DKIM with amavisd-new installation problem

Discussion in 'Installation/Configuration' started by Sinchan, Jun 13, 2010.

  1. Sinchan

    Sinchan New Member

    Hi all,
    I have ISPConfig 3.0.2.1 on my debian lenny and now i want to implement domainkeys since all my email marked as ***SPAM*** when received from yahoo email.
    I follow perfect debian guide. And in that guide say to install amavisd-new.
    Then, now i'll try to follow DKIM FaqForge and IJS's DKIM, but in this DKIM guide thats say amavisd (not amavisd-new).

    Since iam never found amavisd command and amavisd.conf, then i'll try like this :
    1. Create keys :
    Code:
    # updatedb
    # locate amavisd.conf
    /usr/share/doc/amavisd-new/examples/amavisd.conf-default.gz
    /usr/share/doc/amavisd-new/examples/amavisd.conf-sample.gz
    # which amavisd
    # which amavisd-new
    /usr/sbin/amavisd-new
    
    # mkdir /etc/amavis/dkim
    # amavisd-new genrsa /etc/amavis/dkim/hidden-mydomain-com.key.pem
    Private RSA key successfully written to file "/etc/amavis/dkim/hidden-mydomain-com.key.pem" (1024 bits, PEM format) 
    2. Insert domain keys and enable dkim in /etc/amavis/conf.d/50-user :
    Code:
    # vi /etc/amavis/conf.d/50-user 
    [...]
    $inet_socket_port = [10024,10026,9998];
    $enable_dkim_signing = 1;
    dkim_key('mydomain.com', 'mail', '/etc/amavis/dkim/hidden-mydomain-com.key.pem');
    $interface_policy{'10026'} = 'ORIGINATING';
    $policy_bank{'ORIGINATING'} = { 
      originating => 1, 
      smtpd_discard_ehlo_keywords => ['8BITMIME'],
    };
    [...]
    3. Restart amavis and postfix service
    Code:
    # /etc/init.d/amavis restart
    Stopping amavisd: amavisd-new.
    Starting amavisd: amavisd-new.
    unicorn:~# /etc/init.d/postfix reload
    Reloading Postfix configuration...done.
    4. Show keys and add to TXT DNS Records :
    Code:
    # amavisd-new showkeys
    mail._domainkey.mydomain.com.	3600 TXT (
      "v=DKIM1; p="
      "abcdefg"
      "hijklmn"
      "opqrstu"
      "vwxyz")
    In ISPConfig dns, iam insert txt record :
    Code:
    Hostname : mail._domainkey.mydomain.com.
    Text : v=DKIM1; p=abcdefghijklmnopqrstuvwxyz
    5. Test keys :
    Code:
    # amavisd-new testkeys
    TESTING: mail._domainkey.mydomain.com => invalid (public key: not available)
    Any suggestions about this problem please ?
    notes : i already have PTR and SPF record before
     
  2. admins

    admins Member HowtoForge Supporter

    Remove DKIM, remove SPF and correct your envirement.
    After this work yahoo don't mark you as spam?

    Did you checked your IPs in blacklist?

    admins
     
  3. Sinchan

    Sinchan New Member

    Hi Admins, thanks for your reply.
    Before I tried using DKIM, I just rely on PTR records.
    I try to send email from my google account, and can be received properly without any spam headers. But when sending emails from yahoo accounts, received email deemed as spam.
    Then I tried to add the SPF record "v = spf1 a mx -all", but the results obtained from the same as before. Because of this problem, I try DKIM implementation.
    And what do you mean with correct my environment? can you more specify with more detail please?

    Yeah, I've checked the server IP address from this website, and the results is clean.

    I wish to ask you, why do you suggest for not using DKIM? Is this not a good method to solve this problem?
     
  4. admins

    admins Member HowtoForge Supporter

    DKIM is not good, spf is old and not effective.

    1. Send a mail to trash (at) mailcarrier(dot)ch so I could check your header and see why you are tagged as spam

    Check following:
    1. correct A-Record with the name in your domain for your server
    2. check if you've a correct PTR-Record
    3. delete spf entries
    4. delete dkim entries
    5. restart services
    6. send the mail authentificated
    7. Enable the port 587 and use it instead of port 25

    send now the mail

    admins
     
  5. Sinchan

    Sinchan New Member

    hi admins,
    thanks again for your reply ..
    I've sent two emails.
    first, forward ***spam*** messages from my yahoo account, and second, send email from my email client using submission port.
    i look forward for your reply and many thanks ;)
     
  6. admins

    admins Member HowtoForge Supporter

    now your PTR (Reverse DNS) is active...
     
  7. Sinchan

    Sinchan New Member

    last night i'd try sending email from my Yahoo! account but still no luck :mad:
    I was sent my second email a few minutes ago. Plz check it out and many thanks for your helps. :)
     

Share This Page