Oh, and totally agree that using drop ins is much better than
patching.
Gary
On 3/23/2024 11:05 AM, Gary Bowling
wrote:
Thanks.
Yes, spamassassin is working fine for the verification
Thanks.
Yes, spamassassin is working fine for the verification of inbound
DKIM. Looks like that's part of the stock spamassassin install as
long as you have the Mail::SpamAssassin::Plugin::DKIM plugin
installed.
On 3/23/2024
Looks like there's an updated version of the script on Manuel's site,
I'll put that on github
In lieu of patching qmail...again...I thought using drop ins was
preferable. That said,
spamassassin can be used on the ingress side of your server to score
dkim in messages.
On 3/23/2024 8:23
Absolutely. I think I've got that already, as that's the way the
default install works, but I should probably go do some tests just
to make sure. Nothing like configuring a client and trying it to
test it out.
Gary
On
Glad to hear. In any case any usage of submission port, both to local
and external domains, should be done only by authenticated users.
Tonino
Il 23/03/2024 12:38, Gary Bowling ha scritto:
Thanks, the error turned out to be solved by fixing up the
/var/qmail/supervise/submission/run file
hmm, not sure. Maybe a weekend thing. Glad to know it's still
there though for future needs.
On 3/23/2024 9:56 AM, ebroch wrote:
Not sure why github is timing out on you but I can
navigate right to the page
Not sure why github is timing out on you but I can navigate right to the
pageSent from my Galaxy
Original message From: Gary Bowling Date:
2024-03-23 7:49 a.m. (GMT-07:00) To: qmailtoaster-list@qmailtoaster.com
Subject: Re: [qmailtoaster] DKIM
Ok, qmail-remote
Ok, qmail-remote for use with DKIM signing outgoing messages is
just a perl scrip written by Manuel Mausz way back in 2007 that
just calls qmail-remote.orig. I'm not sure where the official
toaster version is kept now, but you easily download it from here:
Oops, got a bit confused there between signing and verifying..
For signing, it looks like we are still using a modified
qmail-remote. So back to my original question.
Where do we get the qmail-remote for DKIM these days?
This
Yeh, but the email software didn't accept the ecdsa key. I've tried the key
order but keeps failing. But now I've seen this thread it could be a config
option.
Greets,
Peter
Gary Bowling schreef op 23 maart 2024 12:36:21 CET:
>
>Thanks Peter, good to know as it looks like they are going to
Hmm, this line in the wiki says qmail-queue needs to be "link"
which mine is not.
4. DKIM verification (no patch):
Assumes 'QMAILQUEUE="/var/qmail/bin/simscan"' defined in
/etc/tcprules.d/tcp.smtp
&&
I see, looks like we're using a combination of simscan and
modifying /var/qmail/supervise/smtp/run to do DKIM now and not
modifying qmail-remote.
On 3/23/2024 7:57 AM, Gary Bowling
wrote:
Where do we get the qmail-remote for DKIM these days?
This page:
http://wiki.qmailtoaster.org/index.php?title=How_to_Setup_DKIM_with_Qmail_Toaster
Shows to get it from here:
wget
Thanks, the error turned out to be solved by fixing up the
/var/qmail/supervise/submission/run file to accept starttls and
encrypted passwords.
On 3/23/2024 4:20 AM, Tonix wrote:
"However, when I try to send to external domains,
Thanks Peter, good to know as it looks like they are going to
ecdsa for the default.
On 3/23/2024 3:18 AM, Peter Peterse
wrote:
Hi,
Letsencrypt van generate rsa keys by using --key-type rsa
"However, when I try to send to external domains, I get the error that
CHKUSER rejected relaying, saying "client not allowed to relay"".
That means sending user is not authenticated.
Probably your submission port accepts messages from anyone for local
domains.
Tonino
Il 23 marzo 2024
Hi,
Letsencrypt van generate rsa keys by using --key-type rsa
The order in my servercert.pem is private key followed by the fullchain file.
I'm using Almalinux 9
Regards,
Peter
g...@gbco.us schreef op 23 maart 2024 00:05:48 CET:
>
>It looks like letsencrypt is now using ecdsa by default.
>
17 matches
Mail list logo