On Sat, 2012-02-18 at 12:34 -0500, Jonathan Vomacka wrote:
> If someone uses a mobile device to send e-mail? Would ~all be better? I
Teach them to use smtp authentication using submission (port 587 stuff)
and it doesn't matter where they come from, so long as your MTA is
configured correctly of
On Sat, 2012-02-18 at 11:51 -0500, Jonathan Vomacka wrote:
> BIND Community Support,
>
> I am inquiring about how to setup a proper SPF record? I know there are
> SPF wizards/generators available but each seem to have a different
> "opinion" of what should be included and what should not be inc
Hello,
I installed bind 9.8.1 on my gentoo home server, configuring a
single internal zone for my domain (securivm.ca) and it ran fine but lately,
I've been testing samba 4 and recompiling bind to support pkcs11 keys as
well as gssapi (kerberos) support but since then, bind doesn't run and
On 02/18/12 22:55, Jeremy C. Reed wrote:
I started writing a book introducing DNSSEC a few years ago. Would you
like to read a draft of it?
Book on DNSSEC? Ok. Thanks.
___
Please visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe
Well, there are two parts of this:
1 - make a decision which servers are allowed to send mail on your
behalf - this is entirely up to you. This is expressed in terms of
server names, IP addresses etc.
You may decide that ONLY servers may send mail or that other
servers are allowed to also send ma
If someone uses a mobile device to send e-mail? Would ~all be better? I
also generated the following SPF using a wizard. Let me know if this
looks correct:
teamwarfare.com. IN TXT "v=spf1 a mx a:mail.teamwarfare.com
a:mail2.teamwarfare.com ip4:66.90.73.80 ip4:216.250.250.148 ~all"
I wouldn't
On 02/18/2012 04:35 PM, dE . wrote:
On 02/18/12 00:36, Gaurav kansal wrote:
Firstly, where do we get the public key for the DS records?
Can you clarify your question???
The DS record is a signature right?
Wrong.
You're asking a lot of basic questions here. Maybe you could go off and
Hi
I suggest to use the wizards or look in the RFC:
http://www.ietf.org/rfc/rfc4408.txt
On 18/02/12 17:51, Jonathan Vomacka wrote:
> BIND Community Support,
>
> I am inquiring about how to setup a proper SPF record? I know there
> are SPF wizards/generators available but each seem to have a dif
On 02/18/12 22:14, Axel Rau wrote:
Am 18.02.2012 um 17:35 schrieb dE .:
The DS record is a signature right?
No its the hash of a DNSKEY (KSK) in the child zone. The DS is signed with a
RRSIG.
Axel
---
PGP-Key:29E99DD6 ☀ +49 151 2300 9283 ☀ computing @ chaos claudius
Thanks for the clari
On 02/18/12 02:41, Tony Finch wrote:
dE . wrote:
Firstly, where do we get the public key for the DS records?
A zone's DNSKEY RRset contains its public keys, and these are hashed to
make its DS records. For example,
$ dig +nottl +noall +answer DS isc.org | perl -pe 's/\s+(?!$)/ /g'
isc.org. I
BIND Community Support,
I am inquiring about how to setup a proper SPF record? I know there are
SPF wizards/generators available but each seem to have a different
"opinion" of what should be included and what should not be included.
Let me give you a scenario of my setup, and hopefully someon
Am 18.02.2012 um 17:35 schrieb dE .:
> The DS record is a signature right?
No its the hash of a DNSKEY (KSK) in the child zone. The DS is signed with a
RRSIG.
Axel
---
PGP-Key:29E99DD6 ☀ +49 151 2300 9283 ☀ computing @ chaos claudius
___
Please vis
On 02/18/12 00:36, Gaurav kansal wrote:
Firstly, where do we get the public key for the DS records?
Can you clarify your question???
The DS record is a signature right? It has to be decrypted using a
public key and the decrypted hash has to be compared to the DNSKEY's hash.
So what I'm a
13 matches
Mail list logo
