Nuxwin
Unregistered
|
RE: Dkim/DomainKeys
Re ;
For the record:
Quote:Hello everyone ;
As you know, gmail, yahoo and also hotmail are very restrictives for the messages acceptation.
So, what about a plugin for ispCP to implement this feature ? are you interested or not ?
I've implemented this feature on my server postfix with milter interface (dk-filter and dkim-filter). I use the same material signing for all my domain and that work very well..
In all my domain (nuxwin.com for example), I've added the following:
Code:
; spf
@ IN TXT "v=spf1 mx ~all"
; Dkim
mail._domainkey 60 IN TXT "v=DKIM1; g=*; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDFT0MiqMnZjkWuvT7ap5lHohl5UeARMGrXyryYqxBLlVE+V0E03KN/Jh64JZEkg/Eq4DuER/tSlT2+eQzLSGWWIfQhpNRt3PC+BaC+WDhQVVv2l+ZcAr8Gd97p+HQhU1n3/etptwHxM0PxBcRxxeLseEUjl0eSRG3VgiCk7dCspwIDAQAB"
_adsp._domainkey 60 IN TXT "dkim=all"
; DomainKeys
dkmail._domainkey 60 IN TXT "k=rsa; p=MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANKX0lUrziKj4JZoTkLRgC3oTnGtpOzwz4dPbl9iKV4uL3x9+LmWCk1P7Wh/RA4RS7FjmhGQxRfp+Bgbl/VGHGkCAwEAAQ=="
and the spf for my smtp server:
Code:
@ IN TXT "spf1 mx ~all"
smtp.ispcp.fr. IN TXT "v=spf1 a -all"
Note: for good practices reasons, in all by zones files, I use the real hostname of my smtp server that is smtp.ispcp.fr.
Example for my nuxwin.com domain:
Code:
nuxwin@dev:~$ dig mx nuxwin.com
; <<>> DiG 9.5.1-P3 <<>> mx nuxwin.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50440
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; QUESTION SECTION:
;nuxwin.com. IN MX
;; ANSWER SECTION:
nuxwin.com. 3600 IN MX 10 smtp.ispcp.fr.
;; ADDITIONAL SECTION:
smtp.ispcp.fr. 2922 IN A 88.191.229.226
;; Query time: 54 msec
;; SERVER: 89.2.0.1#53(89.2.0.1)
;; WHEN: Fri May 14 20:53:29 2010
;; MSG SIZE rcvd: 73
Reverse:
Code:
nuxwin@dev:~$ dig -x 88.191.229.226
; <<>> DiG 9.5.1-P3 <<>> -x 88.191.229.226
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50429
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;226.229.191.88.in-addr.arpa. IN PTR
;; ANSWER SECTION:
226.229.191.88.in-addr.arpa. 86400 IN PTR smtp.ispcp.fr.
;; Query time: 30 msec
;; SERVER: 89.2.0.1#53(89.2.0.1)
;; WHEN: Fri May 14 20:54:21 2010
;; MSG SIZE rcvd: 72
Example of message source:
Code:
Return-Path: <l.declercq@nuxwin.com>
X-Original-To: l.declercq@nuxwin.com
Delivered-To: l.declercq@nuxwin.com
Received: from dev.nuxwin.com (ip-228.net-89-3-168.rev.numericable.fr [89.3.168.228])
by smtp.ispcp.fr (Postfix) with ESMTPA id CDE943939
for <l.declercq@nuxwin.com>; Fri, 14 May 2010 20:55:12 +0200 (CEST)
X-DomainKeys: Sendmail DomainKeys Filter v1.0.0 smtp.ispcp.fr CDE943939
DomainKey-Signature: a=rsa-sha1; s=dkmail; d=nuxwin.com; c=simple; q=dns;
b=vek+c94UWybC4P8y+YnLpxuaN5yOucWxx/XPbTMcLOZsYUGqqMXyUT6CXj/nHJyAz
8NKBYhSNJZt2TCYMw8iGA==
X-DKIM: Sendmail DKIM Filter v2.6.0 smtp.ispcp.fr CDE943939
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=nuxwin.com; s=mail;
t=1273863312; bh=g3zLYH4xKxcPrHOD18z9YfpQcnk/GaJedfustWU5uGs=;
h=MIME-Version:Content-Type:Content-Transfer-Encoding:Date:From:To:
Subject:Message-ID; b=CtkZDOpP/xMX96qaS27TKDpjrbjxGTDUN/vLDwiEBA6M
wuU89c1Iig9UnNB6dAfD8eN4LSLm+1uwiUvqE1BFWNm80JpdIKuPW5HyJcZ3Dd2F0ro
biPPuCuhhM7WNEwd4aCK7eDslUPjVP/CKC//ihE8pzf+mHFYd2Cj/YdhnDaI=
MIME-Version: 1.0
Content-Type: text/plain;
charset=UTF-8
Content-Transfer-Encoding: 7bit
Date: Fri, 14 May 2010 20:55:49 +0200
From: <l.declercq@nuxwin.com>
To: <l.declercq@nuxwin.com>
Subject: test
Message-ID: <1bc564756e539bb4990a3a57d144d29f@smtp.ispcp.fr>
X-Sender: l.declercq@nuxwin.com
User-Agent: RoundCube Webmail/0.4-beta
test
my main.cf related part:
Code:
# DKIM/Domainkey like yahoo
milter_default_action = accept
milter_protocol = 2
smtpd_milters = inet:localhost:8891 inet:localhost:8892
non_smtpd_milters = inet:localhost:8891 inet:localhost:8892
It's the message that I 've posted in internal.
|
|
06-15-2010 07:09 AM |
|