signature. And it’s always the latest one that seems to 
work. Is there something i am doing wrong.  Please can you help

RE: [qmailtoaster] domainkeys mulitple domain issue

2010-04-14 Thread Amit Dalia

Hi Anil,

Thanks a lot. Will try this and if any query will get back.

Thanks and regards,

Amit

At Wednesday, 14-04-2010 on 16:46 Anil Aliyan wrote:

Hi Rob,

 

My answer are regarding DKIM which signs mails for both DKIM and
Domainkeys.

 

Regards,

 

Anil Aliyan

 

FROM: Rob Wellard [mailto:r...@brainiacmedia.net] 
SENT: Wednesday, April 14, 2010 4:25 PM
TO: qmailtoaster-list@qmailtoaster.com
SUBJECT: RE: [qmailtoaster] domainkeys mulitple domain issue

 

Hi Anil 

 

Thanks a million for answering my question, i really appreciate it. 

 

Quick question. Are you referring to domainkeys here or dkim? I am
having a problem with domainkeys and have not setup dkim, thats my
next step. 

 

Thanks

 

Rob

 

 

FROM: Anil Aliyan [mailto:acali...@gnvfc.net] 
SENT: 14 April 2010 11:15
TO: qmailtoaster-list@qmailtoaster.com
SUBJECT: RE: [qmailtoaster] domainkeys mulitple domain issue

 

Hi All,

 

First of all mail server must be configured properly to work
everything smoothly, such as hostname and other virtual domains etc
must exists in the /etc/hosts file.

 

Most Importantly RDNS must exist for all the domains.

 

If all the domain share single ip address then all domain must be
entered in the /etc/hosts file against that ip address.

 Example:

 

1.2.3.1  
mail.vanaz.com mail.bbc.com
mail.cnn.com 

 

Secondly, the key that all the domain get signed by the DKIM for all
the domain is the SINGCONF.XML file. Example given below:

 

The default signconf.xml file contains the first section in brown
color below with a domain=”/var/qmail/control/me” in it. Remove
this line and add QUERY=DNS. Coz of this the dkim looks for the
hostname or domains in the “/var/qmail/control/me” file to sign
the mails for.  Add your domains individually as shown in the example
below. 

 

  

  

    

  

 

AFTER MODIFICATION YOUR SIGNCONF.XML FILE SHOULD LOOK LIKE AS IN
EXAMPLE GIVEN BELOW, AND IF EVERYTHING IS SET ACCORDINGLY THEN
EVERYTHING SHOULD WORK:

 

  

  

    

    

  

 

  

    

    

  

 

  

    

    

  

 

  

    

    

  

 

   

 

Regards,

 

Anil Aliyan   

 

FROM: Rob Wellard [mailto:r...@brainiacmedia.net] 
SENT: Wednesday, April 14, 2010 12:56 PM
TO: qmailtoaster-list@qmailtoaster.com
SUBJECT: RE: [qmailtoaster] domainkeys mulitple domain issue

 

I Guess nobody knows the answer, if i work it out, ill let you know. 

 

Rob

 

FROM: Amit Dalia [mailto:a...@ikf.co.in] 
SENT: 14 April 2010 05:40
TO: qmailtoaster-list@qmailtoaster.com
SUBJECT: Re: [qmailtoaster] domainkeys mulitple domain issue

 

Hi Everyone,

Any help on how to setup DKIM for multiple domains on the same QMT
server? I'm getting below error.

Regards,

Amit

At Tuesday, 13-04-2010 on 15:46 Amit Dalia wrote:

Hi Everyone,

Even I was going to post this today. I had got around 15 domains on
the same toaster. I had configure DKIM as per Jake's Video on How to
setup DKIM, but it is signing only 1 domain perfectly but other
domains are getting bad signature.

Authentication-Results: mx.google.com; spf=neutral (google.com:
180.92.170.125 is neither permitted nor denied by domain of
i...@sem-pune.in [1]) smtp.mail= [2]i...@sem-pune.in [1]; dkim=neutral
(no key) header...@webapplication.co.in [3]

My server hostname is mail.webapplication.co.in.

How do I replace header.i value for respective domain.

Thanks and regards,

Amit

At Tuesday, 13-04-2010 on 13:57 Rob Wellard wrote:

I have the latest toaster installed, Everything works beautifully.
However i seem to be getting a weird problem with the domainkey. I
have several domains on the one toaster, and i can get the last one
working perfectly, however the rest come back with bad signature. And
it’s always the latest one that seems to work. Is there something i
am doing wrong.  Please can you help

 



Links:
--
[1] mailto:a...@vanaz.com
[2] mailto:smtp.mail=a...@vanaz.com
[3] MAILTO:header...@mailserver

RE: [qmailtoaster] domainkeys mulitple domain issue

2010-04-14 Thread Amit Dalia

Dear Anil,

I tried what you had told but seems like its not working. Its just
picking domain from file /var/qmail/control/me.

Any help?

Regards,

Amit

At Wednesday, 14-04-2010 on 16:46 Anil Aliyan wrote:

Hi Rob,

 

My answer are regarding DKIM which signs mails for both DKIM and
Domainkeys.

 

Regards,

 

Anil Aliyan

 

FROM: Rob Wellard [mailto:r...@brainiacmedia.net] 
SENT: Wednesday, April 14, 2010 4:25 PM
TO: qmailtoaster-list@qmailtoaster.com
SUBJECT: RE: [qmailtoaster] domainkeys mulitple domain issue

 

Hi Anil 

 

Thanks a million for answering my question, i really appreciate it. 

 

Quick question. Are you referring to domainkeys here or dkim? I am
having a problem with domainkeys and have not setup dkim, thats my
next step. 

 

Thanks

 

Rob

 

 

FROM: Anil Aliyan [mailto:acali...@gnvfc.net] 
SENT: 14 April 2010 11:15
TO: qmailtoaster-list@qmailtoaster.com
SUBJECT: RE: [qmailtoaster] domainkeys mulitple domain issue

 

Hi All,

 

First of all mail server must be configured properly to work
everything smoothly, such as hostname and other virtual domains etc
must exists in the /etc/hosts file.

 

Most Importantly RDNS must exist for all the domains.

 

If all the domain share single ip address then all domain must be
entered in the /etc/hosts file against that ip address.

 Example:

 

1.2.3.1  
mail.vanaz.com mail.bbc.com
mail.cnn.com 

 

Secondly, the key that all the domain get signed by the DKIM for all
the domain is the SINGCONF.XML file. Example given below:

 

The default signconf.xml file contains the first section in brown
color below with a domain=”/var/qmail/control/me” in it. Remove
this line and add QUERY=DNS. Coz of this the dkim looks for the
hostname or domains in the “/var/qmail/control/me” file to sign
the mails for.  Add your domains individually as shown in the example
below. 

 

  

  

    

  

 

AFTER MODIFICATION YOUR SIGNCONF.XML FILE SHOULD LOOK LIKE AS IN
EXAMPLE GIVEN BELOW, AND IF EVERYTHING IS SET ACCORDINGLY THEN
EVERYTHING SHOULD WORK:

 

  

  

    

    

  

 

  

    

    

  

 

  

    

    

  

 

  

    

    

  

 

   

 

Regards,

 

Anil Aliyan   

 

FROM: Rob Wellard [mailto:r...@brainiacmedia.net] 
SENT: Wednesday, April 14, 2010 12:56 PM
TO: qmailtoaster-list@qmailtoaster.com
SUBJECT: RE: [qmailtoaster] domainkeys mulitple domain issue

 

I Guess nobody knows the answer, if i work it out, ill let you know. 

 

Rob

 

FROM: Amit Dalia [mailto:a...@ikf.co.in] 
SENT: 14 April 2010 05:40
TO: qmailtoaster-list@qmailtoaster.com
SUBJECT: Re: [qmailtoaster] domainkeys mulitple domain issue

 

Hi Everyone,

Any help on how to setup DKIM for multiple domains on the same QMT
server? I'm getting below error.

Regards,

Amit

At Tuesday, 13-04-2010 on 15:46 Amit Dalia wrote:

Hi Everyone,

Even I was going to post this today. I had got around 15 domains on
the same toaster. I had configure DKIM as per Jake's Video on How to
setup DKIM, but it is signing only 1 domain perfectly but other
domains are getting bad signature.

Authentication-Results: mx.google.com; spf=neutral (google.com:
180.92.170.125 is neither permitted nor denied by domain of
i...@sem-pune.in [1]) smtp.mail= [2]i...@sem-pune.in [1]; dkim=neutral
(no key) header...@webapplication.co.in [3]

My server hostname is mail.webapplication.co.in.

How do I replace header.i value for respective domain.

Thanks and regards,

Amit

At Tuesday, 13-04-2010 on 13:57 Rob Wellard wrote:

I have the latest toaster installed, Everything works beautifully.
However i seem to be getting a weird problem with the domainkey. I
have several domains on the one toaster, and i can get the last one
working perfectly, however the rest come back with bad signature. And
it’s always the latest one that seems to work. Is there something i
am doing wrong.  Please can you help

 



Links:
--
[1] mailto:a...@vanaz.com
[2] mailto:smtp.mail=a...@vanaz.com
[3] MAILTO:header...@mailserver

RE: [qmailtoaster] domainkeys mulitple domain issue

Please read my previous mail and edit your signconfig.xml file accordingly

From: Amit Dalia [mailto:a...@ikf.co.in] 
Sent: Wednesday, April 14, 2010 5:53 PM
To: qmailtoaster-list@qmailtoaster.com
Subject: RE: [qmailtoaster] domainkeys mulitple domain issue

Dear Anil,

I tried what you had told but seems like its not working. Its just picking 
domain from file /var/qmail/control/me.

Any help?

Regards,

Amit

At Wednesday, 14-04-2010 on 16:46 Anil Aliyan wrote:

Hi Rob,

My answer are regarding DKIM which signs mails for both DKIM and Domainkeys.

Regards,

Anil Aliyan

From: Rob Wellard [mailto:r...@brainiacmedia.net] 
Sent: Wednesday, April 14, 2010 4:25 PM
To: qmailtoaster-list@qmailtoaster.com
Subject: RE: [qmailtoaster] domainkeys mulitple domain issue

Hi Anil 

Thanks a million for answering my question, i really appreciate it. 

Quick question. Are you referring to domainkeys here or dkim? I am having a 
problem with domainkeys and have not setup dkim, thats my next step. 

Thanks

Rob

From: Anil Aliyan [mailto:acali...@gnvfc.net] 
Sent: 14 April 2010 11:15
To: qmailtoaster-list@qmailtoaster.com
Subject: RE: [qmailtoaster] domainkeys mulitple domain issue

Hi All,

First of all mail server must be configured properly to work everything 
smoothly, such as hostname and other virtual domains etc must exists in the 
/etc/hosts file.

Most Importantly RDNS must exist for all the domains.

If all the domain share single ip address then all domain must be entered in 
the /etc/hosts file against that ip address.

 Example:

1.2.3.1   mail.vanaz.com mail.bbc.com 
mail.cnn.com 

Secondly, the key that all the domain get signed by the DKIM for all the domain 
is the singconf.xml file. Example given below:

The default signconf.xml file contains the first section in brown color below 
with a domain=”/var/qmail/control/me” in it. Remove this line and add 
query=dns. Coz of this the dkim looks for the hostname or domains in the 
“/var/qmail/control/me” file to sign the mails for.  Add your domains 
individually as shown in the example below. 

dkimsign

  !-- per default sign all mails using dkim --

  global algorithm=rsa-sha1 domain=/var/qmail/control/me 
keyfile=/var/qmail/control/dkim/global.key method=simple selector=dkim1

types id=dkim /

  /global

After modification your signconf.xml file should look like as in example given 
below, and if everything is set accordingly then everything should work:

dkimsign

  !-- per default sign all mails using dkim --

  global algorithm=rsa-sha1 query=dns 
keyfile=/var/qmail/control/dkim/global.key method=simple selector=dkim1

types id=dkim /

types id=domainkey method=nofws /

  /global

  vanaz.com selector=dkim1

types id=dkim /

types id=domainkey method=nofws /

  /vanaz.com

  bbc.com selector=dkim1

types id=dkim /

types id=domainkey method=nofws /

  /bbc.com

  cnn.com selector=dkim1

types id=dkim /

types id=domainkey method=nofws /

  /cnn.com

/dkimsign   

Regards,

Anil Aliyan   

From: Rob Wellard [mailto:r...@brainiacmedia.net] 
Sent: Wednesday, April 14, 2010 12:56 PM
To: qmailtoaster-list@qmailtoaster.com
Subject: RE: [qmailtoaster] domainkeys mulitple domain issue

I Guess nobody knows the answer, if i work it out, ill let you know. 

Rob

From: Amit Dalia [mailto:a...@ikf.co.in] 
Sent: 14 April 2010 05:40
To: qmailtoaster-list@qmailtoaster.com
Subject: Re: [qmailtoaster] domainkeys mulitple domain issue

Hi Everyone,

Any help on how to setup DKIM for multiple domains on the same QMT server? I'm 
getting below error.

Regards,

Amit

At Tuesday, 13-04-2010 on 15:46 Amit Dalia wrote:

Hi Everyone,

Even I was going to post this today. I had got around 15 domains on the same 
toaster. I had configure DKIM as per Jake's Video on How to setup DKIM, but it 
is signing only 1 domain perfectly but other domains are getting bad signature.

Authentication-Results: mx.google.com; spf=neutral (google.com: 180.92.170.125 
is neither permitted nor denied by domain of i...@sem-pune.in 
mailto:a...@vanaz.com ) smtp.mail= mailto:smtp.mail=a...@vanaz.com 
i...@sem-pune.in mailto:a...@vanaz.com ; dkim=neutral (no key)  
mailto:header...@mailserver header...@webapplication.co.in

My server hostname is mail.webapplication.co.in.

How do I replace header.i value for respective domain.

Thanks and regards,

Amit

At Tuesday, 13-04-2010 on 13:57 Rob Wellard wrote:

I have the latest toaster installed, Everything works beautifully. However i 
seem to be getting a weird problem with the domainkey. I have several domains 
on the one toaster, and i can get the last one working perfectly, however the 
rest come back with bad signature. And it’s always the latest one that seems to 
work. Is there something i am doing wrong.  Please can you help

[qmailtoaster] domainkeys mulitple domain issue

2010-04-13 Thread Rob Wellard

I have the latest toaster installed, Everything works beautifully. However i
seem to be getting a weird problem with the domainkey. I have several
domains on the one toaster, and i can get the last one working perfectly,
however the rest come back with bad signature. And it's always the latest
one that seems to work. Is there something i am doing wrong.  Please can you
help

Re: [qmailtoaster] domainkeys mulitple domain issue

2010-04-13 Thread Amit Dalia

Hi Everyone,

Even I was going to post this today. I had got around 15 domains on
the same toaster. I had configure DKIM as per Jake's Video on How to
setup DKIM, but it is signing only 1 domain perfectly but other
domains are getting bad signature.

Authentication-Results: mx.google.com; spf=neutral (google.com:
180.92.170.125 is neither permitted nor denied by domain of
i...@sem-pune.in [1]) smtp.mail= [2]i...@sem-pune.in [2]; dkim=neutral
(no key) header...@webapplication.co.in [3]

My server hostname is mail.webapplication.co.in.

How do I replace header.i value for respective domain.

Thanks and regards,

Amit

At Tuesday, 13-04-2010 on 13:57 Rob Wellard wrote:

I have the latest toaster installed, Everything works beautifully.
However i seem to be getting a weird problem with the domainkey. I
have several domains on the one toaster, and i can get the last one
working perfectly, however the rest come back with bad signature. And
it’s always the latest one that seems to work. Is there something i
am doing wrong.  Please can you help

 



Links:
--
[1] mailto:a...@vanaz.com
[2] mailto:smtp.mail=a...@vanaz.com
[3] MAILTO:header...@mailserver

Re: [qmailtoaster] domainkeys mulitple domain issue

2010-04-13 Thread Amit Dalia

Hi Everyone,

Any help on how to setup DKIM for multiple domains on the same QMT
server? I'm getting below error.

Regards,

Amit

At Tuesday, 13-04-2010 on 15:46 Amit Dalia wrote:

Hi Everyone,

Even I was going to post this today. I had got around 15 domains on
the same toaster. I had configure DKIM as per Jake's Video on How to
setup DKIM, but it is signing only 1 domain perfectly but other
domains are getting bad signature.

Authentication-Results: mx.google.com; spf=neutral (google.com:
180.92.170.125 is neither permitted nor denied by domain of
i...@sem-pune.in [1]) smtp.mail= [2] [2]i...@sem-pune.in [1];
dkim=neutral (no key) header...@webapplication.co.in [3]

My server hostname is mail.webapplication.co.in.

How do I replace header.i value for respective domain.

Thanks and regards,

Amit

At Tuesday, 13-04-2010 on 13:57 Rob Wellard wrote:

I have the latest toaster installed, Everything works beautifully.
However i seem to be getting a weird problem with the domainkey. I
have several domains on the one toaster, and i can get the last one
working perfectly, however the rest come back with bad signature. And
it’s always the latest one that seems to work. Is there something i
am doing wrong.  Please can you help

 



Links:
--
[1] mailto:a...@vanaz.com
[2] mailto:smtp.mail=a...@vanaz.com
[3] MAILTO:header...@mailserver

[qmailtoaster] QmailToaster DomainKeys Multiple Domains on one server

2010-04-12 Thread Rob Wellard

Hi QmailToaster People

 

I have the latest toaster installed, Everything works beautifully. 

 

However i seem to be getting a weird problem with the domain keys. 

 

I have several domains on the one toaster, and i can get one working
perfectly, however the rest break. And it's always the latest one that seems
to break. Is there something i am doing wrong. 

 

Thanks

 

Rob

 

 

Thanks

 

Rob Wellard

Brainiac Media Ltd

 

07766221418

r...@brainiacmedia.net
www.brainiacmedia.net

Re: [qmailtoaster] Domainkeys

2010-04-07 Thread Postmaster

I can confirm it does work this way as well - this is my setup and both 
DKIM abd Domainkey are signed independently ok.



On 06/04/2010 20:33, Jake Vickers wrote:

On 04/06/2010 12:03 PM, Postmaster wrote:

Jake,

I was thinking that the following wrappers are used:
For Domainkeys - qmail-dk
For DKIM - qmail-remote

Therefore, If you install DKIM (your video) on top of Domainkey 
installation described on the wiki,
they can both work without any issues. This is what I have on my 
qmailtoaster - both Domainkey and DKIM are

signing even though DKIM has not been setup to sign both.


You can do it that way - I do not recall if I worked it that way in 
the video though, since the dkim module can sign for both, IIRC.

[qmailtoaster] Domainkeys

 

 

I am trying to figure out my domainkeys signature.  Here is an header of an
email I sent myself at another address:

 

Received: from f10bb8-10 (10.1.116.201) by
idc1embx0004.corp.global.level3.com

 (10.1.9.79) with Microsoft SMTP Server id 8.1.375.2; Tue, 6 Apr 2010
08:46:06

 -0600

Received: from mail28.messagelabs.com (mail28.messagelabs.com

 [216.82.249.131])(using TLSv1 with cipher EDH-RSA-DES-CBC3-SHA
(168/168

 bits))(No client certificate requested)   by f10bb8-10
(Postfix) with ESMTP id

 54E6E4514  for jack.mar...@level3.com; Tue,  6 Apr 2010 14:45:06
+ (GMT)

X-VirusChecked: Checked

X-Env-Sender: jack.d.mar...@magicwisp.com

X-Msg-Ref: server-13.tower-28.messagelabs.com!1270565097!68063129!1

X-StarScan-Version: 6.2.4; banners=-,-,-

X-Originating-IP: [12.169.159.242]

X-SpamReason: No, hits=1.5 required=7.0 tests=HTML_90_100,HTML_MESSAGE,

  MIME_QP_LONG_LINE,MSGID_MULTIPLE_AT

Received: (qmail 1107 invoked from network); 6 Apr 2010 14:44:58 -

Received: from mail.magicwisp.com (HELO mail.magicwisp.com) (12.169.159.242)

  by server-13.tower-28.messagelabs.com with DHE-RSA-AES256-SHA encrypted

 SMTP; 6 Apr 2010 14:44:58 -

DKIM-Signature: v=1; a=rsa-sha1; c=simple; d=mail.magicwisp.com; h=from

:to:subject:date:message-id:mime-version:content-type;
s=dkim1;

 bh=2Pf8+Cl2bwZzgJS4YUMawkUEYtk=;
b=nzXC4kGH0Udf2vpiley2Uj2WDkhk

x62TMkYHXsyLmReG5+Ke458ZaYVsDmF8GoJa

Received: (qmail 25783 invoked by uid 89); 6 Apr 2010 14:44:55 -

Received: from unknown (HELO magicwisba8dea)

 (jack.d.mar...@magicwisp.com@12.169.159.128)  by mail.magicwisp.com with

 ESMTPA; 6 Apr 2010 14:44:55 -

Received: from 127.0.0.1 (AVG SMTP 9.0.800 [271.1.1/2793]); Tue, 06 Apr 2010

 09:43:51 -0500

From: Jack Martin jack.d.mar...@magicwisp.com

To: jack.mar...@level3.com

Subject: DomainKeys Test

Date: Tue, 6 Apr 2010 09:43:33 -0500

Message-ID: 001b01cad597$9b77fb30$d267f1...@d.martin@magicwisp.com

MIME-Version: 1.0

X-Mailer: Microsoft Office Outlook 12.0

Thread-Index: AcrVl2qV/qD/L8X9RTq6FhTorqTw4Q==

Content-Language: en-us

Content-Type: multipart/mixed; boundaryAVGMAIL-6ED26C84===

Return-Path: jack.d.mar...@magicwisp.com

 

 

As you can see there is no signature, but my DNS has it in there.  If I do a
dig on the private key I get this:

 

dig private._domainkey.magicwisp.com TXT

 

;  DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 
private._domainkey.magicwisp.   com TXT

;; global options:  printcmd

;; Got answer:

;; -HEADER- opcode: QUERY, status: NOERROR, id: 17030

;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

 

;; QUESTION SECTION:

;private._domainkey.magicwisp.com. IN   TXT

 

;; ANSWER SECTION:

private._domainkey.magicwisp.com. 1800 IN TXT   k=rsa\;
p=MEwwDQYJKoZIhvcNAQEBB
QADOwAwOAIxAOwAw0NImAYGcyqJdmVKN2biJzYMzq8TbxfXJcF9F9KnbbDpzB/FHuJiCs7rBkOAs
QIDA   QAB

 

;; Query time: 203 msec

;; SERVER: 12.127.17.83#53(12.127.17.83)

;; WHEN: Tue Apr  6 09:52:13 2010

;; MSG SIZE  rcvd: 176

 

My tcp.smtp says I am signing:

127.:allow,RELAYCLIENT=

12.169.159.250:allow,RELAYCLIENT=

DKSIGN=/var/qmail/control/domainkeys/%/private,:allow,BADMIMETYPE=,BADLO
ADERTYPE=M,CHKUSER_RCPTLI
MIT=15,CHKUSER_WRONGRCPTLIMIT=3,DKVERIFY=DEGIJKfh,QMAILQUEUE=/var/qma
il/bin/simscan,DKQUEUE=/v
ar/qmail/bin/qmail-queue.orig,DKSIGN=/var/qmail/control/domainkeys/%/priva
te,RBLSMTPD=,NOP0FCHECK=   1

 

Anybody have any ideas where to look for an answer?


No virus found in this outgoing message.
Checked by AVG - www.avg.com
Version: 9.0.800 / Virus Database: 271.1.1/2794 - Release Date: 04/06/10 
01:32:00
-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.
 
  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Domainkeys


On 04/06/2010 10:55 AM, MagicWISP Sales wrote:


I am trying to figure out my domainkeys signature.  Here is an header 
of an email I sent myself at another address:


Received: from f10bb8-10 (10.1.116.201) by 
idc1embx0004.corp.global.level3.com


 (10.1.9.79) with Microsoft SMTP Server id 8.1.375.2; Tue, 6 Apr 2010 
08:46:06


 -0600

Received: from mail28.messagelabs.com (mail28.messagelabs.com

 [216.82.249.131])(using TLSv1 with cipher 
EDH-RSA-DES-CBC3-SHA (168/168


 bits))(No client certificate requested)   by 
f10bb8-10 (Postfix) with ESMTP id


 54E6E4514  for jack.mar...@level3.com; Tue,  6 Apr 2010 
14:45:06 + (GMT)


X-VirusChecked: Checked

X-Env-Sender: jack.d.mar...@magicwisp.com

X-Msg-Ref: server-13.tower-28.messagelabs.com!1270565097!68063129!1

X-StarScan-Version: 6.2.4; banners=-,-,-

X-Originating-IP: [12.169.159.242]

X-SpamReason: No, hits=1.5 required=7.0 tests=HTML_90_100,HTML_MESSAGE,

  MIME_QP_LONG_LINE,MSGID_MULTIPLE_AT

Received: (qmail 1107 invoked from network); 6 Apr 2010 14:44:58 -

Received: from mail.magicwisp.com (HELO mail.magicwisp.com) 
(12.169.159.242)


  by server-13.tower-28.messagelabs.com with DHE-RSA-AES256-SHA encrypted

 SMTP; 6 Apr 2010 14:44:58 -

DKIM-Signature: v=1; a=rsa-sha1; c=simple; d=mail.magicwisp.com; h=from

:to:subject:date:message-id:mime-version:content-type; 
s=dkim1;


 bh=2Pf8+Cl2bwZzgJS4YUMawkUEYtk=; 
b=nzXC4kGH0Udf2vpiley2Uj2WDkhk


x62TMkYHXsyLmReG5+Ke458ZaYVsDmF8GoJa

Received: (qmail 25783 invoked by uid 89); 6 Apr 2010 14:44:55 -

Received: from unknown (HELO magicwisba8dea)

 (jack.d.mar...@magicwisp.com@12.169.159.128)  by mail.magicwisp.com with

 ESMTPA; 6 Apr 2010 14:44:55 -

Received: from 127.0.0.1 (AVG SMTP 9.0.800 [271.1.1/2793]); Tue, 06 
Apr 2010


 09:43:51 -0500

From: Jack Martin jack.d.mar...@magicwisp.com

To: jack.mar...@level3.com

Subject: DomainKeys Test

Date: Tue, 6 Apr 2010 09:43:33 -0500

Message-ID: 001b01cad597$9b77fb30$d267f1...@d.martin@magicwisp.com

MIME-Version: 1.0

X-Mailer: Microsoft Office Outlook 12.0

Thread-Index: AcrVl2qV/qD/L8X9RTq6FhTorqTw4Q==

Content-Language: en-us

Content-Type: multipart/mixed; boundaryAVGMAIL-6ED26C84===

Return-Path: jack.d.mar...@magicwisp.com 
mailto:jack.d.mar...@magicwisp.com


As you can see there is no signature, but my DNS has it in there.  If 
I do a dig on the private key I get this:


dig private._domainkey.magicwisp.com TXT

;  DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2  
private._domainkey.magicwisp.   com TXT


;; global options:  printcmd

;; Got answer:

;; -HEADER- opcode: QUERY, status: NOERROR, id: 17030

;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:

;private._domainkey.magicwisp.com. IN   TXT

;; ANSWER SECTION:

private._domainkey.magicwisp.com. 1800 IN TXT   k=rsa\; 
p=MEwwDQYJKoZIhvcNAQEBB   
QADOwAwOAIxAOwAw0NImAYGcyqJdmVKN2biJzYMzq8TbxfXJcF9F9KnbbDpzB/FHuJiCs7rBkOAsQIDA   
QAB


;; Query time: 203 msec

;; SERVER: 12.127.17.83#53(12.127.17.83)

;; WHEN: Tue Apr  6 09:52:13 2010

;; MSG SIZE  rcvd: 176

My tcp.smtp says I am signing:

127.:allow,RELAYCLIENT=

12.169.159.250:allow,RELAYCLIENT=

DKSIGN=/var/qmail/control/domainkeys/%/private,:allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLI   
MIT=15,CHKUSER_WRONGRCPTLIMIT=3,DKVERIFY=DEGIJKfh,QMAILQUEUE=/var/qmail/bin/simscan,DKQUEUE=/v   
ar/qmail/bin/qmail-queue.orig,DKSIGN=/var/qmail/control/domainkeys/%/private,RBLSMTPD=,NOP0FCHECK=   
1


Anybody have any ideas where to look for an answer?


   



I see dkim1 in your email headers - are you signing using DKIM? Is 
this message being sent/signed on a Qmailtoaster machine?

RE: [qmailtoaster] Domainkeys

Of course it is a qmailtoaster machine - LOL.  Yes I have DKIM setup and
working.  I am trying to have both setup.  

 

From: Jake Vickers [mailto:j...@qmailtoaster.com] 
Sent: Tuesday, April 06, 2010 10:06 AM
To: qmailtoaster-list@qmailtoaster.com
Subject: Re: [qmailtoaster] Domainkeys

 

On 04/06/2010 10:55 AM, MagicWISP Sales wrote: 

 

 

I am trying to figure out my domainkeys signature.  Here is an header of an
email I sent myself at another address:

 

Received: from f10bb8-10 (10.1.116.201) by
idc1embx0004.corp.global.level3.com

 (10.1.9.79) with Microsoft SMTP Server id 8.1.375.2; Tue, 6 Apr 2010
08:46:06

 -0600

Received: from mail28.messagelabs.com (mail28.messagelabs.com

 [216.82.249.131])(using TLSv1 with cipher EDH-RSA-DES-CBC3-SHA
(168/168

 bits))(No client certificate requested)   by f10bb8-10
(Postfix) with ESMTP id

 54E6E4514  for  mailto:jack.mar...@level3.com
jack.mar...@level3.com; Tue,  6 Apr 2010 14:45:06 + (GMT)

X-VirusChecked: Checked

X-Env-Sender: jack.d.mar...@magicwisp.com

X-Msg-Ref: server-13.tower-28.messagelabs.com!1270565097!68063129!1

X-StarScan-Version: 6.2.4; banners=-,-,-

X-Originating-IP: [12.169.159.242]

X-SpamReason: No, hits=1.5 required=7.0 tests=HTML_90_100,HTML_MESSAGE,

  MIME_QP_LONG_LINE,MSGID_MULTIPLE_AT

Received: (qmail 1107 invoked from network); 6 Apr 2010 14:44:58 -

Received: from mail.magicwisp.com (HELO mail.magicwisp.com) (12.169.159.242)

  by server-13.tower-28.messagelabs.com with DHE-RSA-AES256-SHA encrypted

 SMTP; 6 Apr 2010 14:44:58 -

DKIM-Signature: v=1; a=rsa-sha1; c=simple; d=mail.magicwisp.com; h=from

:to:subject:date:message-id:mime-version:content-type;
s=dkim1;

 bh=2Pf8+Cl2bwZzgJS4YUMawkUEYtk=;
b=nzXC4kGH0Udf2vpiley2Uj2WDkhk

x62TMkYHXsyLmReG5+Ke458ZaYVsDmF8GoJa

Received: (qmail 25783 invoked by uid 89); 6 Apr 2010 14:44:55 -

Received: from unknown (HELO magicwisba8dea)

 (jack.d.mar...@magicwisp.com@12.169.159.128)  by mail.magicwisp.com with

 ESMTPA; 6 Apr 2010 14:44:55 -

Received: from 127.0.0.1 (AVG SMTP 9.0.800 [271.1.1/2793]); Tue, 06 Apr 2010

 09:43:51 -0500

From: Jack Martin  mailto:jack.d.mar...@magicwisp.com
jack.d.mar...@magicwisp.com

To:  mailto:jack.mar...@level3.com jack.mar...@level3.com

Subject: DomainKeys Test

Date: Tue, 6 Apr 2010 09:43:33 -0500

Message-ID:  mailto:001b01cad597$9b77fb30$d267f1...@d.martin@magicwisp.com
001b01cad597$9b77fb30$d267f1...@d.martin@magicwisp.com

MIME-Version: 1.0

X-Mailer: Microsoft Office Outlook 12.0

Thread-Index: AcrVl2qV/qD/L8X9RTq6FhTorqTw4Q==

Content-Language: en-us

Content-Type: multipart/mixed; boundaryAVGMAIL-6ED26C84===

Return-Path: jack.d.mar...@magicwisp.com

 

 

As you can see there is no signature, but my DNS has it in there.  If I do a
dig on the private key I get this:

 

dig private._domainkey.magicwisp.com TXT

 

;  DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 
private._domainkey.magicwisp.   com TXT

;; global options:  printcmd

;; Got answer:

;; -HEADER- opcode: QUERY, status: NOERROR, id: 17030

;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

 

;; QUESTION SECTION:

;private._domainkey.magicwisp.com. IN   TXT

 

;; ANSWER SECTION:

private._domainkey.magicwisp.com. 1800 IN TXT   k=rsa\;
p=MEwwDQYJKoZIhvcNAQEBB
QADOwAwOAIxAOwAw0NImAYGcyqJdmVKN2biJzYMzq8TbxfXJcF9F9KnbbDpzB/FHuJiCs7rBkOAs
QIDA   QAB

 

;; Query time: 203 msec

;; SERVER: 12.127.17.83#53(12.127.17.83)

;; WHEN: Tue Apr  6 09:52:13 2010

;; MSG SIZE  rcvd: 176

 

My tcp.smtp says I am signing:

127.:allow,RELAYCLIENT=

12.169.159.250:allow,RELAYCLIENT=

DKSIGN=/var/qmail/control/domainkeys/%/private,:allow,BADMIMETYPE=,BADLO
ADERTYPE=M,CHKUSER_RCPTLI
MIT=15,CHKUSER_WRONGRCPTLIMIT=3,DKVERIFY=DEGIJKfh,QMAILQUEUE=/var/qma
il/bin/simscan,DKQUEUE=/v
ar/qmail/bin/qmail-queue.orig,DKSIGN=/var/qmail/control/domainkeys/%/priva
te,RBLSMTPD=,NOP0FCHECK=   1

 

Anybody have any ideas where to look for an answer?

 
 
  



I see dkim1 in your email headers - are you signing using DKIM? Is this
message being sent/signed on a Qmailtoaster machine?


No virus found in this outgoing message.
Checked by AVG - www.avg.com
Version: 9.0.800 / Virus Database: 271.1.1/2794 - Release Date: 04/06/10 
01:32:00
-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.
 
  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail

Re: [qmailtoaster] Domainkeys

2010-04-06 Thread Postmaster


Are you sending this e-mail from your intranet? What is 12.169.159.250?
Can you send a test e-mail to sa-t...@sendmail.net from your 
qmailtoaster server?


Your tcp.smtp:

127.:allow,RELAYCLIENT=

12.169.159.250:allow,RELAYCLIENT=

DKSIGN=/var/qmail/control/domainkeys/%/private,:allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLI   
MIT=15,CHKUSER_WRONGRCPTLIMIT=3,DKVERIFY=DEGIJKfh,QMAILQUEUE=/var/qmail/bin/simscan,DKQUEUE=/var/qmail/bin/qmail-queue.orig,DKSIGN=/var/qmail/control/domainkeys/%/private,RBLSMTPD=,NOP0FCHECK=   
1



In my tcp.smtp I also have 
DKSIGN=/var/qmail/control/domainkeys/%/private in 127.:allow section



Regards
Alex


On 06/04/2010 15:55, MagicWISP Sales wrote:


I am trying to figure out my domainkeys signature.  Here is an header 
of an email I sent myself at another address:


Received: from f10bb8-10 (10.1.116.201) by 
idc1embx0004.corp.global.level3.com


 (10.1.9.79) with Microsoft SMTP Server id 8.1.375.2; Tue, 6 Apr 2010 
08:46:06


 -0600

Received: from mail28.messagelabs.com (mail28.messagelabs.com

 [216.82.249.131])(using TLSv1 with cipher 
EDH-RSA-DES-CBC3-SHA (168/168


 bits))(No client certificate requested)   by 
f10bb8-10 (Postfix) with ESMTP id


 54E6E4514  for jack.mar...@level3.com; Tue,  6 Apr 2010 
14:45:06 + (GMT)


X-VirusChecked: Checked

X-Env-Sender: jack.d.mar...@magicwisp.com

X-Msg-Ref: server-13.tower-28.messagelabs.com!1270565097!68063129!1

X-StarScan-Version: 6.2.4; banners=-,-,-

X-Originating-IP: [12.169.159.242]

X-SpamReason: No, hits=1.5 required=7.0 tests=HTML_90_100,HTML_MESSAGE,

  MIME_QP_LONG_LINE,MSGID_MULTIPLE_AT

Received: (qmail 1107 invoked from network); 6 Apr 2010 14:44:58 -

Received: from mail.magicwisp.com (HELO mail.magicwisp.com) 
(12.169.159.242)


  by server-13.tower-28.messagelabs.com with DHE-RSA-AES256-SHA encrypted

 SMTP; 6 Apr 2010 14:44:58 -

DKIM-Signature: v=1; a=rsa-sha1; c=simple; d=mail.magicwisp.com; h=from

:to:subject:date:message-id:mime-version:content-type; 
s=dkim1;


 bh=2Pf8+Cl2bwZzgJS4YUMawkUEYtk=; 
b=nzXC4kGH0Udf2vpiley2Uj2WDkhk


x62TMkYHXsyLmReG5+Ke458ZaYVsDmF8GoJa

Received: (qmail 25783 invoked by uid 89); 6 Apr 2010 14:44:55 -

Received: from unknown (HELO magicwisba8dea)

 (jack.d.mar...@magicwisp.com@12.169.159.128)  by mail.magicwisp.com with

 ESMTPA; 6 Apr 2010 14:44:55 -

Received: from 127.0.0.1 (AVG SMTP 9.0.800 [271.1.1/2793]); Tue, 06 
Apr 2010


 09:43:51 -0500

From: Jack Martin jack.d.mar...@magicwisp.com

To: jack.mar...@level3.com

Subject: DomainKeys Test

Date: Tue, 6 Apr 2010 09:43:33 -0500

Message-ID: 001b01cad597$9b77fb30$d267f1...@d.martin@magicwisp.com

MIME-Version: 1.0

X-Mailer: Microsoft Office Outlook 12.0

Thread-Index: AcrVl2qV/qD/L8X9RTq6FhTorqTw4Q==

Content-Language: en-us

Content-Type: multipart/mixed; boundaryAVGMAIL-6ED26C84===

Return-Path: jack.d.mar...@magicwisp.com 
mailto:jack.d.mar...@magicwisp.com


As you can see there is no signature, but my DNS has it in there.  If 
I do a dig on the private key I get this:


dig private._domainkey.magicwisp.com TXT

;  DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2  
private._domainkey.magicwisp.   com TXT


;; global options:  printcmd

;; Got answer:

;; -HEADER- opcode: QUERY, status: NOERROR, id: 17030

;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:

;private._domainkey.magicwisp.com. IN   TXT

;; ANSWER SECTION:

private._domainkey.magicwisp.com. 1800 IN TXT   k=rsa\; 
p=MEwwDQYJKoZIhvcNAQEBB   
QADOwAwOAIxAOwAw0NImAYGcyqJdmVKN2biJzYMzq8TbxfXJcF9F9KnbbDpzB/FHuJiCs7rBkOAsQIDA   
QAB


;; Query time: 203 msec

;; SERVER: 12.127.17.83#53(12.127.17.83)

;; WHEN: Tue Apr  6 09:52:13 2010

;; MSG SIZE  rcvd: 176

My tcp.smtp says I am signing:

127.:allow,RELAYCLIENT=

12.169.159.250:allow,RELAYCLIENT=

DKSIGN=/var/qmail/control/domainkeys/%/private,:allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLI   
MIT=15,CHKUSER_WRONGRCPTLIMIT=3,DKVERIFY=DEGIJKfh,QMAILQUEUE=/var/qmail/bin/simscan,DKQUEUE=/v   
ar/qmail/bin/qmail-queue.orig,DKSIGN=/var/qmail/control/domainkeys/%/private,RBLSMTPD=,NOP0FCHECK=   
1


Anybody have any ideas where to look for an answer?



No virus found in this outgoing message.
Checked by AVG - www.avg.com
Version: 9.0.800 / Virus Database: 271.1.1/2794 - Release Date: 04/06/10 
01:32:00

   



-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
 Vickers Consulting Group offers Qmailtoaster support and installations.
   If you need professional help with your setup, contact them today!
-
  Please visit

RE: [qmailtoaster] Domainkeys

The .250 address is a machine that relays.  I have used sendmail.net and got
this:

 

Authentication System:   DomainKeys Identified Mail

   Result:   DKIM signature confirmed GOOD

   Description:  Signature verified, message arrived intact

   Reporting host:   sendmail.net

   More information: http://mipassoc.org/dkim/

   Sendmail milter:  https://sourceforge.net/projects/dkim-milter/

 

Authentication System:   Domain Keys 

   Result:   DK signature confirmed BAD

   Description:  Signature verification failed, message may have
been tampered with or corrupted

   Reporting host:   sendmail.net

   More information: http://antispam.yahoo.com/domainkeys

   Sendmail milter:
https://sourceforge.net/projects/domainkeys-milter/

 

Authentication System:   Sender ID   

   Result:   SID data confirmed GOOD

   Description:  Sending host is authorized for sending domain

   Reporting host:   sendmail.net

   More information: http://www.microsoft.com/senderid

   Sendmail milter:  https://sourceforge.net/projects/sid-milter/

 

Authentication System:   Sender Permitted From (SPF)

   Result:   SPF data confirmed GOOD

   Description:  Sending host is authorized for sending domain

   Reporting host:   sendmail.net

   More information: http://spf.pobox.com/

 

 

 

From: Postmaster [mailto:postmas...@seawise-chartering.co.uk] 
Sent: Tuesday, April 06, 2010 10:33 AM
To: qmailtoaster-list@qmailtoaster.com
Subject: Re: [qmailtoaster] Domainkeys

 

Are you sending this e-mail from your intranet? What is 12.169.159.250?
Can you send a test e-mail to sa-t...@sendmail.net from your qmailtoaster
server?

Your tcp.smtp:

127.:allow,RELAYCLIENT=

12.169.159.250:allow,RELAYCLIENT=

DKSIGN=/var/qmail/control/domainkeys/%/private,:allow,BADMIMETYPE=,BADLO
ADERTYPE=M,CHKUSER_RCPTLI
MIT=15,CHKUSER_WRONGRCPTLIMIT=3,DKVERIFY=DEGIJKfh,QMAILQUEUE=/var/qma
il/bin/simscan,DKQUEUE=/var/qmail/bin/qmail-queue.orig,DKSIGN=/var/qmail
/control/domainkeys/%/private,RBLSMTPD=,NOP0FCHECK=   1


In my tcp.smtp I also have DKSIGN=/var/qmail/control/domainkeys/%/private
in 127.:allow section


Regards
Alex


On 06/04/2010 15:55, MagicWISP Sales wrote: 

 

 

I am trying to figure out my domainkeys signature.  Here is an header of an
email I sent myself at another address:

 

Received: from f10bb8-10 (10.1.116.201) by
idc1embx0004.corp.global.level3.com

 (10.1.9.79) with Microsoft SMTP Server id 8.1.375.2; Tue, 6 Apr 2010
08:46:06

 -0600

Received: from mail28.messagelabs.com (mail28.messagelabs.com

 [216.82.249.131])(using TLSv1 with cipher EDH-RSA-DES-CBC3-SHA
(168/168

 bits))(No client certificate requested)   by f10bb8-10
(Postfix) with ESMTP id

 54E6E4514  for  mailto:jack.mar...@level3.com
jack.mar...@level3.com; Tue,  6 Apr 2010 14:45:06 + (GMT)

X-VirusChecked: Checked

X-Env-Sender: jack.d.mar...@magicwisp.com

X-Msg-Ref: server-13.tower-28.messagelabs.com!1270565097!68063129!1

X-StarScan-Version: 6.2.4; banners=-,-,-

X-Originating-IP: [12.169.159.242]

X-SpamReason: No, hits=1.5 required=7.0 tests=HTML_90_100,HTML_MESSAGE,

  MIME_QP_LONG_LINE,MSGID_MULTIPLE_AT

Received: (qmail 1107 invoked from network); 6 Apr 2010 14:44:58 -

Received: from mail.magicwisp.com (HELO mail.magicwisp.com) (12.169.159.242)

  by server-13.tower-28.messagelabs.com with DHE-RSA-AES256-SHA encrypted

 SMTP; 6 Apr 2010 14:44:58 -

DKIM-Signature: v=1; a=rsa-sha1; c=simple; d=mail.magicwisp.com; h=from

:to:subject:date:message-id:mime-version:content-type;
s=dkim1;

 bh=2Pf8+Cl2bwZzgJS4YUMawkUEYtk=;
b=nzXC4kGH0Udf2vpiley2Uj2WDkhk

x62TMkYHXsyLmReG5+Ke458ZaYVsDmF8GoJa

Received: (qmail 25783 invoked by uid 89); 6 Apr 2010 14:44:55 -

Received: from unknown (HELO magicwisba8dea)

 (jack.d.mar...@magicwisp.com@12.169.159.128)  by mail.magicwisp.com with

 ESMTPA; 6 Apr 2010 14:44:55 -

Received: from 127.0.0.1 (AVG SMTP 9.0.800 [271.1.1/2793]); Tue, 06 Apr 2010

 09:43:51 -0500

From: Jack Martin  mailto:jack.d.mar...@magicwisp.com
jack.d.mar...@magicwisp.com

To:  mailto:jack.mar...@level3.com jack.mar...@level3.com

Subject: DomainKeys Test

Date: Tue, 6 Apr 2010 09:43:33 -0500

Message-ID:  mailto:001b01cad597$9b77fb30$d267f1...@d.martin@magicwisp.com
001b01cad597$9b77fb30$d267f1...@d.martin@magicwisp.com

MIME-Version: 1.0

X-Mailer: Microsoft Office Outlook 12.0

Thread-Index: AcrVl2qV/qD/L8X9RTq6FhTorqTw4Q==

Content-Language: en-us

Content-Type: multipart/mixed; boundaryAVGMAIL-6ED26C84===

Return-Path: jack.d.mar...@magicwisp.com

 

 

As you can see there is no signature, but my DNS has it in there.  If I do a
dig on the private key I get

Re: [qmailtoaster] Domainkeys


On 04/06/2010 11:22 AM, MagicWISP Sales wrote:


Of course it is a qmailtoaster machine -- LOL.  Yes I have DKIM setup 
and working.  I am trying to have both setup.





The DKIM script (assuming you're using the one from the video) - if you 
followed the video - only signs for DKIM. It replaces the qmail-dk 
handler, so messages will not be signed with domainkeys (you can 
actually leave all those directives out of your tcp.smtp file). If you 
wish to sign with both DKIM and DomainKeys, then you need to edit the 
config file for the dkim module to tell it to also sign for DomainKeys.
I believe I provided some links for subscribers in the DKIM video for 
more documentation, which will show you how to sign for DomainKeys as well.

RE: [qmailtoaster] Domainkeys

I did follow the video - but I don't remember the links.  Looks like I need
to go watch it again.

From: Jake Vickers [mailto:j...@qmailtoaster.com] 
Sent: Tuesday, April 06, 2010 10:43 AM
To: qmailtoaster-list@qmailtoaster.com
Subject: Re: [qmailtoaster] Domainkeys

On 04/06/2010 11:22 AM, MagicWISP Sales wrote: 

Of course it is a qmailtoaster machine - LOL.  Yes I have DKIM setup and
working.  I am trying to have both setup.  

The DKIM script (assuming you're using the one from the video) - if you
followed the video - only signs for DKIM. It replaces the qmail-dk handler,
so messages will not be signed with domainkeys (you can actually leave all
those directives out of your tcp.smtp file). If you wish to sign with both
DKIM and DomainKeys, then you need to edit the config file for the dkim
module to tell it to also sign for DomainKeys.
I believe I provided some links for subscribers in the DKIM video for more
documentation, which will show you how to sign for DomainKeys as well.

No virus found in this outgoing message.
Checked by AVG - www.avg.com
Version: 9.0.800 / Virus Database: 271.1.1/2794 - Release Date: 04/06/10 
01:32:00
-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Domainkeys

2010-04-06 Thread Postmaster


Jake,

I was thinking that the following wrappers are used:
For Domainkeys - qmail-dk
For DKIM - qmail-remote

Therefore, If you install DKIM (your video) on top of Domainkey 
installation described on the wiki,
they can both work without any issues. This is what I have on my 
qmailtoaster - both Domainkey and DKIM are

signing even though DKIM has not been setup to sign both.

Regards
Alex

On 06/04/2010 16:43, Jake Vickers wrote:

On 04/06/2010 11:22 AM, MagicWISP Sales wrote:


Of course it is a qmailtoaster machine -- LOL.  Yes I have DKIM setup 
and working.  I am trying to have both setup.





The DKIM script (assuming you're using the one from the video) - if 
you followed the video - only signs for DKIM. It replaces the qmail-dk 
handler, so messages will not be signed with domainkeys (you can 
actually leave all those directives out of your tcp.smtp file). If you 
wish to sign with both DKIM and DomainKeys, then you need to edit the 
config file for the dkim module to tell it to also sign for DomainKeys.
I believe I provided some links for subscribers in the DKIM video for 
more documentation, which will show you how to sign for DomainKeys as 
well.

Re: [qmailtoaster] Domainkeys


On 04/06/2010 11:51 AM, MagicWISP Sales wrote:


I did follow the video -- but I don't remember the links.  Looks like 
I need to go watch it again.


**


In the posting for the video, I provide the link to the module and docs:
http://manuel.mausz.at/coding/qmail-dkim/

**

Re: [qmailtoaster] Domainkeys


On 04/06/2010 12:03 PM, Postmaster wrote:

Jake,

I was thinking that the following wrappers are used:
For Domainkeys - qmail-dk
For DKIM - qmail-remote

Therefore, If you install DKIM (your video) on top of Domainkey 
installation described on the wiki,
they can both work without any issues. This is what I have on my 
qmailtoaster - both Domainkey and DKIM are

signing even though DKIM has not been setup to sign both.


You can do it that way - I do not recall if I worked it that way in the 
video though, since the dkim module can sign for both, IIRC.

[qmailtoaster] domainkeys without qmail-dk

2010-02-18 Thread Martin Waschbuesch

Hi there,

has anyone had experience with these scripts:

http://www.memoryhole.net/qmail/#dkim

They basically replace the functionality of qmail-dk and offer some 
enhancements:
mail is signed when leaving the queue, which will allow for bounce-messages to 
be signed as well. It also means that the policy of a domain can be set to: 
signing all mails.
At any rate, I would like to hear from anyone who has implemented this.

If no one has, I am going to try it out, but would need some pointers on 
*safely* removing/disabling qmail-dk (perhaps recompiling qmail without the 
libdomainkeys patch), etc.

Thanks,

Martin

--
One may understand the cosmos, but never the ego; the self is more distant 
than any star.

Gilbert K. Chesterton


-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] DomainKeys question

2010-02-12 Thread Scott Hughes

I have installed Qmail Toaster via the QMT5ISO and it seems to be up and
running for all of my domains.  In the wiki for the after-install processes
that I followed (
http://wiki.qmailtoaster.com/index.php/QMT-ISO_Manual_Guide#Disabling_domainkeys)
it tells me to disable the domainkeys by running the command: ln -sf
qmail-queue.orig qmail-queue and then restarting the qmail processes.

I have attempted to now use domain keys by following the video that Jake
Vickers produced.  It does not appear to be working.

Here is my question after a short email discussion with Jake.  Am I linked
correctly?  Here is the output of ls -al on the /var/qmail/bin directory:

total 1248
drwxr-xr-x  2 root   qmail   4096 Feb 12 08:59 .
drwxr-xr-x 12 root   qmail   4096 Feb 10 14:34 ..
-rwxr-xr-x  1 root   qmail   9788 Apr 27  2009 bouncesaying
-rwxr-xr-x  1 root   qmail  26324 Apr 27  2009 condredirect
-rwxr-xr-x  1 root   qmail   1087 Apr 27  2009 config-fast
-rwxr-xr-x  1 root   qmail126 Apr 27  2009 datemail
-rwxr-xr-x  1 root   qmail929 Apr 27  2009 dh_key
-rwxr-xr-x  1 root   qmail114 Apr 27  2009 elq
-rwxr-xr-x  1 root   qmail   9072 Apr 27  2009 except
-rwxr-xr-x  1 root   qmail  26316 Apr 27  2009 forward
-rwxr-xr-x  1 root   qmail  24584 Apr 27  2009 instcheck
-rwxr-xr-x  1 root   qmail  20280 Apr 27  2009 maildir2mbox
-rwxr-xr-x  1 root   qmail   8780 Apr 27  2009 maildirmake
-rwxr-xr-x  1 root   qmail  18352 Apr 27  2009 maildirwatch
-rwxr-xr-x  1 root   qmail179 Apr 27  2009 mailsubj
-rwxr-xr-x  1 root   qmail115 Apr 27  2009 pinq
-rwxr-xr-x  1 root   qmail  13968 Apr 27  2009 predate
-rwxr-xr-x  1 root   qmail  13972 Apr 27  2009 preline
-rwxr-xr-x  1 root   qmail115 Apr 27  2009 qail
-rwxr-xr-x  1 root   qmail  12404 Apr 27  2009 qbiff
-rwxr-xr-x  1 root   qmail  14360 Apr 27  2009 qmail-badloadertypes
-rwxr-xr-x  1 root   qmail  14348 Apr 27  2009 qmail-badmimetypes
-rwx--x--x  1 root   qmail  10576 Apr 27  2009 qmail-clean
-rws--x--x  1 qmailq qmail  49968 Apr 27  2009 qmail-dk
-rwx--x--x  1 root   qmail   5876 Apr 27  2009 qmail-getpw
-rwxr-xr-x  1 root   qmail  46836 Apr 27  2009 qmail-inject
-rwx--x--x  1 root   qmail  53368 Apr 27  2009 qmail-local
-rwx--  1 root   qmail  18112 Apr 27  2009 qmail-lspawn
-rwx--  1 root   qmail  14524 Apr 27  2009 qmail-newmrh
-rwx--  1 root   qmail  13928 Apr 27  2009 qmail-newu
-rwxr-xr-x  1 root   qmail  30620 Apr 27  2009 qmail-pop3d
-rwx--x--x  1 root   qmail  14080 Apr 27  2009 qmail-popup
-rwx--x--x  1 root   qmail  18096 Apr 27  2009 qmail-pw2u
-rwxr-xr-x  1 root   qmail  14940 Apr 27  2009 qmail-qmqpc
-rwxr-xr-x  1 root   qmail  18060 Apr 27  2009 qmail-qmqpd
-rwxr-xr-x  1 root   qmail  26268 Apr 27  2009 qmail-qmtpd
-rwxr-xr-x  1 root   qmail  18036 Apr 27  2009 qmail-qread
-rwxr-xr-x  1 root   qmail371 Apr 27  2009 qmail-qstat
lrwxrwxrwx  1 root   root  16 Feb 12 08:59 qmail-queue -
qmail-queue.orig
-rws--x--x  1 qmailq qmail  24776 Apr 27  2009 qmail-queue.orig
-rwx--x--x  1 root   qmail  45056 Apr 27  2009 qmail-remote
-rwx--x--x  1 root   qmail  13988 Apr 27  2009 qmail-rspawn
-rwx--x--x  1 root   qmail  51296 Apr 27  2009 qmail-send
-rwxr-xr-x  1 root   qmail  19480 Apr 27  2009 qmail-showctl
-rwxr-xr-x  1 root   qmail 154824 Apr 27  2009 qmail-smtpd
-rwx--  1 root   qmail   6032 Apr 27  2009 qmail-start
-rwxr-xr-x  1 root   qmail   9800 Apr 27  2009 qmail-tcpok
-rwxr-xr-x  1 root   qmail  10496 Apr 27  2009 qmail-tcpto
-rwxr-xr-x  1 root   qmail  26284 Apr 27  2009 qreceipt
-rwxr-xr-x  1 root   qmail  12004 Apr 27  2009 qsmhook
-rwxr-xr-x  1 root   qmail  10628 Apr 27  2009 sendmail
-rws--x--x  1 clamav root   59212 Apr 28  2009 simscan
-rwxr-xr-x  1 root   root   19153 Apr 28  2009 simscanmk
-rwxr-xr-x  1 root   qmail  30596 Apr 27  2009 spfquery
-rwx--x--x  1 root   qmail   7020 Apr 27  2009 splogger
-rwxr-xr-x  1 root   qmail  26316 Apr 27  2009 srsfilter
-rwxr-xr-x  1 root   qmail  22148 Apr 27  2009 tcp-env

Thanks!

RE: [qmailtoaster] Domainkeys Problems

2010-02-04 Thread John Raley

I just ran these again today and they failed on Domainkeys test. I set this
up about a month ago so DNS should have updated already.

I used sa-t...@sendmail.net with the following results:

Authentication System:   DomainKeys Identified Mail
   Result:   (no result present) 
   Reporting host:   
   More information: http://mipassoc.org/dkim/
   Sendmail milter:  https://sourceforge.net/projects/dkim-milter/

Authentication System:   Domain Keys 
   Result:   DK signature confirmed BAD
   Description:  Signature verification failed, message may have
been tampered with or corrupted
   Reporting host:   sendmail.net
   More information: http://antispam.yahoo.com/domainkeys
   Sendmail milter:
https://sourceforge.net/projects/domainkeys-milter/

Authentication System:   Sender ID   
   Result:   SID data confirmed GOOD
   Description:  Sending host is authorized for sending domain
   Reporting host:   sendmail.net
   More information: http://www.microsoft.com/senderid
   Sendmail milter:  https://sourceforge.net/projects/sid-milter/

Authentication System:   Sender Permitted From (SPF)
   Result:   SPF data confirmed GOOD
   Description:  Sending host is authorized for sending domain
   Reporting host:   sendmail.net
   More information: http://spf.pobox.com/

And I also used email-t...@qmailtoaster.com with the results:

Here are the spamassassin headers from this server:

No, score=0.6 required=5.0 tests=AWL,DK_POLICY_SIGNALL,
DK_SIGNED,HTML_MESSAGE,RDNS_NONE autolearn=no version=3.2.5

Return path was: John Raley j...@fmcfinance.net

Original test request was sent using: 

SPF Record: PASS

Sent from a valid domain: PASS

DomainKey:  FAIL

 
 Odd. In that case, what services did you test with that did not work?
 And when did you enable Domainkeys? Is it possible that your updated
 DNS information had not yet spread and that those services were using
 cached (and therefor wrong) DNS information. E.g. they might not have
 been able to see the selector or policy record...
 
 --
 Corporation. An ingenious device for obtaining individual profit
 without individual responsibility.
 
 Bierce, Ambrose
 
 



-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.
 
  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] Domainkeys Problems

2010-02-02 Thread John Raley

Every email testing service I have tested fails on domainkeys for my
qmailtoaster server. I tested my DNS TXT record and came back with:

 

ANSWER SECTION:

private._domainkey.fmcfinance.net. 86400 IN TXTk=rsa\
p=MEwwDQYJKoZIhvcNAQEBBQADOwAwOAIxAOIOlQryOFli9YpaxW4XMJL6GQni/tqs2OWSAXPGSU
E6AOkaTGyogIpkqJAC/GVrvQIDAQAB

 

 

This is the header for an email I sent myself:

 

Content-Filter: maildrop-toaster

Return-Path: j...@fmcfinance.net

Delivered-To: fmcfinance.net-j...@fmcfinance.net

Received: (qmail 4136 invoked by uid 89); 2 Feb 2010 16:13:17 -

Comment: DomainKeys? See http://antispam.yahoo.com/domainkeys

DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;

  s=private; d=fmcfinance.net;

  b=r7PY5hXyE/+6tJ64WKaNpbjIMblrPCPuvQJgWGzhALsUwZNIQEXo4HL8x7uF0kET;

Received: from unknown (HELO JohnLaptop) (j...@fmcfinance.net@10.1.100.21)

  by mail.fmcfinance.net with ESMTPA; 2 Feb 2010 16:13:17 -

From: John Raley j...@fmcfinance.net

To: 'John Raley' j...@fmcfinance.net

Subject: Domainkeys Test

Date: Tue, 2 Feb 2010 10:12:56 -0600

Message-ID: 004001caa422$94b8c1e0$be2a45...@net

MIME-Version: 1.0

Content-Type: multipart/alternative;

boundary==_NextPart_000_0041_01CAA3F0.4A1E51E0

X-Mailer: Microsoft Office Outlook 12.0

Thread-Index: AcqkIpRsAWDWMaj7TjyN5swSyM9FbQ==

Content-Language: en-us

 

I followed the video on the qmailtoaster website How to setup DomainKeys
for Qmailtoaster and Bind. Any other information that can help troubleshoot
this, just let me know.

Re: [qmailtoaster] Domainkeys Problems

2010-02-02 Thread Martin Waschbuesch

John,

Hm, I used the tools on http://domainkeys.sourceforge.net to verify if your DNS
setup is correct and all appears to be in order.
Since the outgoing mail is signed and that looks good, too (pointing to the
right selector), I really am at a loss here.
Do you have a sample header for a rejected email?
E.g. could you sent this to some webmail account like google or yahoo and send
the headers that will produce?

If need be, you should set the policy record to signs SOME mail (curently it
says it signs all email), so that your tests do not get blocked and keep you
from investigating this...

That's all I can think of. Anyone else got some more ideas?

Martin

Am 02.02.2010 um 11:49 schrieb John Raley:

Every email testing service I have tested fails on domainkeys for my
qmailtoaster server. I tested my DNS TXT record and came back with:

ANSWER SECTION:
private._domainkey.fmcfinance.net. 86400 IN TXTk=rsa\
p=MEwwDQYJKoZIhvcNAQEBBQADOwAwOAIxAOIOlQryOFli9YpaxW4XMJL6GQni/tqs2OWSAXPGSUE6AOkaTGyogIpkqJAC/GVrvQIDAQAB

This is the header for an email I sent myself:

Content-Filter: maildrop-toaster
Return-Path: j...@fmcfinance.net
Delivered-To: fmcfinance.net-j...@fmcfinance.net
Received: (qmail 4136 invoked by uid 89); 2 Feb 2010 16:13:17 -
Comment: DomainKeys? See http://antispam.yahoo.com/domainkeys
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
s=private; d=fmcfinance.net;
b=r7PY5hXyE/+6tJ64WKaNpbjIMblrPCPuvQJgWGzhALsUwZNIQEXo4HL8x7uF0kET;
Received: from unknown (HELO JohnLaptop) (j...@fmcfinance.net@10.1.100.21)
by mail.fmcfinance.net with ESMTPA; 2 Feb 2010 16:13:17 -
From: John Raley j...@fmcfinance.net
To: 'John Raley' j...@fmcfinance.net
Subject: Domainkeys Test
Date: Tue, 2 Feb 2010 10:12:56 -0600
Message-ID: 004001caa422$94b8c1e0$be2a45...@net
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary==_NextPart_000_0041_01CAA3F0.4A1E51E0
X-Mailer: Microsoft Office Outlook 12.0
Thread-Index: AcqkIpRsAWDWMaj7TjyN5swSyM9FbQ==
Content-Language: en-us

I followed the video on the qmailtoaster website “How to setup DomainKeys for
Qmailtoaster and Bind.” Any other information that can help troubleshoot
this, just let me know.

--
Years ago my mother used to say to me, she'd say, 'In this world, Elwood, you
must be oh so smart or oh so pleasant.' Well, for years I was smart. I
recommend pleasant. You may quote me.

James Stewart as Elwood P. Dowd in 'Harvey'

-
Qmailtoaster is sponsored by Vickers Consulting Group
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
If you need professional help with your setup, contact them today!
-
Please visit qmailtoaster.com for the latest news, updates, and packages.

To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

RE: [qmailtoaster] Domainkeys Problems

2010-02-02 Thread John Raley

 -Original Message-
 From: Martin Waschbuesch [mailto:mar...@waschbuesch.de]
 Sent: Tuesday, February 02, 2010 11:10 AM
 To: qmailtoaster-list@qmailtoaster.com
 Subject: Re: [qmailtoaster] Domainkeys Problems

 John,

 Hm, I used the tools on http://domainkeys.sourceforge.net to verify if
 your DNS setup is correct and all appears to be in order.
 Since the outgoing mail is signed and that looks good, too (pointing to
 the right selector), I really am at a loss here.
 Do you have a sample header for a rejected email?
 E.g. could you sent this to some webmail account like google or yahoo
 and send the headers that will produce?

 If need be, you should set the policy record to signs SOME mail
 (curently it says it signs all email), so that your tests do not get
 blocked and keep you from investigating this...

 That's all I can think of. Anyone else got some more ideas?

 Martin

 Am 02.02.2010 um 11:49 schrieb John Raley:

  Every email testing service I have tested fails on domainkeys for my
 qmailtoaster server. I tested my DNS TXT record and came back with:

  ANSWER SECTION:
  private._domainkey.fmcfinance.net. 86400 IN TXTk=rsa\
 p=MEwwDQYJKoZIhvcNAQEBBQADOwAwOAIxAOIOlQryOFli9YpaxW4XMJL6GQni/tqs2OWSA
 XPGSUE6AOkaTGyogIpkqJAC/GVrvQIDAQAB

  This is the header for an email I sent myself:

  Content-Filter: maildrop-toaster
  Return-Path: j...@fmcfinance.net
  Delivered-To: fmcfinance.net-j...@fmcfinance.net
  Received: (qmail 4136 invoked by uid 89); 2 Feb 2010 16:13:17 -
  Comment: DomainKeys? See http://antispam.yahoo.com/domainkeys
  DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
s=private; d=fmcfinance.net;
b=r7PY5hXyE/+6tJ64WKaNpbjIMblrPCPuvQJgWGzhALsUwZNIQEXo4HL8x7uF0kET;
  Received: from unknown (HELO JohnLaptop)
 (j...@fmcfinance.net@10.1.100.21)
by mail.fmcfinance.net with ESMTPA; 2 Feb 2010 16:13:17 -
  From: John Raley j...@fmcfinance.net
  To: 'John Raley' j...@fmcfinance.net
  Subject: Domainkeys Test
  Date: Tue, 2 Feb 2010 10:12:56 -0600
  Message-ID: 004001caa422$94b8c1e0$be2a45...@net
  MIME-Version: 1.0
  Content-Type: multipart/alternative;
  boundary==_NextPart_000_0041_01CAA3F0.4A1E51E0
  X-Mailer: Microsoft Office Outlook 12.0
  Thread-Index: AcqkIpRsAWDWMaj7TjyN5swSyM9FbQ==
  Content-Language: en-us

  I followed the video on the qmailtoaster website How to setup
 DomainKeys for Qmailtoaster and Bind. Any other information that can
 help troubleshoot this, just let me know.

 --
 Years ago my mother used to say to me, she'd say, 'In this world,
 Elwood, you must be oh so smart or oh so pleasant.' Well, for years I
 was smart. I recommend pleasant. You may quote me.

 James Stewart as Elwood P. Dowd in 'Harvey'

 ---
 --
 Qmailtoaster is sponsored by Vickers Consulting Group
 (www.vickersconsulting.com)
 Vickers Consulting Group offers Qmailtoaster support and
 installations.
   If you need professional help with your setup, contact them
 today!
 ---
 --
  Please visit qmailtoaster.com for the latest news, updates, and
 packages.

   To unsubscribe, e-mail: qmailtoaster-list-
 unsubscr...@qmailtoaster.com
  For additional commands, e-mail: qmailtoaster-list-
 h...@qmailtoaster.com

Actually gmail says it passes Domainkeys check. This is the header for an
email I just sent my gmail account:

Delivered-To: trols...@gmail.com
Received: by 10.100.210.10 with SMTP id i10cs34536ang;
Tue, 2 Feb 2010 09:24:18 -0800 (PST)
Received: by 10.150.251.10 with SMTP id y10mr8970648ybh.131.1265131458112;
Tue, 02 Feb 2010 09:24:18 -0800 (PST)
Return-Path: j...@fmcfinance.net
Received: from mail.fmcfinance.net (mail.fmcfinance.net [207.203.115.100])
by mx.google.com with ESMTP id
17si13367599yxe.134.2010.02.02.09.24.16;
Tue, 02 Feb 2010 09:24:16 -0800 (PST)
Received-SPF: pass (google.com: domain of j...@fmcfinance.net designates
207.203.115.100 as permitted sender) client-ip=207.203.115.100;
DomainKey-Status: good
Authentication-Results: mx.google.com; spf=pass (google.com: domain of
j...@fmcfinance.net designates 207.203.115.100 as permitted sender)
smtp.mail=j...@fmcfinance.net; domainkeys=pass
header.from=j...@fmcfinance.net
Received: (qmail 11210 invoked by uid 89); 2 Feb 2010 17:24:26 -
Comment: DomainKeys? See http://antispam.yahoo.com/domainkeys
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
  s=private; d=fmcfinance.net;
  b=XCeWdhi32GqN9cWW35nEH6yooG74pZ5+CtvwdSouh66DCCJxzagtm17SJenzV5sI;
Received: from unknown (HELO JohnLaptop) (j...@fmcfinance.net@10.1.100.21)
  by mail.fmcfinance.net with ESMTPA; 2 Feb 2010 17:24:26 -
From: John Raley j...@fmcfinance.net
To: trols...@gmail.com
Subject: Testing Domainkeys
Date: Tue, 2 Feb 2010 11:24:05 -0600
Message-ID: 006401caa42c$85561d10$900257...@net
MIME

Re: [qmailtoaster] Domainkeys Problems

2010-02-02 Thread Martin Waschbuesch


 Actually gmail says it passes Domainkeys check. This is the header for an
 email I just sent my gmail account:
 


Odd. In that case, what services did you test with that did not work? And when 
did you enable Domainkeys? Is it possible that your updated DNS information had 
not yet spread and that those services were using cached (and therefor wrong) 
DNS information. E.g. they might not have been able to see the selector or 
policy record... 

--
Corporation. An ingenious device for obtaining individual profit without 
individual responsibility.

Bierce, Ambrose


-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.

  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

RE: [qmailtoaster] Domainkeys Problems

2010-02-02 Thread Anil Aliyan

Hi All,

Same thing happened with me when I setup domainkeys and dkim for my
mailserver and published my public key in the DNS. Some of the public
mailserver like gmail start reading the dns entry after few hours but some
other mailserver like yahoo takes time to update their dns server/dns
caching servers. So one should wait for atleast 3-4 days from the day you
publish your public key in the DNS to be reflected globally.

Regards,

Anil Aliyan

-Original Message-
From: Martin Waschbuesch [mailto:mar...@waschbuesch.de] 
Sent: Wednesday, February 03, 2010 2:23 AM
To: qmailtoaster-list@qmailtoaster.com
Subject: Re: [qmailtoaster] Domainkeys Problems


 Actually gmail says it passes Domainkeys check. This is the header for an
 email I just sent my gmail account:
 


Odd. In that case, what services did you test with that did not work? And
when did you enable Domainkeys? Is it possible that your updated DNS
information had not yet spread and that those services were using cached
(and therefor wrong) DNS information. E.g. they might not have been able to
see the selector or policy record... 

--
Corporation. An ingenious device for obtaining individual profit without
individual responsibility.

Bierce, Ambrose



-
Qmailtoaster is sponsored by Vickers Consulting Group
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!

-
 Please visit qmailtoaster.com for the latest news, updates, and
packages.
 
  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail:
qmailtoaster-list-h...@qmailtoaster.com





-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.
 
  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] Domainkeys Problems

2010-02-02 Thread Maxwell Smart

You should be able to adjust the TTL to a lower level before iinstalling
domainkeys to obtain faster implementation on DNS servers.  Once a week
or so has passed up the TTL to the standard 38400 IIRC.  Don't go too
low or you can have problems.  3600 should be enough.

On 02/02/2010 09:08 PM, Anil Aliyan wrote:
 Hi All,

 Same thing happened with me when I setup domainkeys and dkim for my
 mailserver and published my public key in the DNS. Some of the public
 mailserver like gmail start reading the dns entry after few hours but some
 other mailserver like yahoo takes time to update their dns server/dns
 caching servers. So one should wait for atleast 3-4 days from the day you
 publish your public key in the DNS to be reflected globally.

 Regards,

 Anil Aliyan

 -Original Message-
 From: Martin Waschbuesch [mailto:mar...@waschbuesch.de] 
 Sent: Wednesday, February 03, 2010 2:23 AM
 To: qmailtoaster-list@qmailtoaster.com
 Subject: Re: [qmailtoaster] Domainkeys Problems


   
 Actually gmail says it passes Domainkeys check. This is the header for an
 email I just sent my gmail account:

 

 Odd. In that case, what services did you test with that did not work? And
 when did you enable Domainkeys? Is it possible that your updated DNS
 information had not yet spread and that those services were using cached
 (and therefor wrong) DNS information. E.g. they might not have been able to
 see the selector or policy record... 

 --
 Corporation. An ingenious device for obtaining individual profit without
 individual responsibility.

 Bierce, Ambrose


 
 -
 Qmailtoaster is sponsored by Vickers Consulting Group
 (www.vickersconsulting.com)
 Vickers Consulting Group offers Qmailtoaster support and installations.
   If you need professional help with your setup, contact them today!
 
 -
  Please visit qmailtoaster.com for the latest news, updates, and
 packages.
  
   To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
  For additional commands, e-mail:
 qmailtoaster-list-h...@qmailtoaster.com





 -
 Qmailtoaster is sponsored by Vickers Consulting Group 
 (www.vickersconsulting.com)
 Vickers Consulting Group offers Qmailtoaster support and installations.
   If you need professional help with your setup, contact them today!
 -
  Please visit qmailtoaster.com for the latest news, updates, and packages.
  
   To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
  For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com


   

-- 
Cecil Yother, Jr. cj
cj's
2318 Clement Ave
Alameda, CA  94501

tel 510.865.2787 | fax 510.864.7300
http://yother.com


-
Qmailtoaster is sponsored by Vickers Consulting Group 
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
  If you need professional help with your setup, contact them today!
-
 Please visit qmailtoaster.com for the latest news, updates, and packages.
 
  To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

[qmailtoaster] domainkeys bad signature with large emails

2010-02-01 Thread Sven-Thorsten Fahrbach


Dear all

I'm struggling to get the qmailtoaster domainkeys plugin to consistently 
generate good signatures, i.e. signatures that are accepted by major 
email providers, like Yahoo or Gmail.


Strangely enough, I don't seem to have problems as long as the message 
length doesn't exceed a certain limit.


The server runs OpenSUSE 10.3 with qmail-toaster 1.03-1.3.15 and 
libdomainkeys-toaster 0.68-1.3.3.


Any help will be greatly appreciated!

Sven-Thorsten Fahrbach

[qmailtoaster] DomainKeys? or clamav in header?

2009-11-11 Thread Donald Wheeling


I have Qmail Toaster running sending/receiving emails correctly but I'm having 
issues with domain keys. When I send myself emails from squirrelmail my header 
info looks  like this:

Return-Path: d...@mydomain.com

Delivered-To: d...@mydomain.com

Received: (qmail 6149 invoked by uid 89); 11 Nov 2009 10:31:25 -

Comment: DomainKeys? See http://antispam.yahoo.com/domainkeys

DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;

  s=private; d=mydomain.com;

  b=AilbzeDiS87tpN8SyFejgnG7WHhO/vs40LpG/TjV4Si+knjVQJgxkTGwlIBtZuji;

Received: from unknown (HELO www.mydomain.com) (127.0.0.1)

  by appserver.mydomain.com with SMTP; 11 Nov 2009 10:31:25 -

Received: from 192.168.1.5

(SquirrelMail authenticated user d...@mydomain.com)

by massconflux.com with HTTP;

Wed, 11 Nov 2009 03:31:25 -0700

Message-ID: 03f9a711ed2a2a4f0b681aa59ed5e5f8.squir...@mydomain.com

In-Reply-To: d4713d1f317b541f5a7a258db22839eb.squir...@mydomain.com

References: 433f6b122f3ae1174678e930c84b1216.squir...@mydomain.com

c875e7dfbcd5ad207862df9ada3742f7.squir...@mydomain.com

864c7b77df983cd31855d10da8c1e474.squir...@mydomain.com

d4713d1f317b541f5a7a258db22839eb.squir...@mydomain.com

Date: Wed, 11 Nov 2009 03:31:25 -0700

Subject: Re: test

From: d...@mydomain.com

To: d...@mydomain.com

User-Agent: SquirrelMail/1.4.19-1.3.15

MIME-Version: 1.0

Content-Type: text/plain;charset=iso-8859-1

Content-Transfer-Encoding: 8bit

X-Priority: 3 (Normal)

Importance: Normal
I figured spamassassin isn't anywhere in the header because it's being ignored 
since the email originated on the server via squirrelmail but wouldn't clamav 
be in the header? Also domain keys doesn't look right. I've checked and 
rechecked the public key entry in DNS. Am I missing something?

I'd post my public key but it's listed in the header above. It's like the key 
is being placed correctly on output but input doesn't read it. My tcp.smtp is 
below:

127.:allow,RELAYCLIENT=,DKSIGN=/var/qmail/control/domainkeys/%/private,RBLSMTPD=,NOP0FCHECK=1
:allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=50,CHKUSER_WRONGRCPTLIMIT=10,QMAILQUEUE=/var/qmail/bin/simscan,DKSIGN=/var/qmail/control/domainkeys/%/private,DKVERIFY=DEGIJKfh,DKQUEUE=/var/qmail/bin/qmail-queue.orig,NOP0FCHECK=1

Re: [qmailtoaster] DomainKeys? or clamav in header?

2009-11-11 Thread Ganesh.payelkar

Dear Donald,

 add this option in QMAILQUEUE=/var/qmail/bin/simscan your 1 line
oc tcp.smtp

127.:allow,RELAYCLIENT=,DKSIGN=/var/qmail/control/domainkeys/%/private,RBLSMTPD=,NOP0FCHECK=1,QMAILQUEUE=/var/qmail/bin/simscan


-- 
Regards,

Ganesh P




On Wed, Nov 11, 2009 at 4:21 PM, Donald Wheeling donw1...@hotmail.comwrote:

  I have Qmail Toaster running sending/receiving emails correctly but I'm
 having issues with domain keys. When I send myself emails from squirrelmail
 my header info looks  like this:

 *Return-Path:* 
 d...@mydomain.comhttp://www.massconflux.com/webmail/src/compose.php?send_to=don%40massconflux.com
 
 *Delivered-To:* 
 d...@mydomain.comhttp://www.massconflux.com/webmail/src/compose.php?send_to=don%40massconflux.com
 *Received:* (qmail 6149 invoked by uid 89); 11 Nov 2009 10:31:25 -
 *Comment:* DomainKeys? See http://antispam.yahoo.com/domainkeys
 *DomainKey-Signature:* a=rsa-sha1; q=dns; c=nofws;
  s=private; d=mydomain.com;
  b=AilbzeDiS87tpN8SyFejgnG7WHhO/vs40LpG/TjV4Si+knjVQJgxkTGwlIBtZuji;
 *Received:* from unknown (HELO www.mydomain.com) (127.0.0.1)
  by appserver.mydomain.com with SMTP; 11 Nov 2009 10:31:25 -
 *Received:* from 192.168.1.5
  (SquirrelMail authenticated user 
 d...@mydomain.comhttp://www.massconflux.com/webmail/src/compose.php?send_to=don%40massconflux.com
 )
  by massconflux.com with HTTP;
  Wed, 11 Nov 2009 03:31:25 -0700
 *Message-ID:* 03f9a711ed2a2a4f0b681aa59ed5e5f8.squir...@mydomain.com
 *In-Reply-To:* d4713d1f317b541f5a7a258db22839eb.squir...@mydomain.com
 *References:* 433f6b122f3ae1174678e930c84b1216.squir...@mydomain.com
  c875e7dfbcd5ad207862df9ada3742f7.squir...@mydomain.com
  864c7b77df983cd31855d10da8c1e474.squir...@mydomain.com
  d4713d1f317b541f5a7a258db22839eb.squir...@mydomain.com
 *Date:* Wed, 11 Nov 2009 03:31:25 -0700
 *Subject:* Re: test
 *From:* 
 d...@mydomain.comhttp://www.massconflux.com/webmail/src/compose.php?send_to=don%40massconflux.com
 *To:* 
 d...@mydomain.comhttp://www.massconflux.com/webmail/src/compose.php?send_to=don%40massconflux.com
 *User-Agent:* SquirrelMail/1.4.19-1.3.15
 *MIME-Version:* 1.0
 *Content-Type:* text/plain;charset=iso-8859-1
 *Content-Transfer-Encoding:* 8bit
 *X-Priority:* 3 (Normal)
 *Importance:* Normal
 I figured spamassassin isn't anywhere in the header because it's being
 ignored since the email originated on the server via squirrelmail but
 wouldn't clamav be in the header? Also domain keys doesn't look right. I've
 checked and rechecked the public key entry in DNS. Am I missing something?

 I'd post my public key but it's listed in the header above. It's like the
 key is being placed correctly on output but input doesn't read it. My
 tcp.smtp is below:


 127.:allow,RELAYCLIENT=,DKSIGN=/var/qmail/control/domainkeys/%/private,RBLSMTPD=,NOP0FCHECK=1

 :allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=50,CHKUSER_WRONGRCPTLIMIT=10,QMAILQUEUE=/var/qmail/bin/simscan,DKSIGN=/var/qmail/control/domainkeys/%/private,DKVERIFY=DEGIJKfh,DKQUEUE=/var/qmail/bin/qmail-queue.orig,NOP0FCHECK=1

[qmailtoaster] DomainKeys not signing any mails.

2008-11-21 Thread raunak

Hi,
I recently installed qmail toaster (virtual appliance) . I think i've
managed to get most of the config right, except for two things. And i need
HELP!
Anyone had any experience installing domainkeys on this version?
qmail-intel-vm-1.4.1 ? I have generated the keys, and updated my dns
records and they check out. also updated the tcp.smtp file as per the
wiki. But the system just doesnt sign any outgoing emails...
Please help.. its essential i get dk installed...

Also, another thing thats quite not right.. a part of my emails headers
(immediately after HELO) still shows (127.0.0.1) , though i've updated the
hostname in what i think is all the places

Received: (qmail 27615 invoked by uid 89); 21 Nov 2008 16:05:28 -
Received: from unknown (HELO .xx.in) (127.0.0.1)
  by .xx.in with SMTP; 21 Nov 2008 16:05:28 -
Received: from 59.180.157.182
(SquirrelMail authenticated user [EMAIL PROTECTED])
by x.xx.in with HTTP;

Help would be greatly appreciated.
RSA


-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[qmailtoaster] Domainkeys Problem

2008-10-17 Thread Anil Aliyan

Untitled DocumentDear All,

Till last week my mail were signed by domainkeys but today when i checked and 
some test messages to google and yahoo it say DomainKey-Status: bad.

I dont understand how it can happen on its own when I havent changed anything 
in my server. 
When i check my server by sending test mail to 
http://senderid.espcoalition.org/ it also says that 
DomainKey-Status: bad: Signature failed verification
DKIM-Status: failed (no signature found)

SPF records and rest all are OK and verified.

how can I make sure that every mail sent by my mail server is signed by the 
designated private key? Or why doest my sever fails to sign  mail??

Regards,


 
  Anil Aliyan 
  Asst. Manager (Network) 
 (n)Code Solutions - A Division of GNFC Limited
  301, GNFC Infotower,
  S. G. Highway, Bodakdev,
  Ahmedabad - 380054
  Gujarat. India.
 
  [EMAIL PROTECTED] 
  [EMAIL PROTECTED]
 tel: 
fax: 
mobile: 
   +91 79 40007348
+91 79 26857321
+91 98989 94371 
   
 

  All information in this communication, including attachments, is strictly 
confidential and intended solely for delivery to and authorized use by the 
address(es) identified above, and may contain privileged, confidential, 
proprietary and/or trade secret information entitled to protection and/or 
exempt from disclosure under applicable law.  If you are not the intended 
recipient, please take notice that any use, distribution or copying of this 
communication, and/or any action taken or omitted to be taken in reliance upon 
it, is unauthorized and may be unlawful. If you have received this 
communication in error, please notify the sender and delete/destroy this 
communication from your computer.
 
   


image001.jpg

Re: [qmailtoaster] Domainkeys Problem

2008-10-17 Thread Jake Vickers


Anil Aliyan wrote:

Dear All,
 
Till last week my mail were signed by domainkeys but today when i 
checked and some test messages to google and yahoo it say 
DomainKey-Status: bad.
 
I dont understand how it can happen on its own when I havent changed 
anything in my server.
When i check my server by sending test mail to 
http://senderid.espcoalition.org/ it also says that

*DomainKey-Status*: bad: Signature failed verification
*DKIM-Status*: failed (no signature found)
SPF records and rest all are OK and verified.
 
how can I make sure that every mail sent by my mail server is signed 
by the designated private key? Or why doest my sever fails to sign  mail??


I know Yahoo is horrible about them - one of their servers will show 
correct, another will show as bad.
I see that your message was signed, but I do not check incoming.  A 
reliable place to test is here by sending a message to [EMAIL PROTECTED]

Give that a try and see what it returns.

Re: [qmailtoaster] Domainkeys Problem

2008-10-17 Thread Anil Aliyan

Untitled DocumentHi Jakes,

I have found out why its happening. Please look at my previous mail it has one 
html signature at the bottom with my name and company information. I removed 
html signature and then sent the mail to gmail and it recgnised my signature 
immidiately.

How does any stationary or html signature attached to the mail causes 
domainkeys go corrupt???

Earlier i sent once test message to the email address you gave it was also 
saying that

Authentication System:   DomainKeys Identified Mail
   Result:   (no result present) 
   Reporting host:   
   More information: http://mipassoc.org/dkim/
   Sendmail milter:  https://sourceforge.net/projects/dkim-milter/

Authentication System:   Domain Keys 
   Result:   DK signature confirmed BAD
   Description:  Signature verification failed, message may have 
been tampered with or corrupted
   Reporting host:   sendmail.net
   More information: http://antispam.yahoo.com/domainkeys
   Sendmail milter:  https://sourceforge.net/projects/domainkeys-milter/


But as soon as i removed the html signature from the stationary it changed to

Authentication System:   DomainKeys Identified Mail
   Result:   (no result present) 
   Reporting host:   
   More information: http://mipassoc.org/dkim/
   Sendmail milter:  https://sourceforge.net/projects/dkim-milter/

Authentication System:   Domain Keys 
   Result:   DK signature confirmed GOOD
   Description:  Signature verified, message arrived intact
   Reporting host:   sendmail.net
   More information: http://antispam.yahoo.com/domainkeys
   Sendmail milter:  https://sourceforge.net/projects/domainkeys-milter/

Regards,

Anil Aliyan
  - Original Message - 
  From: Jake Vickers 
  To: qmailtoaster-list@qmailtoaster.com 
  Sent: Friday, October 17, 2008 4:49 PM
  Subject: Re: [qmailtoaster] Domainkeys Problem


  Anil Aliyan wrote: 
Dear All,

Till last week my mail were signed by domainkeys but today when i checked 
and some test messages to google and yahoo it say DomainKey-Status: bad.

I dont understand how it can happen on its own when I havent changed 
anything in my server. 
When i check my server by sending test mail to 
http://senderid.espcoalition.org/ it also says that 
DomainKey-Status: bad: Signature failed verification
DKIM-Status: failed (no signature found)

SPF records and rest all are OK and verified.

how can I make sure that every mail sent by my mail server is signed by the 
designated private key? Or why doest my sever fails to sign  mail??

  I know Yahoo is horrible about them - one of their servers will show correct, 
another will show as bad.
  I see that your message was signed, but I do not check incoming.  A reliable 
place to test is here by sending a message to [EMAIL PROTECTED]
  Give that a try and see what it returns.

Re: [qmailtoaster] Domainkeys Problem

2008-10-17 Thread Anil Aliyan

Untitled DocumentYes, I think you are right. I`ll verify and change the 
signature and then check the same again. many thanks for your quick response.

Regards,

Anil Aliyan
  - Original Message - 
  From: Jake Vickers 
  To: qmailtoaster-list@qmailtoaster.com 
  Sent: Friday, October 17, 2008 5:14 PM
  Subject: Re: [qmailtoaster] Domainkeys Problem

  Anil Aliyan wrote: 
Hi Jakes,

I have found out why its happening. Please look at my previous mail it has 
one html signature at the bottom with my name and company information. I 
removed html signature and then sent the mail to gmail and it recgnised my 
signature immidiately.

How does any stationary or html signature attached to the mail causes 
domainkeys go corrupt???

Earlier i sent once test message to the email address you gave it was also 
saying that

Authentication System:   DomainKeys Identified Mail
   Result:   (no result present) 
   Reporting host:   
   More information: http://mipassoc.org/dkim/
   Sendmail milter:  https://sourceforge.net/projects/dkim-milter/

Authentication System:   Domain Keys 
   Result:   DK signature confirmed BAD
   Description:  Signature verification failed, message may 
have been tampered with or corrupted
   Reporting host:   sendmail.net
   More information: http://antispam.yahoo.com/domainkeys
   Sendmail milter:  
https://sourceforge.net/projects/domainkeys-milter/

But as soon as i removed the html signature from the stationary it changed 
to

Authentication System:   DomainKeys Identified Mail
   Result:   (no result present) 
   Reporting host:   
   More information: http://mipassoc.org/dkim/
   Sendmail milter:  https://sourceforge.net/projects/dkim-milter/

Authentication System:   Domain Keys 
   Result:   DK signature confirmed GOOD
   Description:  Signature verified, message arrived intact
   Reporting host:   sendmail.net
   More information: http://antispam.yahoo.com/domainkeys
   Sendmail milter:  
https://sourceforge.net/projects/domainkeys-milter/

  Your signature is not HTML, but a Word doc. I only took a brief look, but it 
looks like your signature ties back to a couple Microsoft websites, so I can 
see where that would break things. They're meant to show the message is from 
who it says it is, and untampered with. Since your signature looks like it 
calls back to external websites for whatever reason that would break either one 
since that data is NOT from your mail server.
  Like I said, that was a brief glance. It could be that DK cannot sign a MIME 
encoded message - try one with an attachment.  I sign my accounts, and on one 
of those accounts I have a signature at the bottom - plain text attached by 
Thunderbird, and it works fine.  I do not think it has anything to do with the 
MIME encoded message though - I think your Word signature is calling outside 
and breaking the schema.

Re: [qmailtoaster] Domainkeys Problem

2008-10-17 Thread Jake Vickers


Anil Aliyan wrote:

Hi Jakes,
 
I have found out why its happening. Please look at my previous mail it 
has one html signature at the bottom with my name and company 
information. I removed html signature and then sent the mail to gmail 
and it recgnised my signature immidiately.
 
How does any stationary or html signature attached to the mail causes 
domainkeys go corrupt???
 
Earlier i sent once test message to the email address you gave it was 
also saying that
 
Authentication System:   DomainKeys Identified Mail

   Result:   (no result present)
   Reporting host:  
   More information: http://mipassoc.org/dkim/

   Sendmail milter:  https://sourceforge.net/projects/dkim-milter/

Authentication System:   Domain Keys
   Result:   DK signature confirmed BAD
   Description:  Signature verification failed, message 
may have been tampered with or corrupted
   Reporting host:   sendmail.net   
   More information: http://antispam.yahoo.com/domainkeys
   Sendmail milter:  
https://sourceforge.net/projects/domainkeys-milter/
 
But as soon as i removed the html signature from the stationary it 
changed to
 
Authentication System:   DomainKeys Identified Mail

   Result:   (no result present)
   Reporting host:  
   More information: http://mipassoc.org/dkim/

   Sendmail milter:  https://sourceforge.net/projects/dkim-milter/
Authentication System:   Domain Keys
   Result:   DK signature confirmed GOOD

   Description:  Signature verified, message arrived intact
   Reporting host:   sendmail.net   
   More information: http://antispam.yahoo.com/domainkeys
   Sendmail milter:  
https://sourceforge.net/projects/domainkeys-milter/


Your signature is not HTML, but a Word doc. I only took a brief look, 
but it looks like your signature ties back to a couple Microsoft 
websites, so I can see where that would break things. They're meant to 
show the message is from who it says it is, and untampered with. Since 
your signature looks like it calls back to external websites for 
whatever reason that would break either one since that data is NOT from 
your mail server.
Like I said, that was a brief glance. It could be that DK cannot sign a 
MIME encoded message - try one with an attachment.  I sign my accounts, 
and on one of those accounts I have a signature at the bottom - plain 
text attached by Thunderbird, and it works fine.  I do not think it has 
anything to do with the MIME encoded message though - I think your Word 
signature is calling outside and breaking the schema.

Re: [qmailtoaster] Domainkeys

2008-09-28 Thread Anil Aliyan

DomainkeysYes it works very well. Follow the instructions given at 
http://wiki.qmailtoaster.com/index.php/Domainkeys

Before enabling the domain keys make sure that your _domainkey.yourdomain.com   
and  private._domainkey.yourdomain.com:k=rsa; p=MEwwDQYJKoZIhvcNAQEBBQ . . .

are properly configured in your DNS zone and populated on global root dns 
server. If these entried are not populated globally and you start using 
domainkeys, recipient servers wont be able to verify your signature in the mail 
headers and will return error. If dns entries are correctly populated it wiil 
start working in first shot.


Regards,

Anil Aliyan
  - Original Message - 
  From: Kyle Quillen 
  To: qmailtoaster-list@qmailtoaster.com 
  Sent: Sunday, September 28, 2008 12:34 AM
  Subject: [qmailtoaster] Domainkeys




  Hey all,

  What is the status on domain keys is it now supported or is it still broken.  
My server is not signing mail with domainkey and I think this is why yahoo is 
deferring me.

  Thanks
  q

[qmailtoaster] Domainkeys

2008-09-27 Thread Kyle Quillen


Hey all,

What is the status on domain keys is it now supported or is it still broken.  
My server is not signing mail with domainkey and I think this is why yahoo is 
deferring me. 

Thanks
q

Re: [qmailtoaster] Domainkeys

2008-09-27 Thread Lucian Cristian


Kyle Quillen wrote:


Hey all,

What is the status on domain keys is it now supported or is it still 
broken.  My server is not signing mail with domainkey and I think this 
is why yahoo is deferring me.


Thanks
q

hi, i'm using it from the beginning and for signing I didn't had any 
problems cnt4cnt5


regards,
Luci

-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] Domainkeys

2008-09-27 Thread Eric Shubert

Kyle Quillen wrote:
 
 Hey all,
 
 What is the status on domain keys is it now supported or is it still
 broken.  My server is not signing mail with domainkey and I think this
 is why yahoo is deferring me.
 
 Thanks
 q
 

Oh, and the status of DomainKeys (TTBOMK) is that signing works, but
checking is broken.

-- 
-Eric 'shubes'


-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] Domainkeys

2008-09-27 Thread Eric Shubert

Kyle Quillen wrote:
 
 Hey all,
 
 What is the status on domain keys is it now supported or is it still
 broken.  My server is not signing mail with domainkey and I think this
 is why yahoo is deferring me.
 
 Thanks
 q
 

I think I've gotten past yahoo's deferral without domainkeys, although it
would help.

Is your SPF record correct in DNS? If it's not that'll get you deferred at
yahoo.

-- 
-Eric 'shubes'


-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] DomainKeys Problem

2008-07-18 Thread Eric Shubert

You should be ok then. DKIM is not the same as DK. DKIM is DK's successor (a
version 2 of DK of sorts). DKIM is not implemented in the toaster.

Anil Aliyan wrote:
 Yes i have tested it from those sites and it Passes all test except the
 DKIM-Status: failed (no signature found)
 
 Regards,
 
 Anil Aliyan
 
 
 
 - Original Message - From: Eric Shubert [EMAIL PROTECTED]
 To: qmailtoaster-list@qmailtoaster.com
 Sent: Friday, July 18, 2008 6:20 AM
 Subject: Re: [qmailtoaster] DomainKeys Problem
 
 
 Have you seen the DomainKeys wiki page? There is a site or two listed
 there
 that can be used for testing.

 You can send yourself an email and examine the headers to see if
 there's a
 DK signature present. That won't tell you if it's value is valid or
 not though.

 Anil Aliyan wrote:
 Hi,

 How can i verify if mails are signed by domainkeys. I dont see in any
 qmail logs or in maillog at all that outgoing mails are singed by
 qmail-dk.

 Regards,

 Anil Aliyan

 - Original Message - From: Ben Mills [EMAIL PROTECTED]
 To: qmailtoaster-list@qmailtoaster.com
 Sent: Saturday, July 12, 2008 7:07 PM
 Subject: Re: [qmailtoaster] DomainKeys Problem


 Anil Aliyan wrote:
 Dear All,

 I have recently intalled qmailtoaster with Domainkeys. But when mails
 are delivered into yahoo and gmail mailbox the headers shows the as
 follows:

 In yahoo it says domainkeys=fail (bad sig) and in gmail it says
 DomainKey-Status: bad domainkeys=hardfail

 According to http://domainkeys.sourceforge.net/policycheck.html , you
 don't have a valid domainkey txt record.

 I wish I could help you more but it's been so long since I set up
 domainkeys on my toaster, I recall little about it. At  that time
 there was a bit of disagreement on this list regarding the format of
 the dns records. With a bit of trial and error, I got mine working.

 I'm sorry I can't help you more. Maybe you will find the URL I
 mentioned useful for testing your setup.

 Good luck,
 Ben




 -- 
 -Eric 'shubes'

 -
 QmailToaster hosted by: VR Hosted http://www.vr.org
 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]



 
 
 -
 QmailToaster hosted by: VR Hosted http://www.vr.org
 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]
 


-- 
-Eric 'shubes'

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] DomainKeys Problem

2008-07-17 Thread Eric Shubert

Have you seen the DomainKeys wiki page? There is a site or two listed there
that can be used for testing.

You can send yourself an email and examine the headers to see if there's a
DK signature present. That won't tell you if it's value is valid or not though.

Anil Aliyan wrote:
 Hi,
 
 How can i verify if mails are signed by domainkeys. I dont see in any
 qmail logs or in maillog at all that outgoing mails are singed by qmail-dk.
 
 Regards,
 
 Anil Aliyan
 
 - Original Message - From: Ben Mills [EMAIL PROTECTED]
 To: qmailtoaster-list@qmailtoaster.com
 Sent: Saturday, July 12, 2008 7:07 PM
 Subject: Re: [qmailtoaster] DomainKeys Problem
 
 
 Anil Aliyan wrote:
 Dear All,

 I have recently intalled qmailtoaster with Domainkeys. But when mails
 are delivered into yahoo and gmail mailbox the headers shows the as
 follows:

 In yahoo it says domainkeys=fail (bad sig) and in gmail it says
 DomainKey-Status: bad domainkeys=hardfail

 According to http://domainkeys.sourceforge.net/policycheck.html , you
 don't have a valid domainkey txt record.

 I wish I could help you more but it's been so long since I set up
 domainkeys on my toaster, I recall little about it. At  that time
 there was a bit of disagreement on this list regarding the format of
 the dns records. With a bit of trial and error, I got mine working.

 I'm sorry I can't help you more. Maybe you will find the URL I
 mentioned useful for testing your setup.

 Good luck,
 Ben




-- 
-Eric 'shubes'

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] DomainKeys Problem

2008-07-17 Thread Anil Aliyan

Yes i have tested it from those sites and it Passes all test except the 
DKIM-Status: failed (no signature found)


Regards,

Anil Aliyan



- Original Message - 
From: Eric Shubert [EMAIL PROTECTED]

To: qmailtoaster-list@qmailtoaster.com
Sent: Friday, July 18, 2008 6:20 AM
Subject: Re: [qmailtoaster] DomainKeys Problem


Have you seen the DomainKeys wiki page? There is a site or two listed 
there

that can be used for testing.

You can send yourself an email and examine the headers to see if there's a
DK signature present. That won't tell you if it's value is valid or not 
though.


Anil Aliyan wrote:

Hi,

How can i verify if mails are signed by domainkeys. I dont see in any
qmail logs or in maillog at all that outgoing mails are singed by 
qmail-dk.


Regards,

Anil Aliyan

- Original Message - From: Ben Mills [EMAIL PROTECTED]
To: qmailtoaster-list@qmailtoaster.com
Sent: Saturday, July 12, 2008 7:07 PM
Subject: Re: [qmailtoaster] DomainKeys Problem



Anil Aliyan wrote:

Dear All,

I have recently intalled qmailtoaster with Domainkeys. But when mails
are delivered into yahoo and gmail mailbox the headers shows the as
follows:

In yahoo it says domainkeys=fail (bad sig) and in gmail it says
DomainKey-Status: bad domainkeys=hardfail


According to http://domainkeys.sourceforge.net/policycheck.html , you
don't have a valid domainkey txt record.

I wish I could help you more but it's been so long since I set up
domainkeys on my toaster, I recall little about it. At  that time
there was a bit of disagreement on this list regarding the format of
the dns records. With a bit of trial and error, I got mine working.

I'm sorry I can't help you more. Maybe you will find the URL I
mentioned useful for testing your setup.

Good luck,
Ben





--
-Eric 'shubes'

-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]






-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] DomainKeys Problem

2008-07-14 Thread Anil Aliyan


Hi,

How can i verify if mails are signed by domainkeys. I dont see in any qmail 
logs or in maillog at all that outgoing mails are singed by qmail-dk.


Regards,

Anil Aliyan

- Original Message - 
From: Ben Mills [EMAIL PROTECTED]

To: qmailtoaster-list@qmailtoaster.com
Sent: Saturday, July 12, 2008 7:07 PM
Subject: Re: [qmailtoaster] DomainKeys Problem



Anil Aliyan wrote:

Dear All,

I have recently intalled qmailtoaster with Domainkeys. But when mails are 
delivered into yahoo and gmail mailbox the headers shows the as follows:


In yahoo it says domainkeys=fail (bad sig) and in gmail it says 
DomainKey-Status: bad domainkeys=hardfail


According to http://domainkeys.sourceforge.net/policycheck.html , you 
don't have a valid domainkey txt record.


I wish I could help you more but it's been so long since I set up 
domainkeys on my toaster, I recall little about it. At  that time there 
was a bit of disagreement on this list regarding the format of the dns 
records. With a bit of trial and error, I got mine working.


I'm sorry I can't help you more. Maybe you will find the URL I mentioned 
useful for testing your setup.


Good luck,
Ben

-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]





-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] DomainKeys Problem

2008-07-12 Thread Ben Mills


Anil Aliyan wrote:

Dear All,

I have recently intalled qmailtoaster with Domainkeys. But when mails 
are delivered into yahoo and gmail mailbox the headers shows the as 
follows:


In yahoo it says domainkeys=fail (bad sig) and in gmail it says 
DomainKey-Status: bad domainkeys=hardfail


According to http://domainkeys.sourceforge.net/policycheck.html , you 
don't have a valid domainkey txt record.


I wish I could help you more but it's been so long since I set up 
domainkeys on my toaster, I recall little about it. At  that time there 
was a bit of disagreement on this list regarding the format of the dns 
records. With a bit of trial and error, I got mine working.


I'm sorry I can't help you more. Maybe you will find the URL I mentioned 
 useful for testing your setup.


Good luck,
Ben

-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[qmailtoaster] DomainKeys Problem

2008-07-11 Thread Anil Aliyan


Dear All,

I have recently intalled qmailtoaster with Domainkeys. But when mails are 
delivered into yahoo and gmail mailbox the headers shows the as follows:


In yahoo it says domainkeys=fail (bad sig) and in gmail it says 
DomainKey-Status: bad domainkeys=hardfail



YAHOO:

 Return-Path:   [EMAIL PROTECTED]
 Authentication-Results:   mta151.mail.in.yahoo.com from=gnvfc.net; 
domainkeys=fail (bad sig)
 Received:   from 125.18.132.20 (EHLO mail.gnvfc.net) (125.18.132.20) 
by mta151.mail.in.yahoo.com with SMTP; Wed, 09 Jul 2008 12:24:17 +0530

 Received:   (qmail 1903 invoked by uid 89); 9 Jul 2008 06:48:39 -
 Comment:   DomainKeys? See http://antispam.yahoo.com/domainkeys
 DomainKey-Signature:   a=rsa-sha1; q=dns; c=nofws; s=private; 
d=gnvfc.net; 
b=hyTQBAfguveD7nWizlaAOc/pkirbaIkybedzj76oF3M9cYboEvZfG3OkTmh6PYsE;
 Received:   by simscan 1.3.1 ppid: 1897, pid: 1900, t: 0.0498s 
scanners: attach: 1.3.1


___
GMAIL:

Return-Path: [EMAIL PROTECTED]
Received: from mail.gnvfc.net (mail.gnvfc.net [125.18.132.20])
   by mx.google.com with ESMTP id 
k21si8723209waf.8.2008.07.09.00.10.09;

   Wed, 09 Jul 2008 00:10:18 -0700 (PDT)
Received-SPF: pass (google.com: domain of [EMAIL PROTECTED] designates 
125.18.132.20 as permitted sender) client-ip=125.18.132.20;

DomainKey-Status: bad
Authentication-Results: mx.google.com; spf=pass (google.com: domain of 
[EMAIL PROTECTED] designates 125.18.132.20 as permitted sender) 
[EMAIL PROTECTED]; domainkeys=hardfail 
[EMAIL PROTECTED]

Received: (qmail 6077 invoked by uid 89); 9 Jul 2008 07:10:10 -
Comment: DomainKeys? See http://antispam.yahoo.com/domainkeys
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws;
 s=private; d=gnvfc.net;
 b=xdaU2BcTAn3Ih/hoOPlS7VMQODUt0OKDg/OsyW9+HTfTHWHCx00R9OWvYfiRT7Z7;

my tcp.smtp configuration is as below:

127.:allow,RELAYCLIENT=,DKSIGN=/var/qmail/control/domainkeys/%/private,RBLSMTPD=,NOP0FCHECK=1
:allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=50,CHKUSER_WRONGRCPTLIMIT=10,QMAILQUEUE=/var/qmail/bin/simscan,DKVERIFY=BDEGIJKfh,DKQUEUE=/var/qmail/bin/qmail-queue.orig,DKSIGN=/var/qmail/control/domainkeys/%/private,NOP0FCHECK=1

my dns configurations is as below:

_domainkey.gnvfc.net. IN  TXT t=y; o=~
private._domainkey  IN  TXT k=rsa; 
p=MEwwDQYJKoZIhvcNAQEBBQADOwAwOAIxAMuTneJEmSJbD9p967da4JPx0K5o52AQ7gKpD8i+yQajaOKdHL35Twu0FlMNO3vC1wIDAQAB



How can i resolve the bad sig problem with my mails.

Regards,

Anil Aliyan 



-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] Domainkeys Outlook 2007

2007-12-13 Thread A M

2007/12/11, Lucian Cristian [EMAIL PROTECTED]:

 A M wrote:
  Hi all,
 
  I've confirmed an issue where mails sent from Outlook 2007 and windows
  vista result in a bad signed message.
 
  This was tested in a couple of servers (different OS) and the result
  was the same.
 
  There no other issues with other clients/platforms. I'll try to check
  into it as soon as I get some time to spare.
 
  Has anyone observed this?
 
  --
  AM
  agmsoft(at)gmail.com
 have you tried submission port ?

 -
  QmailToaster hosted by: VR Hosted http://www.vr.org
 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]


Yes,

Either submission or smtp, same result.



-- 
AM
agmsoft(at)gmail.com

[qmailtoaster] Domainkeys Outlook 2007

2007-12-11 Thread A M

Hi all,

I've confirmed an issue where mails sent from Outlook 2007 and windows vista
result in a bad signed message.

This was tested in a couple of servers (different OS) and the result was the
same.

There no other issues with other clients/platforms. I'll try to check into
it as soon as I get some time to spare.

Has anyone observed this?

-- 
AM
agmsoft(at)gmail.com

Re: [qmailtoaster] Domainkeys Outlook 2007

2007-12-11 Thread Lucian Cristian


A M wrote:

Hi all,

I've confirmed an issue where mails sent from Outlook 2007 and windows 
vista result in a bad signed message.


This was tested in a couple of servers (different OS) and the result 
was the same.


There no other issues with other clients/platforms. I'll try to check 
into it as soon as I get some time to spare.


Has anyone observed this?

--
AM
agmsoft(at)gmail.com 

have you tried submission port ?

-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [qmailtoaster] domainkeys help

2007-11-30 Thread Phil Leinhauser

I just setup domainkeys on the first of my domains and it worked right off.
Maybe I got lucky?  This looks all OK.  Did you follow the wiki
instructions?  Maybe a review of the steps in there to verify everything?

How are you looking for the signing?

-P

-Original Message-
From: Felipe Ceglia - PY1NB [mailto:[EMAIL PROTECTED] 
Sent: Thursday, November 29, 2007 2:25 PM
To: qmailtoaster-list@qmailtoaster.com
Subject: [qmailtoaster] domainkeys help

Hello folks,

I am trying to setup dk for my qmailtoaster, and I cant make it work. It 
is not signing my messages

I am testing from ip: 192.168.254.3, which should get caught on second 
line from tcp.smtp

thanks in advance,

Felipe

# find /var/qmail/control/domainkeys/
/var/qmail/control/domainkeys/
/var/qmail/control/domainkeys/terenet.com.br
/var/qmail/control/domainkeys/terenet.com.br/private
/var/qmail/control/domainkeys/terenet.com.br/public.txt

# ls -las
total 20
4 drwxr-xr-x 2 root qmail 4096 Nov 29 15:41 .
8 drwxr-xr-x 3 root qmail 4096 Jul  7 20:09 ..
4 -r--r--r-- 1 root qmail  396 Jul  7 20:09 private
4 -r--r--r-- 1 root qmail  142 Jul  7 20:09 public.txt



in tcp.smtp:

127.:allow,RELAYCLIENT=,DKSIGN=/var/qmail/control/domainkeys/%/private,R
BLSMTPD=,NOP0FCHECK=1
192.168.254.:allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=50,C
HKUSER_WRONGRCPTLIMIT=10,DKSIGN=/var/qmail/control/domainkeys/%/private,
DKVERIFY=DEGIJKfh,QMAILQUEUE=/var/qmail/bin/simscan,DKQUEUE=/var/qmail/
bin/qmail-queue.orig
:allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=15,CHKUSER_WRONG
RCPTLIMIT=10,QMAILQUEUE=/var/qmail/bin/simscan,DKSIGN=/var/qmail/contro
l/domainkeys/%/private,NOP0FCHECK=1




/var/qmail/supervise/smtp/run: (can anyone check if this is stock?)

#!/bin/sh
QMAILDUID=`id -u vpopmail`
NOFILESGID=`id -g vpopmail`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
BLACKLIST=`cat /var/qmail/control/blacklists`
SMTPD=/var/qmail/bin/qmail-smtpd
TCP_CDB=/etc/tcprules.d/tcp.smtp.cdb
RBLSMTPD=/usr/bin/rblsmtpd
HOSTNAME=`hostname`
VCHKPW=/home/vpopmail/bin/vchkpw
REQUIRE_AUTH=0

exec /usr/bin/softlimit -m 2000 \
 /usr/bin/tcpserver -v -R -H -l $HOSTNAME -x $TCP_CDB -c $MAXSMTPD \
 -u $QMAILDUID -g $NOFILESGID 0 smtp \
 $RBLSMTPD $BLACKLIST $SMTPD $VCHKPW /bin/true 21



../send/run:
#!/bin/sh
exec /var/qmail/rc

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] domainkeys help

2007-11-30 Thread Felipe Ceglia - PY1NB


Hi Phil,

Thank you for replying.

I am checking it looking at my message headers, and at 
http://senderid.espcoalition.org/


It seems like tcprules is not signing the messages somewhere.
Is there anywhere I can trace it?

BTW, I re checked my dns, and it seems ok:
http://domainkeys.sourceforge.net/cgi-bin/check_policy?domain=terenet.com.brSubmit=Submit
http://domainkeys.sourceforge.net/cgi-bin/check_selector?selector=private._domainkey.terenet.com.brSubmit=Submit

Thank you,

Felipe

Phil Leinhauser wrote:

I just setup domainkeys on the first of my domains and it worked right off.
Maybe I got lucky?  This looks all OK.  Did you follow the wiki
instructions?  Maybe a review of the steps in there to verify everything?

How are you looking for the signing?

-P

-Original Message-
From: Felipe Ceglia - PY1NB [mailto:[EMAIL PROTECTED] 
Sent: Thursday, November 29, 2007 2:25 PM

To: qmailtoaster-list@qmailtoaster.com
Subject: [qmailtoaster] domainkeys help

Hello folks,

I am trying to setup dk for my qmailtoaster, and I cant make it work. It 
is not signing my messages


I am testing from ip: 192.168.254.3, which should get caught on second 
line from tcp.smtp


thanks in advance,

Felipe

# find /var/qmail/control/domainkeys/
/var/qmail/control/domainkeys/
/var/qmail/control/domainkeys/terenet.com.br
/var/qmail/control/domainkeys/terenet.com.br/private
/var/qmail/control/domainkeys/terenet.com.br/public.txt

# ls -las
total 20
4 drwxr-xr-x 2 root qmail 4096 Nov 29 15:41 .
8 drwxr-xr-x 3 root qmail 4096 Jul  7 20:09 ..
4 -r--r--r-- 1 root qmail  396 Jul  7 20:09 private
4 -r--r--r-- 1 root qmail  142 Jul  7 20:09 public.txt



in tcp.smtp:

127.:allow,RELAYCLIENT=,DKSIGN=/var/qmail/control/domainkeys/%/private,R
BLSMTPD=,NOP0FCHECK=1
192.168.254.:allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=50,C
HKUSER_WRONGRCPTLIMIT=10,DKSIGN=/var/qmail/control/domainkeys/%/private,
DKVERIFY=DEGIJKfh,QMAILQUEUE=/var/qmail/bin/simscan,DKQUEUE=/var/qmail/
bin/qmail-queue.orig
:allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=15,CHKUSER_WRONG
RCPTLIMIT=10,QMAILQUEUE=/var/qmail/bin/simscan,DKSIGN=/var/qmail/contro
l/domainkeys/%/private,NOP0FCHECK=1




/var/qmail/supervise/smtp/run: (can anyone check if this is stock?)

#!/bin/sh
QMAILDUID=`id -u vpopmail`
NOFILESGID=`id -g vpopmail`
MAXSMTPD=`cat /var/qmail/control/concurrencyincoming`
BLACKLIST=`cat /var/qmail/control/blacklists`
SMTPD=/var/qmail/bin/qmail-smtpd
TCP_CDB=/etc/tcprules.d/tcp.smtp.cdb
RBLSMTPD=/usr/bin/rblsmtpd
HOSTNAME=`hostname`
VCHKPW=/home/vpopmail/bin/vchkpw
REQUIRE_AUTH=0

exec /usr/bin/softlimit -m 2000 \
 /usr/bin/tcpserver -v -R -H -l $HOSTNAME -x $TCP_CDB -c $MAXSMTPD \
 -u $QMAILDUID -g $NOFILESGID 0 smtp \
 $RBLSMTPD $BLACKLIST $SMTPD $VCHKPW /bin/true 21



../send/run:
#!/bin/sh
exec /var/qmail/rc

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[qmailtoaster] Domainkeys - Can't seem to get it to work

Forgot to add;

I'm also getting;
DKIM-Status: failed (no signature found)

Note that I have generated the proper key file in the domainkey directory.




DomainKey-Status: bad format: No DomainKey signature found.
In BIND, I am entering this as a couple of TXT records. My latest version is;
private._domainkey.domain.com
k=rsa t=y; p=MIHLONG CODE

_domainkey.domain.com
t=y o=-

I'm guessing that I've not found something very vital such as having to TURN
ON domainkeys for QMT or putting something in my tcp.smtp file to actually
allow remote servers to see this?



-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[qmailtoaster] Domainkeys - Can't seem to get it to work

I just can't seem to get this to work and I badly need help at this point. One
problem is that one of the DNS servers is a plesk server and there does not
seem to be any way of adding the domainkey information in it's DNS.

Second, I've read and read and tried all sorts of formats yet testing always
leads to DomainKey-Status: bad format: No DomainKey signature found.

In BIND, I am entering this as a couple of TXT records. My latest version is;

private._domainkey.domain.com
k=rsa t=y; p=MIHLONG CODE

_domainkey.domain.com
t=y o=-

I'm guessing that I've not found something very vital such as having to TURN
ON domainkeys for QMT or putting something in my tcp.smtp file to actually
allow remote servers to see this?

Mike



-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [qmailtoaster] Domainkeys - Can't seem to get it to work

2007-11-12 Thread Tim Mancour

Step 10 in
http://www.qmailtoaster.com/centos/cnt40/EZ-QmailToaster-CentOS-4.3.txt has
a pretty good set of instructions for getting domain keys working. If you
have modified your tcp.smtp file then you need to add the DKSIGN variable as
follows:
DKSIGN=/var/qmail/control/domainkeys/%/private



-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
Sent: Monday, November 12, 2007 3:53 PM
To: qmailtoaster-list@qmailtoaster.com
Subject: [qmailtoaster] Domainkeys - Can't seem to get it to work

Forgot to add;

I'm also getting;
DKIM-Status: failed (no signature found)

Note that I have generated the proper key file in the domainkey directory.




DomainKey-Status: bad format: No DomainKey signature found.
In BIND, I am entering this as a couple of TXT records. My latest 
version is; private._domainkey.domain.com k=rsa t=y; p=MIHLONG 
CODE

_domainkey.domain.com
t=y o=-

I'm guessing that I've not found something very vital such as having to 
TURN ON domainkeys for QMT or putting something in my tcp.smtp file to 
actually allow remote servers to see this?



-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [qmailtoaster] Domainkeys - Can't seem to get it to work

It seems to be correct based on your input? I have four records in there.
Three for IP's including my WAN and the last one. Am I also supposed to add
this to each internal IP I have in the record?

127.:allow,RELAYCLIENT=,DKSIGN=/var/qmail/control/domainkeys/%/private,RBL
SMTPD=,NOP0FCHECK=1

192.168.1.:allow,RELAYCLIENT=,RBLSMTPD=,SENDER_NOCHECK=1,NOP0FCHECK=
1
x.x.x.:allow,RELAYCLIENT=,RBLSMTPD=,SENDER_NOCHECK=1,NOP0FCHECK=1

:allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=50,CHKUSER_W
RONGRCPTLIMIT=10,QMAILQUEUE=/var/qmail/bin/simscan
,DKSIGN=/var/qmail/control/domainkeys/%/private,NOP0FCHECK=1


On Mon, 12 Nov 2007 16:36:14 -0500, Tim Mancour wrote:
 Step 10 in

 http://www.qmailtoaster.com/centos/cnt40/EZ-QmailToaster-CentOS-4.3.txt has
 a pretty good set of instructions for getting domain keys working. If you
 have modified your tcp.smtp file then you need to add the DKSIGN variable as
 follows:
 DKSIGN=/var/qmail/control/domainkeys/%/private


 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
 Sent: Monday, November 12, 2007 3:53 PM
 To: qmailtoaster-list@qmailtoaster.com
 Subject: [qmailtoaster] Domainkeys - Can't seem to get it to work

 Forgot to add;

 I'm also getting;
 DKIM-Status: failed (no signature found)

 Note that I have generated the proper key file in the domainkey directory.


 DomainKey-Status: bad format: No DomainKey signature found.
 In BIND, I am entering this as a couple of TXT records. My latest
 version is; private._domainkey.domain.com k=rsa t=y; p=MIHLONG
 CODE

 _domainkey.domain.com
 t=y o=-

 I'm guessing that I've not found something very vital such as having to
 TURN ON domainkeys for QMT or putting something in my tcp.smtp file to
 actually allow remote servers to see this?


 -
 QmailToaster hosted by: VR Hosted http://www.vr.org
 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]


 -
 QmailToaster hosted by: VR Hosted http://www.vr.org
 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]




-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [qmailtoaster] Domainkeys - Can't seem to get it to work

2007-11-12 Thread Tim Mancour

If you want to have a DomainKey signature for all outgoing (i.e. relayed)
Email then each record in your tcp.smtp file will need the DKSIGN variable.

The wiki has some good information about how this file is processed:
http://wiki.qmailtoaster.com/index.php/Tcp.smtp

Regards,
Tim

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
Sent: Monday, November 12, 2007 5:07 PM
To: qmailtoaster-list@qmailtoaster.com
Subject: RE: [qmailtoaster] Domainkeys - Can't seem to get it to work

It seems to be correct based on your input? I have four records in there. 
Three for IP's including my WAN and the last one. Am I also supposed to add
this to each internal IP I have in the record?

127.:allow,RELAYCLIENT=,DKSIGN=/var/qmail/control/domainkeys/%/private,R
BL
SMTPD=,NOP0FCHECK=1

192.168.1.:allow,RELAYCLIENT=,RBLSMTPD=,SENDER_NOCHECK=1,NOP0FCHECK=
1
x.x.x.:allow,RELAYCLIENT=,RBLSMTPD=,SENDER_NOCHECK=1,NOP0FCHECK=1

:allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=50,CHKUSER_W
RONGRCPTLIMIT=10,QMAILQUEUE=/var/qmail/bin/simscan
,DKSIGN=/var/qmail/control/domainkeys/%/private,NOP0FCHECK=1


On Mon, 12 Nov 2007 16:36:14 -0500, Tim Mancour wrote:
 Step 10 in
 
 http://www.qmailtoaster.com/centos/cnt40/EZ-QmailToaster-CentOS-4.3.tx
 t has a pretty good set of instructions for getting domain keys 
 working. If you have modified your tcp.smtp file then you need to add 
 the DKSIGN variable as
 follows:
 DKSIGN=/var/qmail/control/domainkeys/%/private
 
 
 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
 Sent: Monday, November 12, 2007 3:53 PM
 To: qmailtoaster-list@qmailtoaster.com
 Subject: [qmailtoaster] Domainkeys - Can't seem to get it to work
 
 Forgot to add;
 
 I'm also getting;
 DKIM-Status: failed (no signature found)
 
 Note that I have generated the proper key file in the domainkey directory.
 
 
 DomainKey-Status: bad format: No DomainKey signature found.
 In BIND, I am entering this as a couple of TXT records. My latest 
 version is; private._domainkey.domain.com k=rsa t=y; p=MIHLONG 
 CODE
 
 _domainkey.domain.com
 t=y o=-
 
 I'm guessing that I've not found something very vital such as having 
 to TURN ON domainkeys for QMT or putting something in my tcp.smtp 
 file to actually allow remote servers to see this?
 
 
 -
 QmailToaster hosted by: VR Hosted http://www.vr.org
 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: 
 [EMAIL PROTECTED]
 
 
 -
 QmailToaster hosted by: VR Hosted http://www.vr.org
 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: 
 [EMAIL PROTECTED]




-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]


-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [qmailtoaster] Domainkeys - Can't seem to get it to work

I've updated my file;

The reply I'm getting from yahoo's test is much better now;

Testing domain.com
New test
Policy TXT=t=y; o=-

This policy record appears valid.

Tag Value   Explanation
o   -   Domain signs *ALL* email
t   y   Domain is in test mode

How should the message look in my DNS? Currently, it's t=y o=-

Mike


On Mon, 12 Nov 2007 17:49:34 -0500, Tim Mancour wrote:
 If you want to have a DomainKey signature for all outgoing (i.e. relayed)

 Email then each record in your tcp.smtp file will need the DKSIGN variable.

 The wiki has some good information about how this file is processed:
 http://wiki.qmailtoaster.com/index.php/Tcp.smtp

 Regards,
 Tim

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
 Sent: Monday, November 12, 2007 5:07 PM
 To: qmailtoaster-list@qmailtoaster.com
 Subject: RE: [qmailtoaster] Domainkeys - Can't seem to get it to work

 It seems to be correct based on your input? I have four records in there.
 Three for IP's including my WAN and the last one. Am I also supposed to add
 this to each internal IP I have in the record?

 127.:allow,RELAYCLIENT=,DKSIGN=/var/qmail/control/domainkeys/%/private,R
 BL
 SMTPD=,NOP0FCHECK=1

 192.168.1.:allow,RELAYCLIENT=,RBLSMTPD=,SENDER_NOCHECK=1,NOP0FCHECK
=
 1
 x.x.x.:allow,RELAYCLIENT=,RBLSMTPD=,SENDER_NOCHECK=1,NOP0FCHECK=1

 :allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=50,CHKUSER_
W
 RONGRCPTLIMIT=10,QMAILQUEUE=/var/qmail/bin/simscan
 ,DKSIGN=/var/qmail/control/domainkeys/%/private,NOP0FCHECK=1


 On Mon, 12 Nov 2007 16:36:14 -0500, Tim Mancour wrote:
 Step 10 in

 http://www.qmailtoaster.com/centos/cnt40/EZ-QmailToaster-CentOS-4.3.tx
 t has a pretty good set of instructions for getting domain keys
 working. If you have modified your tcp.smtp file then you need to add
 the DKSIGN variable as
 follows:
 DKSIGN=/var/qmail/control/domainkeys/%/private


 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
 Sent: Monday, November 12, 2007 3:53 PM
 To: qmailtoaster-list@qmailtoaster.com
 Subject: [qmailtoaster] Domainkeys - Can't seem to get it to work

 Forgot to add;

 I'm also getting;
 DKIM-Status: failed (no signature found)

 Note that I have generated the proper key file in the domainkey directory.


 DomainKey-Status: bad format: No DomainKey signature found.
 In BIND, I am entering this as a couple of TXT records. My latest
 version is; private._domainkey.domain.com k=rsa t=y; p=MIHLONG
 CODE

 _domainkey.domain.com
 t=y o=-

 I'm guessing that I've not found something very vital such as having
 to TURN ON domainkeys for QMT or putting something in my tcp.smtp
 file to actually allow remote servers to see this?


 -
 QmailToaster hosted by: VR Hosted http://www.vr.org
 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail:
 [EMAIL PROTECTED]


 -
 QmailToaster hosted by: VR Hosted http://www.vr.org
 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail:
 [EMAIL PROTECTED]


 -
 QmailToaster hosted by: VR Hosted http://www.vr.org
 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]


 -
 QmailToaster hosted by: VR Hosted http://www.vr.org
 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]




-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

RE: [qmailtoaster] Domainkeys - Can't seem to get it to work

2007-11-12 Thread Tim Mancour

The wiki actually has a very good write-up about DomainKeys (I should have
known): 
http://wiki.qmailtoaster.com/index.php/Domainkeys

-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 
Sent: Monday, November 12, 2007 6:09 PM
To: qmailtoaster-list@qmailtoaster.com
Subject: RE: [qmailtoaster] Domainkeys - Can't seem to get it to work

I've updated my file;

The reply I'm getting from yahoo's test is much better now;

Testing domain.com
New test
Policy TXT=t=y; o=-

This policy record appears valid.

Tag Value   Explanation
o   -   Domain signs *ALL* email
t   y   Domain is in test mode

How should the message look in my DNS? Currently, it's t=y o=-

Mike

On Mon, 12 Nov 2007 17:49:34 -0500, Tim Mancour wrote:
 If you want to have a DomainKey signature for all outgoing (i.e. 
 relayed)

 Email then each record in your tcp.smtp file will need the DKSIGN
variable.

 The wiki has some good information about how this file is processed:
 http://wiki.qmailtoaster.com/index.php/Tcp.smtp

 Regards,
 Tim

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
 Sent: Monday, November 12, 2007 5:07 PM
 To: qmailtoaster-list@qmailtoaster.com
 Subject: RE: [qmailtoaster] Domainkeys - Can't seem to get it to work

 It seems to be correct based on your input? I have four records in there.
 Three for IP's including my WAN and the last one. Am I also supposed 
 to add this to each internal IP I have in the record?

 127.:allow,RELAYCLIENT=,DKSIGN=/var/qmail/control/domainkeys/%/priv
 ate,R
 BL
 SMTPD=,NOP0FCHECK=1

 192.168.1.:allow,RELAYCLIENT=,RBLSMTPD=,SENDER_NOCHECK=1,NOP0FCH
 ECK
=
 1
 x.x.x.:allow,RELAYCLIENT=,RBLSMTPD=,SENDER_NOCHECK=1,NOP0FCHECK=1

 :allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=50,CHKUSER
 _
W
 RONGRCPTLIMIT=10,QMAILQUEUE=/var/qmail/bin/simscan
 ,DKSIGN=/var/qmail/control/domainkeys/%/private,NOP0FCHECK=1

 On Mon, 12 Nov 2007 16:36:14 -0500, Tim Mancour wrote:
 Step 10 in

 http://www.qmailtoaster.com/centos/cnt40/EZ-QmailToaster-CentOS-4.3.t
 x t has a pretty good set of instructions for getting domain keys 
 working. If you have modified your tcp.smtp file then you need to add 
 the DKSIGN variable as
 follows:
 DKSIGN=/var/qmail/control/domainkeys/%/private

 -Original Message-
 From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
 Sent: Monday, November 12, 2007 3:53 PM
 To: qmailtoaster-list@qmailtoaster.com
 Subject: [qmailtoaster] Domainkeys - Can't seem to get it to work

 Forgot to add;

 I'm also getting;
 DKIM-Status: failed (no signature found)

 Note that I have generated the proper key file in the domainkey
directory.

 DomainKey-Status: bad format: No DomainKey signature found.
 In BIND, I am entering this as a couple of TXT records. My latest 
 version is; private._domainkey.domain.com k=rsa t=y; p=MIHLONG 
 CODE

 _domainkey.domain.com
 t=y o=-

 I'm guessing that I've not found something very vital such as having 
 to TURN ON domainkeys for QMT or putting something in my tcp.smtp 
 file to actually allow remote servers to see this?

 -
 QmailToaster hosted by: VR Hosted http://www.vr.org
 -
 To unsubscribe, e-mail: 
 [EMAIL PROTECTED]
 For additional commands, e-mail:
 [EMAIL PROTECTED]

 -
 QmailToaster hosted by: VR Hosted http://www.vr.org
 -
 To unsubscribe, e-mail: 
 [EMAIL PROTECTED]
 For additional commands, e-mail:
 [EMAIL PROTECTED]

 -
 QmailToaster hosted by: VR Hosted http://www.vr.org
 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: 
 [EMAIL PROTECTED]

 -
 QmailToaster hosted by: VR Hosted http://www.vr.org
 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: 
 [EMAIL PROTECTED]

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] Domainkeys / sa-train error / any ideas?

2007-06-23 Thread magallon

Find DomainKeys.pm in your system.   If it is not there , just install it.
 That's all.


 Any ideas what's going on here?





 plugin: failed to parse plugin (from @INC): Can't locate Mail/
 DomainKeys/Message.pm in @INC (@INC contains: /usr/lib/perl5/
 vendor_perl/5.8.5 /usr/lib64/perl5/5.8.5/x86_64-linux-thread-multi /
 usr/lib/perl5/5.8.5 /usr/lib64/perl5/site_perl/5.8.5/x86_64-linux-
 thread-multi /usr/lib64/perl5/site_perl/5.8.4/x86_64-linux-thread-
 multi /usr/lib64/perl5/site_perl/5.8.3/x86_64-linux-thread-multi /usr/
 lib64/perl5/site_perl/5.8.2/x86_64-linux-thread-multi /usr/lib64/
 perl5/site_perl/5.8.1/x86_64-linux-thread-multi /usr/lib64/perl5/
 site_perl/5.8.0/x86_64-linux-thread-multi /usr/lib/perl5/site_perl/
 5.8.5 /usr/lib/perl5/site_perl/5.8.4 /usr/lib/perl5/site_perl/5.8.3 /
 usr/lib/perl5/site_perl/5.8.2 /usr/lib/perl5/site_perl/5.8.1 /usr/lib/
 perl5/site_perl/5.8.0 /usr/lib/perl5/site_perl /usr/lib64/perl5/
 vendor_perl/5.8.5/x86_64-linux-thread-multi /usr/lib64/perl5/
 vendor_perl/5.8.4/x86_64-linux-thread-multi /usr/lib64/perl5/
 vendor_perl/5.8.3/x86_64-linux-thread-multi /usr/lib64/perl5/
 vendor_perl/5.8.2/x86_64-linux-thread-multi /usr/lib64/perl5/
 vendor_perl/5.8.1/x86_64-linux-thread-multi /usr/lib64/perl5/
 vendor_perl/5.8.0/x86_64-linux-thread-multi /usr/lib/perl5/
 vendor_perl/5.8.4 /usr/lib/perl5/vendor_perl/5.8.3 /usr/lib/perl5/
 vendor_perl/5.8.2 /usr/lib/perl5/vendor_perl/5.8.1 /usr/lib/perl5/
 vendor_perl/5.8.0 /usr/lib/perl5/vendor_perl) at /usr/lib/perl5/
 vendor_perl/5.8.5/Mail/SpamAssassin/Plugin/DomainKeys.pm line 64.
 BEGIN failed--compilation aborted at /usr/lib/perl5/vendor_perl/5.8.5/
 Mail/SpamAssassin/Plugin/DomainKeys.pm line 64.
 Compilation failed in require at (eval 22) line 1.

 plugin: failed to create instance of plugin
 Mail::SpamAssassin::Plugin::DomainKeys: Can't locate object method
 new via package Mail::SpamAssassin::Plugin::DomainKeys at (eval
 23) line 1.

 -
  QmailToaster hosted by: VR Hosted http://www.vr.org
 -
 To unsubscribe, e-mail: [EMAIL PROTECTED]
 For additional commands, e-mail: [EMAIL PROTECTED]




-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] Domainkeys / sa-train error / any ideas?

2007-06-23 Thread Harry Zink


Thanks.

Turns out that my update to SpamAssassin from the dev site failed  
because it was missing a ton of associated perl modules:


rpm -Uvh spamassassin-toaster-3.2.1-1.3.10.x86_64.rpm
error: Failed dependencies:
perl(Archive::Tar) = 1.23 is needed by spamassassin- 
toaster-3.2.1-1.3.10.x86_64
perl(HTML::Parser) = 3.43 is needed by spamassassin- 
toaster-3.2.1-1.3.10.x86_64
perl(IO::Zlib) = 1.04 is needed by spamassassin- 
toaster-3.2.1-1.3.10.x86_64


--nodeps installation took care of it, just surprised this was all  
missing.



On Jun 23, 2007, at 6:08 AM, [EMAIL PROTECTED] wrote:

Find DomainKeys.pm in your system.   If it is not there , just  
install it.

 That's all.



Any ideas what's going on here?





plugin: failed to parse plugin (from @INC): Can't locate Mail/
DomainKeys/Message.pm in @INC (@INC contains: /usr/lib/perl5/
vendor_perl/5.8.5 /usr/lib64/perl5/5.8.5/x86_64-linux-thread-multi /
usr/lib/perl5/5.8.5 /usr/lib64/perl5/site_perl/5.8.5/x86_64-linux-
thread-multi /usr/lib64/perl5/site_perl/5.8.4/x86_64-linux-thread-
multi /usr/lib64/perl5/site_perl/5.8.3/x86_64-linux-thread-multi / 
usr/

lib64/perl5/site_perl/5.8.2/x86_64-linux-thread-multi /usr/lib64/
perl5/site_perl/5.8.1/x86_64-linux-thread-multi /usr/lib64/perl5/
site_perl/5.8.0/x86_64-linux-thread-multi /usr/lib/perl5/site_perl/
5.8.5 /usr/lib/perl5/site_perl/5.8.4 /usr/lib/perl5/site_perl/5.8.3 /
usr/lib/perl5/site_perl/5.8.2 /usr/lib/perl5/site_perl/5.8.1 /usr/ 
lib/

perl5/site_perl/5.8.0 /usr/lib/perl5/site_perl /usr/lib64/perl5/
vendor_perl/5.8.5/x86_64-linux-thread-multi /usr/lib64/perl5/
vendor_perl/5.8.4/x86_64-linux-thread-multi /usr/lib64/perl5/
vendor_perl/5.8.3/x86_64-linux-thread-multi /usr/lib64/perl5/
vendor_perl/5.8.2/x86_64-linux-thread-multi /usr/lib64/perl5/
vendor_perl/5.8.1/x86_64-linux-thread-multi /usr/lib64/perl5/
vendor_perl/5.8.0/x86_64-linux-thread-multi /usr/lib/perl5/
vendor_perl/5.8.4 /usr/lib/perl5/vendor_perl/5.8.3 /usr/lib/perl5/
vendor_perl/5.8.2 /usr/lib/perl5/vendor_perl/5.8.1 /usr/lib/perl5/
vendor_perl/5.8.0 /usr/lib/perl5/vendor_perl) at /usr/lib/perl5/
vendor_perl/5.8.5/Mail/SpamAssassin/Plugin/DomainKeys.pm line 64.
BEGIN failed--compilation aborted at /usr/lib/perl5/vendor_perl/ 
5.8.5/

Mail/SpamAssassin/Plugin/DomainKeys.pm line 64.
Compilation failed in require at (eval 22) line 1.

plugin: failed to create instance of plugin
Mail::SpamAssassin::Plugin::DomainKeys: Can't locate object method
new via package Mail::SpamAssassin::Plugin::DomainKeys at (eval
23) line 1.

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: qmailtoaster-list- 
[EMAIL PROTECTED]
For additional commands, e-mail: qmailtoaster-list- 
[EMAIL PROTECTED]






-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: qmailtoaster-list- 
[EMAIL PROTECTED]




---
Calvin Coolidge
Nothing in the world can take the place of perseverance. Talent will  
not; nothing is more common
than unsuccessful men with talent. Genius will not; unrewarded genius  
is almost a proverb.
Education will not; the world is full of educated derelicts.  
Persistence and determination alone

are omnipotent.

[qmailtoaster] Domainkeys / sa-train error / any ideas?

2007-06-22 Thread Harry Zink



Any ideas what's going on here?





plugin: failed to parse plugin (from @INC): Can't locate Mail/ 
DomainKeys/Message.pm in @INC (@INC contains: /usr/lib/perl5/ 
vendor_perl/5.8.5 /usr/lib64/perl5/5.8.5/x86_64-linux-thread-multi / 
usr/lib/perl5/5.8.5 /usr/lib64/perl5/site_perl/5.8.5/x86_64-linux- 
thread-multi /usr/lib64/perl5/site_perl/5.8.4/x86_64-linux-thread- 
multi /usr/lib64/perl5/site_perl/5.8.3/x86_64-linux-thread-multi /usr/ 
lib64/perl5/site_perl/5.8.2/x86_64-linux-thread-multi /usr/lib64/ 
perl5/site_perl/5.8.1/x86_64-linux-thread-multi /usr/lib64/perl5/ 
site_perl/5.8.0/x86_64-linux-thread-multi /usr/lib/perl5/site_perl/ 
5.8.5 /usr/lib/perl5/site_perl/5.8.4 /usr/lib/perl5/site_perl/5.8.3 / 
usr/lib/perl5/site_perl/5.8.2 /usr/lib/perl5/site_perl/5.8.1 /usr/lib/ 
perl5/site_perl/5.8.0 /usr/lib/perl5/site_perl /usr/lib64/perl5/ 
vendor_perl/5.8.5/x86_64-linux-thread-multi /usr/lib64/perl5/ 
vendor_perl/5.8.4/x86_64-linux-thread-multi /usr/lib64/perl5/ 
vendor_perl/5.8.3/x86_64-linux-thread-multi /usr/lib64/perl5/ 
vendor_perl/5.8.2/x86_64-linux-thread-multi /usr/lib64/perl5/ 
vendor_perl/5.8.1/x86_64-linux-thread-multi /usr/lib64/perl5/ 
vendor_perl/5.8.0/x86_64-linux-thread-multi /usr/lib/perl5/ 
vendor_perl/5.8.4 /usr/lib/perl5/vendor_perl/5.8.3 /usr/lib/perl5/ 
vendor_perl/5.8.2 /usr/lib/perl5/vendor_perl/5.8.1 /usr/lib/perl5/ 
vendor_perl/5.8.0 /usr/lib/perl5/vendor_perl) at /usr/lib/perl5/ 
vendor_perl/5.8.5/Mail/SpamAssassin/Plugin/DomainKeys.pm line 64.
BEGIN failed--compilation aborted at /usr/lib/perl5/vendor_perl/5.8.5/ 
Mail/SpamAssassin/Plugin/DomainKeys.pm line 64.

Compilation failed in require at (eval 22) line 1.

plugin: failed to create instance of plugin  
Mail::SpamAssassin::Plugin::DomainKeys: Can't locate object method  
new via package Mail::SpamAssassin::Plugin::DomainKeys at (eval  
23) line 1.


-
QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] DomainKeys failed with no key

2007-03-07 Thread slamp slamp


the only problem with your statement is that i do not send any messages from
my domain to the toaster list. ive subscribed it to the toaster list so i
can get a constant e-mail flow.

On 3/6/07, Eric Shubes [EMAIL PROTECTED] wrote:


slamp slamp wrote:
 Can anyone tell me why this is so?

 Return-Path: 
 Received: (qmail 4571 invoked for bounce); 22 Feb 2007 13:56:12 -
 Date: 22 Feb 2007 13:56:12 -
 From: [EMAIL PROTECTED]
 mailto:[EMAIL PROTECTED]
 To: [EMAIL PROTECTED]
 mailto:[EMAIL PROTECTED]
 Subject: failure notice

 Hi. This is the qmail-send program at ns1.qmailtoaster.com
 http://ns1.qmailtoaster.com.
 I'm afraid I wasn't able to deliver your message to the following
addresses.
 This is a permanent error; I've given up. Sorry it didn't work out.

 [EMAIL PROTECTED] mailto:[EMAIL PROTECTED]:
 69.xxx.xx.xxx failed after I sent the message.
 Remote host said: 554 DomainKeys verify status: no key   (#5.3.0)


 I thought my tcp.smtp had a safe default. Should it be
 DKVERIFY=dEgIJKfh instead? What is the safest rule?

 # cat tcp.smtp
 127.:allow,RELAYCLIENT=
 172.16.133.3:allow,RELAYCLIENT=,SENDER_NOCHECK=1
 208.11.75.2:allow,SPFBEHAVIOR=1
 216.90.171.2:allow,SPFBEHAVIOR=1

:allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=50,CHKUSER_WRONGRCPTLIMIT=10,DKVERIFY=DEgIJKfh,QMAILQUEUE=/var/qmail/bin/simscan,DKQUEUE=/var/qmail/bin/qmail-
 queue.orig,NOP0FCHECK=1


# dig _domainkey.mydomain.com TXT

I'm guessing that your DNS record indicates that messages from your domain
should be signed, but you have no DKSIGN variable in your tcp.smtp, so
messages don't have signatures.

--
-Eric 'shubes'

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] DomainKeys failed with no key

2007-03-07 Thread Eric \Shubes\

Hey, it was just a guess. ;) It's kinda hard to tell what exactly is
happening with the johndoe and xxx's.

It appears then that *whoever* posted to the list has the described
(mis-)configuration (still just a guess). This error text corresponds to
codes D and F (see
http://wiki.qmailtoaster.com/index.php/Domainkeys#DKVERIFY). If you want to
accept these messages, remove these codes from your DKVERIFY variable.

Note, qmail-dk does *not* check the t=y code for the sender's domain when
checking incoming messages (according to Alexey).

slamp slamp wrote:
 the only problem with your statement is that i do not send any messages
 from my domain to the toaster list. ive subscribed it to the toaster
 list so i can get a constant e-mail flow.
 
 On 3/6/07, *Eric Shubes* [EMAIL PROTECTED] mailto:[EMAIL PROTECTED] wrote:
 
 slamp slamp wrote:
  Can anyone tell me why this is so?
 
  Return-Path: 
  Received: (qmail 4571 invoked for bounce); 22 Feb 2007 13:56:12 -
  Date: 22 Feb 2007 13:56:12 -
  From: [EMAIL PROTECTED]
 mailto:[EMAIL PROTECTED]
  mailto:[EMAIL PROTECTED]
 mailto:[EMAIL PROTECTED]
  To: [EMAIL PROTECTED]
 mailto:[EMAIL PROTECTED]
  mailto:[EMAIL PROTECTED]
 mailto:[EMAIL PROTECTED]
  Subject: failure notice
 
  Hi. This is the qmail-send program at ns1.qmailtoaster.com
 http://ns1.qmailtoaster.com
  http://ns1.qmailtoaster.com http://ns1.qmailtoaster.com.
  I'm afraid I wasn't able to deliver your message to the following
 addresses.
  This is a permanent error; I've given up. Sorry it didn't work out.
 
   [EMAIL PROTECTED] mailto:[EMAIL PROTECTED]
 mailto:[EMAIL PROTECTED] mailto:[EMAIL PROTECTED]:
  69.xxx.xx.xxx failed after I sent the message.
  Remote host said: 554 DomainKeys verify status: no key   (#5.3.0)
 
 
  I thought my tcp.smtp had a safe default. Should it be
  DKVERIFY=dEgIJKfh instead? What is the safest rule?
 
  # cat tcp.smtp
  127.:allow,RELAYCLIENT=
  172.16.133.3:allow,RELAYCLIENT=,SENDER_NOCHECK=1
  208.11.75.2:allow,SPFBEHAVIOR=1
  216.90.171.2:allow,SPFBEHAVIOR=1
 
 
 :allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=50,CHKUSER_WRONGRCPTLIMIT=10,DKVERIFY=DEgIJKfh,QMAILQUEUE=/var/qmail/bin/simscan,DKQUEUE=/var/qmail/bin/qmail-
 
  queue.orig,NOP0FCHECK=1
 
 
 # dig _domainkey.mydomain.com TXT
 
 I'm guessing that your DNS record indicates that messages from your
 domain
 should be signed, but you have no DKSIGN variable in your tcp.smtp, so
 messages don't have signatures.
 
 --
 -Eric 'shubes'
 


-- 
-Eric 'shubes'

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[qmailtoaster] DomainKeys failed with no key

2007-03-06 Thread slamp slamp

Can anyone tell me why this is so?

Return-Path: 
Received: (qmail 4571 invoked for bounce); 22 Feb 2007 13:56:12 -
Date: 22 Feb 2007 13:56:12 -
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: failure notice

Hi. This is the qmail-send program at ns1.qmailtoaster.com.
I'm afraid I wasn't able to deliver your message to the following addresses.
This is a permanent error; I've given up. Sorry it didn't work out.

[EMAIL PROTECTED]:
69.xxx.xx.xxx failed after I sent the message.
Remote host said: 554 DomainKeys verify status: no key   (#5.3.0)

I thought my tcp.smtp had a safe default. Should it be DKVERIFY=dEgIJKfh
instead? What is the safest rule?

# cat tcp.smtp
127.:allow,RELAYCLIENT=
172.16.133.3:allow,RELAYCLIENT=,SENDER_NOCHECK=1
208.11.75.2:allow,SPFBEHAVIOR=1
216.90.171.2:allow,SPFBEHAVIOR=1
:allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=50,CHKUSER_WRONGRCPTLIMIT=10,DKVERIFY=DEgIJKfh,QMAILQUEUE=/var/qmail/bin/simscan,DKQUEUE=/var/qmail/bin/qmail-
queue.orig,NOP0FCHECK=1

Re: [qmailtoaster] DomainKeys failed with no key

2007-03-06 Thread Carlos Melo

hi friend!

Check if your /var/qmail/control/domains/yourdomain have permission 444 and 
chown root:qmail to every file and directory

Regards

Carlos



Em Terça 06 Março 2007 22:45, slamp slamp escreveu:
 Can anyone tell me why this is so?

 Return-Path: 
 Received: (qmail 4571 invoked for bounce); 22 Feb 2007 13:56:12 -
 Date: 22 Feb 2007 13:56:12 -
 From: [EMAIL PROTECTED]
 To: [EMAIL PROTECTED]
 Subject: failure notice

 Hi. This is the qmail-send program at ns1.qmailtoaster.com.
 I'm afraid I wasn't able to deliver your message to the following
 addresses. This is a permanent error; I've given up. Sorry it didn't work
 out.

 [EMAIL PROTECTED]:
 69.xxx.xx.xxx failed after I sent the message.
 Remote host said: 554 DomainKeys verify status: no key   (#5.3.0)


 I thought my tcp.smtp had a safe default. Should it be DKVERIFY=dEgIJKfh
 instead? What is the safest rule?

 # cat tcp.smtp
 127.:allow,RELAYCLIENT=
 172.16.133.3:allow,RELAYCLIENT=,SENDER_NOCHECK=1
 208.11.75.2:allow,SPFBEHAVIOR=1
 216.90.171.2:allow,SPFBEHAVIOR=1

 :allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=50,CHKUSER_WRON
 :GRCPTLIMIT=10,DKVERIFY=DEgIJKfh,QMAILQUEUE=/var/qmail/bin/simscan,DK
 :QUEUE=/var/qmail/bin/qmail-

 queue.orig,NOP0FCHECK=1

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] DomainKeys failed with no key

2007-03-06 Thread Eric \Shubes\

slamp slamp wrote:
 Can anyone tell me why this is so?

 Return-Path: 
 Received: (qmail 4571 invoked for bounce); 22 Feb 2007 13:56:12 -
 Date: 22 Feb 2007 13:56:12 -
 From: [EMAIL PROTECTED]
 mailto:[EMAIL PROTECTED]
 To: [EMAIL PROTECTED]
 mailto:[EMAIL PROTECTED]
 Subject: failure notice

 Hi. This is the qmail-send program at ns1.qmailtoaster.com
 http://ns1.qmailtoaster.com.
 I'm afraid I wasn't able to deliver your message to the following addresses.
 This is a permanent error; I've given up. Sorry it didn't work out.

 [EMAIL PROTECTED] mailto:[EMAIL PROTECTED]:
 69.xxx.xx.xxx failed after I sent the message.
 Remote host said: 554 DomainKeys verify status: no key   (#5.3.0)

 I thought my tcp.smtp had a safe default. Should it be
 DKVERIFY=dEgIJKfh instead? What is the safest rule?

 # cat tcp.smtp
 127.:allow,RELAYCLIENT=
 172.16.133.3:allow,RELAYCLIENT=,SENDER_NOCHECK=1
 208.11.75.2:allow,SPFBEHAVIOR=1
 216.90.171.2:allow,SPFBEHAVIOR=1
 :allow,BADMIMETYPE=,BADLOADERTYPE=M,CHKUSER_RCPTLIMIT=50,CHKUSER_WRONGRCPTLIMIT=10,DKVERIFY=DEgIJKfh,QMAILQUEUE=/var/qmail/bin/simscan,DKQUEUE=/var/qmail/bin/qmail-
 queue.orig,NOP0FCHECK=1

# dig _domainkey.mydomain.com TXT

I'm guessing that your DNS record indicates that messages from your domain
should be signed, but you have no DKSIGN variable in your tcp.smtp, so
messages don't have signatures.

-- 
-Eric 'shubes'

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] domainkeys, google groups heads up

2007-01-20 Thread Eric \Shubes\

Eric Shubes wrote:
 
 Sure is nice having accurate documentation. I've polished up the domainkeys
 page on the wiki. Among other things, I've added a table of all the various
 codes for DKVERIFY. This appears to be the only place online that this is
 documented, and the man page for qmail-dk isn't entirely correct. I had to
 look at the code for this one.
 
 Turns out, I probably had the wrong code. G,I,K all apparently create the
 same log message. Close but no cigar. :(
 
 I'll try a few more things and get back.
 

Here's what I've found out so far about mailing list groups and domainkeys.

.) some list servers remove signatures, so a formerly signed message comes
through ok
.) some list servers do nothing with signatures, so a signed message will
have a bad signature (code B for DKVERIFY)
.) googlegroups servers tag the signature as good, then leave it there,
causing (at least I think it's the cause until Alexey tells me otherwise)
qmail-dk to tag it with bad format (code G for DKVERIFY).

BL, I'm presently using DKVERIFY=DEfhIJK so that googlegroups messages are
not rejected. Once the googlegroups situation is resolved, I'll be using
DKVERIFY=DEfGhIJK (same as the stock toaster).

Nice job fixing up qmail-dk, Alexey. Many thanks!

-- 
-Eric 'shubes'

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

[qmailtoaster] domainkeys, google groups heads up

I've come across a slight problem with domainkeys and google groups. For
some (not all) messages from google groups, the smtp log is showing the
DomainKeys verify status: bad format error (thanks to Alexey - I love that
patch!). I don't know if the problem is with google groups or the sender's
server, but at this point I'm guessing that it's probably the sender's
signature (although google groups might be messing up a valid signature). In
the meanwhile, I've removed the I setting from my DKVERIFY environment
variable (tcp.smtp) so that these messages come through.

Now that I think of about it, I might just put the i setting back in so it
does a temporary reject, then take it out again so it should come through
and I can have a look at the signature in the headers.

If anyone else here has any info about this, please let us know.
-- 
-Eric 'shubes'

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] domainkeys, google groups heads up

Eric Shubes wrote:
 I've come across a slight problem with domainkeys and google groups. For
 some (not all) messages from google groups, the smtp log is showing the
 DomainKeys verify status: bad format error (thanks to Alexey - I love that
 patch!). I don't know if the problem is with google groups or the sender's
 server, but at this point I'm guessing that it's probably the sender's
 signature (although google groups might be messing up a valid signature). In
 the meanwhile, I've removed the I setting from my DKVERIFY environment
 variable (tcp.smtp) so that these messages come through.
 
 Now that I think of about it, I might just put the i setting back in so it
 does a temporary reject, then take it out again so it should come through
 and I can have a look at the signature in the headers.
 
 If anyone else here has any info about this, please let us know.

So I changed I to i, which I thought should create a temporary failure
for bad format errors. Then I see in log:
qmail-smtpd: qq hard reject (DomainKeys verify status: bad format   (#5.3.0))
Looks like a permanent failure to me. What am I missing? (Alexey, you there?)
-- 
-Eric 'shubes'

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] domainkeys, google groups heads up

Eric Shubes wrote:
 Eric Shubes wrote:
 I've come across a slight problem with domainkeys and google groups. For
 some (not all) messages from google groups, the smtp log is showing the
 DomainKeys verify status: bad format error (thanks to Alexey - I love that
 patch!). I don't know if the problem is with google groups or the sender's
 server, but at this point I'm guessing that it's probably the sender's
 signature (although google groups might be messing up a valid signature). In
 the meanwhile, I've removed the I setting from my DKVERIFY environment
 variable (tcp.smtp) so that these messages come through.

 Now that I think of about it, I might just put the i setting back in so it
 does a temporary reject, then take it out again so it should come through
 and I can have a look at the signature in the headers.

 If anyone else here has any info about this, please let us know.
 
 So I changed I to i, which I thought should create a temporary failure
 for bad format errors. Then I see in log:
 qmail-smtpd: qq hard reject (DomainKeys verify status: bad format   (#5.3.0))
 Looks like a permanent failure to me. What am I missing? (Alexey, you there?)

Wow. I just removed the i entirely, and I'm still getting the message
after rebuilding cdb. I'm guessing that qmail-dk isn't picking it up with a
simple cdb, so I put it back to i, rebuilt cdb and stopped and started
qmail. We'll see what happens now.

-- 
-Eric 'shubes'

-
 QmailToaster hosted by: VR Hosted http://www.vr.org
-
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [qmailtoaster] domainkeys, google groups heads up