Re: [vchkpw] DKIM?
Hello Manvendra, I'm testing your patch and reading all your docs. Can you please clarify which is the advantage of filtering at smtp level? Thanks for any answer Roberto Puzzanghera !DSPAM:4d470d7732718246217674!
Re: [vchkpw] DKIM?
On Tue, Feb 1, 2011 at 1:01 AM, Roberto Puzzanghera ad...@sagredo.eu wrote: Hello Manvendra, I'm testing your patch and reading all your docs. Can you please clarify which is the advantage of filtering at smtp level? At the SMTP level, qmail-smtpd does not break a mail addressed to multiple recipients. Hence a single mail addressed to multiple recipients will undergo encryption/decryption for DKIM only once. In case you decide to do DKIM at remote/local delivery for better control on signing/verification, DKIM will happen for every delivery. At the local/remote delivery, qmail-send does an individual delivery for each recipient in an email message. So if you have a mail addressed to 10 recipients, DKIM will happen 10 times. Also if the delivery to the destination fails with a temp error, the delivery will be retried and DKIM will also happen again. !DSPAM:4d47722532716834316241!
Re: [vchkpw] DKIM?
Manvendra, Do you have a page on how to configure DKIM after patching qmail? Or is it in the dkfilter man page as part of the patch? -Tom On Jan 26, 2011, at 9:24 PM, Manvendra Bhangui wrote: On Thu, Jan 27, 2011 at 10:39 AM, Tom Collins t...@tomlogic.com wrote: Any advice on setting up DKIM to sign outbound mail on my vpopmail server? I've spent some time looking around at various patches and I'm a little overwhelmed. I host about 150 domains, and I don't want to mess around with setting up unique keys for each hosted domain. I'm fine with signing all mail using the server's hostname and a single signing key. I'm not really interested in verifying DKIM signatures on inbound mail, unless it will significantly cut down on spam. Any pointers on getting a simple setup in place? At the risk of beating my own drum, I have a patch for netqmail. You can set the QMAILQUEUE environment variable to point to /var/qmail/bin/qmail-dkim You need to set DKIMSIGN environment variable for signing. http://sourceforge.net/projects/indimail/files/netqmail-addons/qmail-dkim-1.0/dkim-netqmail-1.06.patch-1.5.gz/download !DSPAM:4d44836c32711134018752!
Re: [vchkpw] DKIM?
On Sun, Jan 30, 2011 at 2:45 AM, Tom Collins t...@tomlogic.com wrote: Manvendra, Do you have a page on how to configure DKIM after patching qmail? Or is it in the dkfilter man page as part of the patch? I think you mean dk-filter. The man page is part of the patch. You can use qmail-dkim(8) if you want signing/verification at SMTP. You can use dk-filter(8) if you desire signing/verification only at local/remote delivery. You will need to set the environment variables DKIMSIGN to the path of the private key (generated by dknewkey(8) or openssl). The variable needs to be set in the script which calls qmail-send. I believe you want to do DKIM signing only for your remote mails. You will have to set QMAILREMOTE=/var/indimail/bin/spawn-filter also in the qmail-send script. Finally you will either need to use the control file /var/qmail/control/filterargs or the environment variable FILTERAGS. Advantage of control file is that you can have DKIMSIGNING only for specific domains. e.g. remote_domain:remote:/var/qmail/bin/dk-filter Will execute dk-filter only for outgoing mails destined for the domain remote_domain. You can use the following page for configuration instructions. The only thing you will have to do differently is setting the environment variables (which I presume will be /var/qmail/rc). The page below assumes a setup which uses envdir(8) and all environment variables for qmail-send are in /service/qmail-send.25/variables. http://indimail.blogspot.com/2009/04/how-to-set-dkim-signature-in-indimail.html !DSPAM:4d44d52032711917789942!
Re: [vchkpw] DKIM?
Maybe if you try this perl script http://manuel.mausz.at/coding/qmail-dkim/ On 27/01/11 00:09, Tom Collins wrote: Any advice on setting up DKIM to sign outbound mail on my vpopmail server? I've spent some time looking around at various patches and I'm a little overwhelmed. I host about 150 domains, and I don't want to mess around with setting up unique keys for each hosted domain. I'm fine with signing all mail using the server's hostname and a single signing key. I'm not really interested in verifying DKIM signatures on inbound mail, unless it will significantly cut down on spam. Any pointers on getting a simple setup in place? -Tom !DSPAM:4d41005632719627420951!
Re: [vchkpw] DKIM?
On Thu, Jan 27, 2011 at 10:39 AM, Tom Collins t...@tomlogic.com wrote: Any advice on setting up DKIM to sign outbound mail on my vpopmail server? I've spent some time looking around at various patches and I'm a little overwhelmed. I host about 150 domains, and I don't want to mess around with setting up unique keys for each hosted domain. I'm fine with signing all mail using the server's hostname and a single signing key. I'm not really interested in verifying DKIM signatures on inbound mail, unless it will significantly cut down on spam. Any pointers on getting a simple setup in place? At the risk of beating my own drum, I have a patch for netqmail. You can set the QMAILQUEUE environment variable to point to /var/qmail/bin/qmail-dkim You need to set DKIMSIGN environment variable for signing. http://sourceforge.net/projects/indimail/files/netqmail-addons/qmail-dkim-1.0/dkim-netqmail-1.06.patch-1.5.gz/download !DSPAM:4d4101ab32712002764790!
