Discussion in 'General' started by Nikolay Orlov, Apr 14, 2020.
how to configure postfix to enable dkim and spf test for all incoming emails. Outgoing signed well.
You can start with this Tutorial:
Are you planning to reject incoming e-mails by DKIM and SPF? Or just increas spam score if checking fails?
I think it will be better, so I deed all necessary things to set up dkim and spf to prevent my mails go to spam, now a want protect my server
Depends on your rspamd configuration. It should work out of the box. Have you done any special configuration?
How do you test that it is not working?
dkim=temperror (DNS error when getting key) header.d=yandex.ru header.s=mail header.b=oW3s9HPi;
spf=temperror (mediateka.advocatorb.ru: error in processing during lookup of [email protected]: DNS error) [email protected]
Open rspamd web interface and have a look at the mail what policies where used.
Go to the Symbols tab and search for dkim. Adjust the score to your needs.
Maybe I'm off (I don't actually have rspamd in use yet), but that header indicates both dkim and spf failed due to DNS lookup failures, does it not? Perhaps you should troubleshoot DNS from your mail server.
No it not the problem.
I try to do like this https://www.linode.com/docs/email/postfix/configure-spf-and-dkim-in-postfix-on-debian-9/
All bedding work perfect, but now I have 2 dkim on one system, when I turn off dkim in isp, my emails stop sign. That why I ask what should I do to enable native ispdkim to enable email check
I think it is a problem. Make sure you have unbound (or other) installed and its working.
ispc does nothing "directly" with dkim. It configures rspamd to take care of that.
Then you have installed opendkim and messed up your system. I thought you are using rspamd, because that is what was in the thread title. There are several ways to achieve the same thing. Now you have two of them bot they don't work in parallel. I can't help you with that, you first need a clean setup
I made clean setup with amavis, then change it with Rspamd instructions in Howtoforge , then I found that dkim doesn't work it cat sign but doesn't check incoming emails. How to config Rspamd to check incoming
It is working in the standard setup. I have shown you above how to change the impact of the test on the mail.
What you have shown is that your check is not working, because local DNS lookup is not working ("DNS error when getting key"). What DKIM does is that the public key is distributed via DNS. If your server can't get DNS information it cannot check DKIM. Fix your DNS lookup!
I understand you, try to solve that problem
Separate names with a comma.