Hello, I have been trying all methods of setting up Domainkey thru internet for weeks. What I got from Port's 25 authentication service was this :
Code: SPF check: pass DomainKeys check: neutral DKIM check: pass Sender-ID check: pass SpamAssassin check: ham
I cannot get DomainKeys to pass, this is my TXT Record from DNS settings
Code: mail._domainkey v=DKIM1; k=rsa; t=y; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDheF8dpdd ... mail2._domainkey k=rsa; t=y; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDlvpU8AjVimYAfU5Sy ... _domainkey t=y; o=~;
Here's config from /etc/postfix/main.cf
Code: smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) biff = no
# appending .domain is the MUA's job. append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings #delay_warning_time = 4h
readme_directory = no
# TLS parameters smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key smtpd_use_tls=yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for # information on enabling SSL in the smtp client.
myhostname = mail.omnipress.co alias_maps = hash:/etc/aliases alias_database = hash:/etc/aliases myorigin = /etc/mailname mydestination = omnipress.co, detheme.com, turus, localhost.localdomain, localhost relayhost = mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 mailbox_size_limit = 0 recipient_delimiter = + inet_interfaces = loopback-only
# DKIM milter_default_action = accept milter_protocol = 2 smtpd_milters = inet:localhost:8891,inet:localhost:8892 non_smtpd_milters = inet:localhost:8891,inet:localhost:8892 bounce_notice_recipient = rio@omnipress.co
This is config from /etc/default/dk-filter
Code: # Sane defaults: log to syslog DAEMON_OPTS="-l" # Sign for example.com with key in /etc/mail/domainkey.key using # selector '2007' (e.g. 2007._domainkey.example.com) #DAEMON_OPTS="$DAEMON_OPTS -d example.com -s /etc/mail/domainkey.key -S 2007" # See dk-filter(8) for a complete list of options # # Uncomment to specify an alternate socket #SOCKET="/var/run/dk-filter/dk-filter.sock" # default #SOCKET="inet:54321" # listen on all interfaces on port 54321 #SOCKET="inet:12345@localhost" # listen on loopback on port 12345 #SOCKET="inet:12345@192.0.2.1" # listen on 192.0.2.1 on port 12345 SOCKET="inet:8892@localhost" DAEMON_OPTS="$DAEMON_OPTS -d *.co, *.com -s /etc/mail/domainkey.key -S mail2"
And config from /etc/opendkim.conf
Code: # This is a basic configuration that can easily be adapted to suit a standard # installation. For more advanced options, see opendkim.conf(5) and/or # /usr/share/doc/opendkim/examples/opendkim.conf.sample.
# Log to syslog Syslog yes # Required to use local socket with MTAs that access the socket as a non- # privileged user (e.g. Postfix) UMask 002
# Sign for example.com with key in /etc/mail/dkim.key using # selector '2007' (e.g. 2007._domainkey.example.com) #Domain example.com #KeyFile /etc/mail/dkim.key #Selector 2007
# Commonly-used options; the commented-out versions show the defaults. Canonicalization relaxed/relaxed Mode sv #SubDomains no #ADSPDiscard no AutoRestart yes Background yes
# Always oversign From (sign using actual From and a null From to prevent # malicious signatures header fields (From and/or others) between the signer # and the verifier. From is oversigned by default in the Debian pacakge # because it is often the identity key used by reputation systems and thus # somewhat security sensitive. OversignHeaders From
# List domains to use for RFC 6541 DKIM Authorized Third-Party Signatures # (ATPS) (experimental)
#ATPSDomains example.com Domain * KeyFile /etc/postfix/dkim.key Selector mail SOCKET inet:8891@localhost
Can somebody shed me some light ? I'm all lost here... Any feedback would be greatly appreciated. Thanks.
|