Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #11  
Old 19th February 2010, 21:37
voltron81 voltron81 is offline
Senior Member
 
Join Date: Sep 2009
Posts: 292
Thanks: 1
Thanked 4 Times in 3 Posts
Default

Hi esmiz,
I've created the DNS TXT, and I can see it also from the database:
Code:
500 |          1 |           0 | riud          | riud           |                |         1 |   84 | domain.com.              | TXT  | v=spf1 mx ~all                    |   0 | 600 | Y      | 2010-02-19 17:52:42 | 2010021906 |
Anyway if I launch the command dig @localhost domain.com I've this output:
Code:
; <<>> DiG 9.5.1-P3 <<>> @localhost domain.com
; (2 servers found)
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 29611
;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1
;; WARNING: recursion requested but not available

;; QUESTION SECTION:
;domain.com.			IN	A

;; ANSWER SECTION:
domain.com.		600	IN	A	xxx.xxx.xxx.xxx

;; AUTHORITY SECTION:
domain.com.		600	IN	NS	server2.com.
domain.com.		600	IN	NS	server.com.

;; ADDITIONAL SECTION:
server2.com.	300	IN	A	xxx.xxx.xxx.xxx

;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Feb 19 20:31:11 2010
;; MSG SIZE  rcvd: 115
I tried also the test that you suggested me about spf, but that email is look like not working (Diagnostic-Code: X-Postfix; Host or domain name not found. Name service error for name=test.myiptest.com type=A: Host not found)

Anyway I'm not sure if the SPF that I've created is corrct or not, because the website to create it say:
~all Do the above lines describe all the hosts that send mail from domain.com?
If I say yes, I fail the test on mxtoolbox.com, if I say yes the test say: ? all Neutral Always matches. It goes at the end of your record.

Am I wrong in something?

Thanks
Michele

Last edited by voltron81; 20th February 2010 at 00:40.
Reply With Quote
Sponsored Links
  #12  
Old 20th February 2010, 13:21
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,739 Times in 2,574 Posts
Default

You can check your SPF record as follows:
Code:
dig @localhost txt domain.com
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #13  
Old 20th February 2010, 13:28
voltron81 voltron81 is offline
Senior Member
 
Join Date: Sep 2009
Posts: 292
Thanks: 1
Thanked 4 Times in 3 Posts
Default

Hi Falko,
ok now the SPF is fine... infact now I can send emails to AOL... but yahoo still recognize my emails as spam...
Reply With Quote
  #14  
Old 20th February 2010, 15:28
esmiz esmiz is offline
Member
 
Join Date: Dec 2009
Posts: 44
Thanks: 4
Thanked 3 Times in 3 Posts
Default

Yes yahoo seems to be the hardest one to beat. Try to set up dkim aswell
Reply With Quote
  #15  
Old 21st February 2010, 01:32
voltron81 voltron81 is offline
Senior Member
 
Join Date: Sep 2009
Posts: 292
Thanks: 1
Thanked 4 Times in 3 Posts
Default

Hi,
I'm looking this link that you suggested me before and where it say:
Code:
@mynetworks = qw(0.0.0.0/8 127.0.0.0/8 10.0.0.0/8 172.16.0.0/12
192.168.0.0/16);
which IP should I put?
I don't know the range of the IP of the people that will send emails through this server...
Thanks
Reply With Quote
  #16  
Old 21st February 2010, 04:02
esmiz esmiz is offline
Member
 
Join Date: Dec 2009
Posts: 44
Thanks: 4
Thanked 3 Times in 3 Posts
Default

Hi Michele

Good question. I don't really know the answer, in our case we use static IP's.
I would try to delete or comment out the line with @mynetworks and put this two lines instead:
Code:
$interface_policy{'10024'} = 'DKIM_ALWAYS'; 
$policy_bank{'DKIM_ALWAYS'} = { originating => 1, };
I'm not sure, this is the proper way to do it, but it seems to work for me. A nice way to check is to send an email to check-auth@verifier.port25.com It will send you back the result in a couple of minutes
Please tell us if it worked for you.

Regards

Last edited by esmiz; 21st February 2010 at 16:46. Reason: add some more info
Reply With Quote
  #17  
Old 21st February 2010, 15:15
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,739 Times in 2,574 Posts
Default

Please check if your reverse record is ok. Run
Code:
dig -x your_ip
It should give you back a hostname. Then take this hostname and run
Code:
dig hostname
If all works fine, this should give you back your IP address.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #18  
Old 21st February 2010, 23:48
esmiz esmiz is offline
Member
 
Join Date: Dec 2009
Posts: 44
Thanks: 4
Thanked 3 Times in 3 Posts
Default

Hi Falko

Excuse me if I'm going to say something stupid.
I wonder if there is anything wrong using:
Code:
$interface_policy{'10024'} = 'DKIM_ALWAYS'; 
$policy_bank{'DKIM_ALWAYS'} = { originating => 1, };
Instead of using:
Code:
@mynetworks = qw(0.0.0.0/8 127.0.0.0/8 10.0.0.0/8 172.16.0.0/12
192.168.0.0/16);
I found it somewhere in internet, but they were talking about exim not postfix.
If there is nothing wrong with it, Looks like it should be the preferred way to setup dkim as it is more independent of your IP and covers every situation. isn 't it?

Regards
Reply With Quote
  #19  
Old 22nd February 2010, 10:58
voltron81 voltron81 is offline
Senior Member
 
Join Date: Sep 2009
Posts: 292
Thanks: 1
Thanked 4 Times in 3 Posts
Default

Hi Falko,
the reverse record is ok.
I guess I need to create a dkim...but as I said before I'm not sure what I've to put in @mynetworks once that I don't know the IP of the clients...

Hi esmiz, thanks for your reply.
I'm checking on internet your suggestion... hoping that also Falko will confirm it...

Another thing: setting up the SPT as this website said, I can read:
Code:
Paste this into your zone file:

domain.com. IN TXT "v=spf1 a mx ~all"

When a mail server sends a bounce message, it uses a null MAIL FROM: <>, and a HELO address that's supposed to be its own name. SPF will still operate, but in "degraded mode" by using the HELO domain name instead. Because this wizard can't tell which name your mail server uses in its HELO command, it lists all possible names, so there may be multiple lines shown below. If you know which hostname your mail server uses in its HELO command, you should pick out the appropriate entries and ignore the rest.

So this should also appear in DNS. You may or may not be in charge of the DNS for these entries; if you are, add them.

mail.domain.com. IN TXT "v=spf1 a -all"
server. IN TXT "v=spf1 a -all"
Having a look into the mail.log, I can see that, even if I have different domains in the server, the emails going out from domain1, domain2, domain3, etc, have an HELO like: mail.domain.com
I was expecting to have an HELO related with the domain of the sender... is it normal?

Thanks
Michele

Last edited by voltron81; 22nd February 2010 at 11:22.
Reply With Quote
  #20  
Old 23rd February 2010, 18:17
voltron81 voltron81 is offline
Senior Member
 
Join Date: Sep 2009
Posts: 292
Thanks: 1
Thanked 4 Times in 3 Posts
 
Default

Hi to everybody.
I wrote an email to yahoo and they suggested me to add the dkim also...
But I still have the problem of @mynetworks, where I've no idea which IP I've to put... or if, as esmiz said, put instead of @mynetwork this code:
Code:
$interface_policy{'10024'} = 'DKIM_ALWAYS'; 
$policy_bank{'DKIM_ALWAYS'} = { originating => 1, };
May somebody confirm it or suggest the right configuration?

Thanks
Michele
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Centos5.4/ISPConfig 3--Virtual site not working MichaelCaditz Installation/Configuration 25 25th March 2011 11:37
Email problem 'Cannot set my user or group id.' (using ISPConfig 3 + OpenSuSE 11.2) urosm Installation/Configuration 5 19th June 2010 22:41
Mail server attempting to send out 1000s of SPAM emails punto Installation/Configuration 19 18th January 2009 14:54
Rejecting outbound mail tristanlee85 General 11 20th May 2007 17:04
The Perfect Setup Suse 9.3 - Postfix problems new_bee05 HOWTO-Related Questions 20 25th November 2005 02:30


All times are GMT +2. The time now is 10:16.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.