ispCP - Board - Support
Dkim/DomainKeys - Printable Version

+- ispCP - Board - Support (http://www.isp-control.net/forum)
+-- Forum: ispCP Omega Development Area (/forum-1.html)
+--- Forum: Suggestions (/forum-2.html)
+--- Thread: Dkim/DomainKeys (/thread-10971.html)



Dkim/DomainKeys - Jillian - 06-15-2010 04:53 AM

Few days ago I wondered why all mail that have sent to gmail from my server tagged as spam. I noticed that using dkim/domainkeys would help them go gmail without spamtag.
So is it possible to integrate dkimproxy or some other program to postfix with ispcp installer?

I would gladly want to hear if someone have integrated dkim to mailserver too and what instructions you may used to do that.


RE: Dkim/DomainKeys - Nuxwin - 06-15-2010 06:29 AM

Hello ;

Integration of it is already planned. We have talked a lot about possible DomainKey integration in internal. Now, we should think how to integrate it.


RE: Dkim/DomainKeys - Jillian - 06-15-2010 06:50 AM

I gladly help you find solution for integration.
I let you know if i find some way Smile


RE: Dkim/DomainKeys - Nuxwin - 06-15-2010 07:09 AM

Re ;

For the record:

Quote:Hello everyone ;

As you know, gmail, yahoo and also hotmail are very restrictives for the messages acceptation.

So, what about a plugin for ispCP to implement this feature ? are you interested or not ?

I've implemented this feature on my server postfix with milter interface (dk-filter and dkim-filter). I use the same material signing for all my domain and that work very well..

In all my domain (nuxwin.com for example), I've added the following:

Code:
; spf
@    IN TXT "v=spf1 mx ~all"

; Dkim
mail._domainkey 60 IN TXT "v=DKIM1; g=*; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDFT0MiqMnZjkWuvT7ap5lHohl5UeARMGrXyryYqx​BLlVE+V0E03KN/Jh64JZEkg/Eq4DuER/tSlT2+eQzLSGWWIfQhpNRt3PC+BaC+WDhQVVv2l+ZcAr8Gd97p+HQhU1n3/etptwHxM0PxBcRxxeLseEUjl0eSRG3VgiCk7dCspwIDAQAB"

_adsp._domainkey    60    IN    TXT    "dkim=all"

; DomainKeys
dkmail._domainkey 60 IN TXT "k=rsa; p=MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANKX0lUrziKj4JZoTkLRgC3oTnGtpOzwz4dPbl9iKV4uL3​x9+LmWCk1P7Wh/RA4RS7FjmhGQxRfp+Bgbl/VGHGkCAwEAAQ=="

and the spf for my smtp server:
Code:
@    IN    TXT    "spf1 mx ~all"
smtp.ispcp.fr.    IN    TXT    "v=spf1 a -all"

Note: for good practices reasons, in all by zones files, I use the real hostname of my smtp server that is smtp.ispcp.fr.

Example for my nuxwin.com domain:
Code:
nuxwin@dev:~$ dig mx nuxwin.com

; <<>> DiG 9.5.1-P3 <<>> mx nuxwin.com
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50440
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; QUESTION SECTION:
;nuxwin.com.            IN    MX

;; ANSWER SECTION:
nuxwin.com.        3600    IN    MX    10 smtp.ispcp.fr.

;; ADDITIONAL SECTION:
smtp.ispcp.fr.        2922    IN    A    88.191.229.226

;; Query time: 54 msec
;; SERVER: 89.2.0.1#53(89.2.0.1)
;; WHEN: Fri May 14 20:53:29 2010
;; MSG SIZE  rcvd: 73

Reverse:
Code:
nuxwin@dev:~$ dig -x 88.191.229.226

; <<>> DiG 9.5.1-P3 <<>> -x 88.191.229.226
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50429
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;226.229.191.88.in-addr.arpa.    IN    PTR

;; ANSWER SECTION:
226.229.191.88.in-addr.arpa. 86400 IN    PTR    smtp.ispcp.fr.

;; Query time: 30 msec
;; SERVER: 89.2.0.1#53(89.2.0.1)
;; WHEN: Fri May 14 20:54:21 2010
;; MSG SIZE  rcvd: 72

Example of message source:
Code:
Return-Path: <l.declercq@nuxwin.com>
X-Original-To: l.declercq@nuxwin.com
Delivered-To: l.declercq@nuxwin.com
Received: from dev.nuxwin.com (ip-228.net-89-3-168.rev.numericable.fr [89.3.168.228])
    by smtp.ispcp.fr (Postfix) with ESMTPA id CDE943939
    for <l.declercq@nuxwin.com>; Fri, 14 May 2010 20:55:12 +0200 (CEST)
X-DomainKeys: Sendmail DomainKeys Filter v1.0.0 smtp.ispcp.fr CDE943939
DomainKey-Signature: a=rsa-sha1; s=dkmail; d=nuxwin.com; c=simple; q=dns;
    b=vek+c94UWybC4P8y+YnLpxuaN5yOucWxx/XPbTMcLOZsYUGqqMXyUT6CXj/nHJyAz
    8NKBYhSNJZt2TCYMw8iGA==
X-DKIM: Sendmail DKIM Filter v2.6.0 smtp.ispcp.fr CDE943939
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=nuxwin.com; s=mail;
    t=1273863312; bh=g3zLYH4xKxcPrHOD18z9YfpQcnk/GaJedfustWU5uGs=;
    h=MIME-Version:Content-Type:Content-Transfer-Encoding:Date:From:To:
     Subject:Message-ID; b=CtkZDOpP/xMX96qaS27TKDpjrbjxGTDUN/vLDwiEBA6M
    wuU89c1Iig9UnNB6dAfD8eN4LSLm+1uwiUvqE1BFWNm80JpdIKuPW5HyJcZ3Dd2F0ro
    biPPuCuhhM7WNEwd4aCK7eDslUPjVP/CKC//ihE8pzf+mHFYd2Cj/YdhnDaI=
MIME-Version: 1.0
Content-Type: text/plain;
charset=UTF-8
Content-Transfer-Encoding: 7bit
Date: Fri, 14 May 2010 20:55:49 +0200
From: <l.declercq@nuxwin.com>
To: <l.declercq@nuxwin.com>
Subject: test
Message-ID: <1bc564756e539bb4990a3a57d144d29f@smtp.ispcp.fr>
X-Sender: l.declercq@nuxwin.com
User-Agent: RoundCube Webmail/0.4-beta

test

my main.cf related part:
Code:
# DKIM/Domainkey like yahoo
milter_default_action = accept
milter_protocol = 2
smtpd_milters = inet:localhost:8891 inet:localhost:8892
non_smtpd_milters = inet:localhost:8891 inet:localhost:8892

It's the message that I 've posted in internal.


RE: Dkim/DomainKeys - jeemy - 11-16-2010 05:54 PM

Hello Nuxwin ,

Please could tell me how to put those code in ISPCP or Debian . I dnt know where to add them, am confuse over it.


(06-15-2010 07:09 AM)Nuxwin Wrote:  Re ;

For the record:

Quote:Hello everyone ;

As you know, gmail, yahoo and also hotmail are very restrictives for the messages acceptation.

So, what about a plugin for ispCP to implement this feature ? are you interested or not ?

I've implemented this feature on my server postfix with milter interface (dk-filter and dkim-filter). I use the same material signing for all my domain and that work very well..

In all my domain (nuxwin.com for example), I've added the following:

Code:
; spf
@    IN TXT "v=spf1 mx ~all"

; Dkim
mail._domainkey 60 IN TXT "v=DKIM1; g=*; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDFT0MiqMnZjkWuvT7ap5lHohl5UeARMGrXyryYqx​BLlVE+V0E03KN/Jh64JZEkg/Eq4DuER/tSlT2+eQzLSGWWIfQhpNRt3PC+BaC+WDhQVVv2l+ZcAr8Gd97p+HQhU1n3/etptwHxM0PxBcRxxeLseEUjl0eSRG3VgiCk7dCspwIDAQAB"

_adsp._domainkey    60    IN    TXT    "dkim=all"

; DomainKeys
dkmail._domainkey 60 IN TXT "k=rsa; p=MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANKX0lUrziKj4JZoTkLRgC3oTnGtpOzwz4dPbl9iKV4uL3​x9+LmWCk1P7Wh/RA4RS7FjmhGQxRfp+Bgbl/VGHGkCAwEAAQ=="

and the spf for my smtp server:
Code:
@    IN    TXT    "spf1 mx ~all"
smtp.ispcp.fr.    IN    TXT    "v=spf1 a -all"

Note: for good practices reasons, in all by zones files, I use the real hostname of my smtp server that is smtp.ispcp.fr.

Example for my nuxwin.com domain:
Code:
nuxwin@dev:~$ dig mx nuxwin.com

; <<>> DiG 9.5.1-P3 <<>> mx nuxwin.com
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50440
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; QUESTION SECTION:
;nuxwin.com.            IN    MX

;; ANSWER SECTION:
nuxwin.com.        3600    IN    MX    10 smtp.ispcp.fr.

;; ADDITIONAL SECTION:
smtp.ispcp.fr.        2922    IN    A    88.191.229.226

;; Query time: 54 msec
;; SERVER: 89.2.0.1#53(89.2.0.1)
;; WHEN: Fri May 14 20:53:29 2010
;; MSG SIZE  rcvd: 73

Reverse:
Code:
nuxwin@dev:~$ dig -x 88.191.229.226

; <<>> DiG 9.5.1-P3 <<>> -x 88.191.229.226
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50429
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;226.229.191.88.in-addr.arpa.    IN    PTR

;; ANSWER SECTION:
226.229.191.88.in-addr.arpa. 86400 IN    PTR    smtp.ispcp.fr.

;; Query time: 30 msec
;; SERVER: 89.2.0.1#53(89.2.0.1)
;; WHEN: Fri May 14 20:54:21 2010
;; MSG SIZE  rcvd: 72

Example of message source:
Code:
Return-Path: <l.declercq@nuxwin.com>
X-Original-To: l.declercq@nuxwin.com
Delivered-To: l.declercq@nuxwin.com
Received: from dev.nuxwin.com (ip-228.net-89-3-168.rev.numericable.fr [89.3.168.228])
    by smtp.ispcp.fr (Postfix) with ESMTPA id CDE943939
    for <l.declercq@nuxwin.com>; Fri, 14 May 2010 20:55:12 +0200 (CEST)
X-DomainKeys: Sendmail DomainKeys Filter v1.0.0 smtp.ispcp.fr CDE943939
DomainKey-Signature: a=rsa-sha1; s=dkmail; d=nuxwin.com; c=simple; q=dns;
    b=vek+c94UWybC4P8y+YnLpxuaN5yOucWxx/XPbTMcLOZsYUGqqMXyUT6CXj/nHJyAz
    8NKBYhSNJZt2TCYMw8iGA==
X-DKIM: Sendmail DKIM Filter v2.6.0 smtp.ispcp.fr CDE943939
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=nuxwin.com; s=mail;
    t=1273863312; bh=g3zLYH4xKxcPrHOD18z9YfpQcnk/GaJedfustWU5uGs=;
    h=MIME-Version:Content-Type:Content-Transfer-Encoding:Date:From:To:
     Subject:Message-ID; b=CtkZDOpP/xMX96qaS27TKDpjrbjxGTDUN/vLDwiEBA6M
    wuU89c1Iig9UnNB6dAfD8eN4LSLm+1uwiUvqE1BFWNm80JpdIKuPW5HyJcZ3Dd2F0ro
    biPPuCuhhM7WNEwd4aCK7eDslUPjVP/CKC//ihE8pzf+mHFYd2Cj/YdhnDaI=
MIME-Version: 1.0
Content-Type: text/plain;
charset=UTF-8
Content-Transfer-Encoding: 7bit
Date: Fri, 14 May 2010 20:55:49 +0200
From: <l.declercq@nuxwin.com>
To: <l.declercq@nuxwin.com>
Subject: test
Message-ID: <1bc564756e539bb4990a3a57d144d29f@smtp.ispcp.fr>
X-Sender: l.declercq@nuxwin.com
User-Agent: RoundCube Webmail/0.4-beta

test

my main.cf related part:
Code:
# DKIM/Domainkey like yahoo
milter_default_action = accept
milter_protocol = 2
smtpd_milters = inet:localhost:8891 inet:localhost:8892
non_smtpd_milters = inet:localhost:8891 inet:localhost:8892

It's the message that I 've posted in internal.



RE: Dkim/DomainKeys - RatS - 11-17-2010 06:34 AM

The DKIM Part need to go into the DNS-Zone-File. However, the implementation is not yet clear. I check if there is a ticket and open one if not.


RE: Dkim/DomainKeys - prezesk - 09-02-2015 09:00 AM

(11-17-2010 06:34 AM)RatS Wrote:  The DKIM Part need to go into the DNS-Zone-File. However, the implementation is not yet clear. I check if there is a ticket and open one if not.

And did U do it?