Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation
Reload this Page DKIM With dkim-milter & Domainkeys In Postfix Using dk-milter
Register FAQ Members List Social Groups Calendar Search Today's Posts Mark Forums Read

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
Page 2 of 2 1 2
 
Thread Tools Display Modes
  #11  
Old 30th July 2008, 13:16
pg001 pg001 is offline
Member
  
Join Date: Jan 2008
Posts: 67
Thanks: 8
Thanked 2 Times in 1 Post
Default
ok this is how it looks:

Code:
Delivered-To: XXXXXX@gmail.com
Received: by 10.151.9.19 with SMTP id m19cs339643ybi;
        Wed, 30 Jul 2008 03:32:15 -0700 (PDT)
Received: by 10.114.133.1 with SMTP id g1mr8165581wad.123.1217413934294;
        Wed, 30 Jul 2008 03:32:14 -0700 (PDT)
Return-Path: <web1_user@onexxxxxxs.us>
Received: from server1.onexxxxxxs.us ([xxx.92.28.183])
        by mx.google.com with ESMTP id m28si1759939poh.10.2008.07.30.03.32.11;
        Wed, 30 Jul 2008 03:32:14 -0700 (PDT)
Received-SPF: pass (google.com: domain of web1_user@onexxxxxs.us designates xxx.92.28.183 as permitted sender) client-ip=xxx.92.28.183;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of web1_user@onexxxxxxxs.us designates xxx.92.28.183 as permitted sender) smtp.mail=web1_user@onexxxxxs.us; dkim=neutral header.i=@onexxxxs.us
Received: from 192.168.1.100 (localhost.localdomain [127.0.0.1])
	by server1.onexxxxxxs.us (Postfix) with ESMTP id 0085578C4BB
	for <xxxxxx@gmail.com>; Wed, 30 Jul 2008 18:32:08 +0800 (PHT)
X-DKIM: Sendmail DKIM Filter v2.2.1 server1.onexxxxxxs.us 0085578C4BB
DKIM-Signature: v=1; a=rsa-sha1; c=simple/simple; d=onexxxxxs.us;
	s=default; t=1217413929; bh=Zpsxuy+yXsq4w+8ENBqBCjnNTiU=;
	h=Message-ID:Date:Subject:From:To:Reply-To:User-Agent:MIME-Version:
	 Content-Type:Content-Transfer-Encoding; b=hdewiGxyUcF7RXF1ZY6PLx+r
	ubFf3uLYWrLr0QsrDVQztXpESFVOkTGb1mIeASSM/u0G7ejTyI79NaM8XxCI9Buv4Iv
	C7i6O2k3MlsxLLmEZw6W5wz7fLi/2eYi92o1dM6yvLnveo0Si+eMdl1b+4Zav5elKzR
	ij/YwY1CKIhuI=
Received: from 192.168.1.110
        (SquirrelMail authenticated user web1_user)
        by server1.onexxxxxxxxs.us with HTTP;
        Wed, 30 Jul 2008 18:32:09 +0800 (PHT)
Message-ID: <1777.192.168.1.110.1217413929.squirrel@server1.onexxxxxxs.us>
Date: Wed, 30 Jul 2008 18:32:09 +0800 (PHT)
Subject: Testing
From: "XXulxxxxx" <web1_user@onexxxxxxs.us>
To: xxxxxxx@gmail.com
Reply-To: web1_user@onexxxxxxs.us
User-Agent: SquirrelMail/1.5.1
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
Content-Transfer-Encoding: 8bit

go!
Reply With Quote
Sponsored Links
  #12  
Old 30th July 2008, 13:40
topdog topdog is offline
Senior Member
  
Join Date: Jan 2008
Location: South Africa
Posts: 1,352
Thanks: 0
Thanked 148 Times in 145 Posts
Default
Its coming up neutral meaning may be it could not pick up your key from dns.
__________________
----
http://www.topdog.za.net - Got Linux problems ? - I can help.
http://www.baruwa.org - Try it.
Reply With Quote
  #13  
Old 30th July 2008, 13:55
pg001 pg001 is offline
Member
  
Join Date: Jan 2008
Posts: 67
Thanks: 8
Thanked 2 Times in 1 Post
Default
but it has been signed right? here's how my pri.mydomain.us looks like:

Code:
$TTL        86400
@       IN      SOA     ns1.xxxxxxxxxx.us. paul.xxxxxxxxxx.us. (
                        2008072812       ; serial, todays date + todays serial #
                        28800              ; refresh, seconds
                        7200              ; retry, seconds
                        604800              ; expire, seconds
                        86400 )            ; minimum, seconds
;
                NS      ns1.xxxxxxxxxx.us.              ; Inet Address of name server 1
                NS      ns9.zoneedit.com.              ; Inet Address of name server 2
;

  MX      10 mail.xxxxxxxxxx.us.

xxxxxxxxxx.us.      A        119.92.28.183
www       A       119.92.28.183
ns1       A       119.92.28.183
mail       A       119.92.28.183

ftp       CNAME  www.xxxxxxxxxx.us.
webmail       CNAME  www.xxxxxxxxxx.us.
smtp       CNAME  mail.xxxxxxxxxx.us.
pop3       CNAME  mail.xxxxxxxxxx.us.


xxxxxxxxxx.us.       TXT  "v=spf1 a mx ptr ~all"

;;;; MAKE MANUAL ENTRIES BELOW THIS LINE! ;;;;
default._domainkey IN TXT "g=; k=rsa; t=y; p=MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALJP4zvQAvfVTR8R4o9Y8jqaDalFOUYvBfAzRkawEtv4TA1ij8Ku0EfAyoBMQAqW6UgtxTvWQVwWOP7an2QIaCECAwEAAQ==" ; ----- DomainKey default for xxxxxxxxxx.us
_domainkey IN TXT "t=y; o=~"
default2._domainkey IN TXT "v=DKIM1; g=*; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDekPn/K81GiNXz7ncHNl5Xdl8IDdqJFoeG4ZJg4iKYxyHbb5tUN++jYdftTTC+mAZg/3Wf5DkKaIzb7l1Ug2e2qNppv9kDib088y1flLj9ItnT+wvs6EZG2A3EXao2LFK4iv896fSoXYewzxjYQRstytS8ebLWFUpuWnmKqp2acwIDAQAB" ; ----- DKIM default for xxxxxxxxxx.us
Reply With Quote
  #14  
Old 30th July 2008, 14:00
topdog topdog is offline
Senior Member
  
Join Date: Jan 2008
Location: South Africa
Posts: 1,352
Thanks: 0
Thanked 148 Times in 145 Posts
Default
Okay i think you are signing using default which is a domainkey key instead of signing using default2.
__________________
----
http://www.topdog.za.net - Got Linux problems ? - I can help.
http://www.baruwa.org - Try it.
Reply With Quote
  #15  
Old 30th July 2008, 14:19
pg001 pg001 is offline
Member
  
Join Date: Jan 2008
Posts: 67
Thanks: 8
Thanked 2 Times in 1 Post
Default
I did change that already, here's my /etc/sysconfig/dkim-milter

Code:
# Default values
#
USER="dkim-milt"
PORT=local:/var/run/dkim-milter/dkim.sock
SIGNING_DOMAIN="XXXXXXX.us"
SELECTOR_NAME="default2"
KEYFILE="/etc/dkim-milter/${SIGNING_DOMAIN}_${SELECTOR_NAME}.key.pem"
SIGNER=yes
VERIFIER=yes
CANON=simple
SIGALG=rsa-sha1
REJECTION="bad=r,dns=t,int=t,no=a,miss=r"
EXTRA_ARGS="-h -l -D"
I also did a restart for named, dkim, and postfix already.

here's the gmail full headers (wow we finally did IT!!!):


Code:
Delivered-To: xxxxxx@gmail.com
Received: by 10.141.142.4 with SMTP id u4cs139139rvn;
        Wed, 30 Jul 2008 05:09:56 -0700 (PDT)
Received: by 10.114.182.1 with SMTP id e1mr8323931waf.143.1217419796347;
        Wed, 30 Jul 2008 05:09:56 -0700 (PDT)
Return-Path: <web1_user@xxxxxxxxxx.us>
Received: from server1.xxxxxxxxxx.us ([xxx.92.28.183])
        by mx.google.com with ESMTP id m29si1953233poh.4.2008.07.30.05.09.53;
        Wed, 30 Jul 2008 05:09:56 -0700 (PDT)
Received-SPF: pass (google.com: domain of web1_user@xxxxxxxxxx.us designates xxx.92.28.183 as permitted sender) client-ip=xxx.92.28.183;
Authentication-Results: mx.google.com; spf=pass (google.com: domain of web1_user@xxxxxxxxxx.us designates xxx.92.28.183 as permitted sender) smtp.mail=web1_user@xxxxxxxxxx.us; dkim=pass header.i=@xxxxxxxxxx.us
Received: from 192.168.1.100 (localhost.localdomain [127.0.0.1])
	by server1.xxxxxxxxxx.us (Postfix) with ESMTP id 410E978C4BB
	for <xxxxxx@gmail.com>; Wed, 30 Jul 2008 20:09:51 +0800 (PHT)
X-DKIM: Sendmail DKIM Filter v2.2.1 server1.xxxxxxxxxx.us 410E978C4BB
DKIM-Signature: v=1; a=rsa-sha1; c=simple/simple; d=xxxxxxxxxx.us;
	s=default2; t=1217419791; bh=+eogg8h8qzD7CUn3p8Fe6Rvj7p4=;
	h=Message-ID:Date:Subject:From:To:Reply-To:User-Agent:MIME-Version:
	 Content-Type:Content-Transfer-Encoding; b=YK5GpXoxqhtIjOvpV+d6k95D
	PMbwGNUbCI3GU2SjycHYeXwdj6UHVfKeg9NbM94t32OXX4bBC3+0nkWbgy5zbhWz08l
	HSvN86xLsV1PVSe8Z9Nzdeo/bBr+QeOJLMCl2jIxZiZRZUxEVEX+fk2e72sAfDJixU9
	SQQcRiX20tyzQ=
Received: from 192.168.1.110
        (SquirrelMail authenticated user web1_user)
        by server1.xxxxxxxxxx.us with HTTP;
        Wed, 30 Jul 2008 20:09:51 +0800 (PHT)
Message-ID: <3714.192.168.1.110.1217419791.squirrel@server1.xxxxxxxxxx.us>
Date: Wed, 30 Jul 2008 20:09:51 +0800 (PHT)
Subject: Testing DKIM
From: "Paul Gabuya" <web1_user@xxxxxxxxxx.us>
To: xxxxxx@gmail.com
Reply-To: web1_user@xxxxxxxxxx.us
User-Agent: SquirrelMail/1.5.1
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
Content-Transfer-Encoding: 8bit

Thanks for assisting me TOPDOG
kudo's to you topdog you're the man!!!! Thank you very much. I hope this thread could also help other newbies like me.
Reply With Quote
  #16  
Old 31st July 2008, 06:57
pg001 pg001 is offline
Member
  
Join Date: Jan 2008
Posts: 67
Thanks: 8
Thanked 2 Times in 1 Post
Default
after dkim-milter worked, dk-milter failed again, I don't know what went wrong:

when I start or restart domainkeys I get this error:

Code:
[root@server1 /]#  service dk-milter start
Starting DomainKeys milter (dk-filter #0): dk-filter: smfi_opensocket() failed
                                                           [FAILED]
Code:
[root@server1 /]#  service dk-milter restart
Shutting down all DomainKeys milter (dk-filter):           [FAILED]
Cleanup for DomainKeys milter (dk-filter #0):
Starting DomainKeys milter (dk-filter #0): dk-filter: smfi_opensocket() failed
                                                           [FAILED]
looking at the dk socket permissions I get this:
Code:
[root@server1 /]# ls -la /var/run/dk-milter/dk.sock
srwxrwx--- 1 dk-milt mail 0 Jul 30 07:08 /var/run/dk-milter/dk.sock
here's my /etc/sysconfig/dk-milter:
Code:
# Default values
#
USER="dk-milt"
PORT="local:/var/run/dk-milter/dk.sock"
#PORT="inet:10034@localhost"
SIGNING_DOMAIN="xxxxxxxxxx.us"
SELECTOR_NAME="default"
KEYFILE="/etc/mail/domainkeys/dk_new.pem"
SIGNER=yes
VERIFIER=yes
CANON=simple
REJECTION="bad=r,dns=t,int=t,no=a,miss=r"
EXTRA_ARGS="-h -l -D"
MILTER_GROUP="mail"
bottom of my /etc/postfix/main.cf looks like this:

Quote:
...
....
smtpd_milters = unix:/var/run/dk-milter/dk.sock
non_smtpd_milters = unix:/var/run/dk-milter/dk.sock

smtpd_milters = unix:/var/run/dkim-milter/dkim.sock
non_smtpd_milters = unix:/var/run/dkim-milter/dkim.sock
on my maillog I get this error:
Code:
Jul 31 12:53:28 server1 dk-filter[16309]: Sendmail DomainKeys Filter: Unable to bind to port local:/var/run/dk-milter/dk.sock
: Address already in use
Jul 31 12:53:28 server1 dk-filter[16309]: Sendmail DomainKeys Filter: Unable to create listening socket on conn local:/var/ru
n/dk-milter/dk.sock
Jul 31 12:53:28 server1 dk-filter[16309]: smfi_opensocket() failed
Reply With Quote
  #17  
Old 31st July 2008, 08:33
topdog topdog is offline
Senior Member
  
Join Date: Jan 2008
Location: South Africa
Posts: 1,352
Thanks: 0
Thanked 148 Times in 145 Posts
Default
Your postfix should look like this
Code:
smtpd_milters = unix:/var/run/dk-milter/dk.sock unix:/var/run/dkim-milter/dkim.sock
non_smtpd_milters = unix:/var/run/dk-milter/dk.sock unix:/var/run/dkim-milter/dkim.sock
Stop dk-milter, remove the socket file and then start it and see if that helps.
__________________
----
http://www.topdog.za.net - Got Linux problems ? - I can help.
http://www.baruwa.org - Try it.
Reply With Quote
The Following User Says Thank You to topdog For This Useful Post:
pg001 (31st July 2008)
  #18  
Old 31st July 2008, 08:48
pg001 pg001 is offline
Member
  
Join Date: Jan 2008
Posts: 67
Thanks: 8
Thanked 2 Times in 1 Post
 
Default
that worked but my dkim for gmail is showing up neutral again

EDIT

it's both working now after I restarted postfix, dkim-milter, and dk-milter. thanks again....
Last edited by pg001; 31st July 2008 at 08:59.
Reply With Quote
Reply
Page 2 of 2 1 2

Bookmarks

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Mail server using Postfix, Dovecot, Mysql... Postfix virtual maps doesn't work?? tarasbuljba HOWTO-Related Questions 33 28th May 2010 14:33
Virtual Users With Postfix, PostfixAdmin, Courier, Mailscanner,Mailwatch CentOS 5.2 tecstream HOWTO-Related Questions 3 16th July 2008 22:10
Mail System Error - Returned Mail tristanlee85 General 16 16th March 2008 09:40
Centos 4.4 32bit Hangs, High Server load 3cwired_com Server Operation 11 16th November 2006 15:47
Verify email setup meekish Installation/Configuration 28 27th October 2006 15:36


All times are GMT +2. The time now is 09:02.

Contact Us - HowtoForge - Linux Howtos and Tutorials - Archive - Top

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2013, vBulletin Solutions, Inc.