1 (edited by cts.cobra 2013-11-20 16:10:05)

Topic: DKIM generation

==== Required information ====
- iRedMail version: 0.8.5
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Linux/BSD distribution name and version: Centos 6.4
- Related log if you're reporting an issue:
====

I have a quick question about DKIM .
During the iRedMail setup it was generated but without public p=something ( its blank )

; key#1, domain xxxx.yy, /var/lib/dkim/xxxx.yy.pem
dkim._domainkey.xxxx.yy.    3600 TXT (
  "v=DKIM1; p="
  "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxx"
  "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx/xxxxxxxx"
  "xxxxxxxxxxxxxxxxxxxxxxxxxx"
  "xxxxxxxxxxxxxxxxxxxxxxxx")

Do i need p=something , what do i put in DNS for that DKIM ?

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: DKIM generation

Reference: https://code.google.com/p/iredmail/wiki/DNS_DKIM

3

Re: DKIM generation

I will test that after my ISP puts it in DNS , can you tell me why is only my primary domain signatured with DKIM and other domains are sent without DKIM ?

4

Re: DKIM generation

Are you sure? Did you add your mail domain names in Amavisd parameter @local_domains_maps?
iRedMail configures Amavisd to sign all outbound with the DKIM key generated during iRedMail installation by default.

5

Re: DKIM generation

ZhangHuangbin wrote:

Are you sure? Did you add your mail domain names in Amavisd parameter @local_domains_maps?
iRedMail configures Amavisd to sign all outbound with the DKIM key generated during iRedMail installation by default.

Yes this is from conf :

$enable_db = 1;              # enable use of BerkeleyDB/libdb (SNMP and nanny)
# $enable_zmq = 1;           # enable use of ZeroMQ (SNMP and nanny)
$nanny_details_level = 2;    # nanny verbosity: 1: traditional, 2: detailed
$enable_dkim_verification = 1;  # enable DKIM signatures verification
$enable_dkim_signing = 1;    # load DKIM signing code, keys defined by dkim_key

@local_domains_maps = ( [".$mydomain","xxxxxx.yy","xxxxxx.zzz"] );  # list of all local domains

6

Re: DKIM generation

What's the value of '@dkim_signature_options_bysender_maps' in Amavisd config file?

7 (edited by cts.cobra 2013-11-21 16:54:36)

Re: DKIM generation

ZhangHuangbin wrote:

What's the value of '@dkim_signature_options_bysender_maps' in Amavisd config file?


@dkim_signature_options_bysender_maps = ( {
    # ------------------------------------
    # For domain: xxxx.yy.
    # ------------------------------------
    # 'd' defaults to a domain of an author/sender address,
    # 's' defaults to whatever selector is offered by a matching key

    #'postmaster@xxxx.yy'    => { d => "xxxx.yy", a => 'rsa-sha256', ttl =>  7*24*3600 },
    #"spam-reporter@xxxx.yy"    => { d => "xxxx.yy", a => 'rsa-sha256', ttl =>  7*24*3600 },

    # explicit 'd' forces a third-party signature on foreign (hosted) domains
    "xxxx.yy"  => { d => "xxxx.yy", a => 'rsa-sha256', ttl => 10*24*3600 },
    #"host1.xxxx.yy"  => { d => "host1.xxxx.yy", a => 'rsa-sha256', ttl => 10*24*3600 },
    #"host2.xxxx.yy"  => { d => "host2.xxxx.yy", a => 'rsa-sha256', ttl => 10*24*3600 },

# catchall defaults
    '.' => { a => 'rsa-sha256', c => 'relaxed/simple', ttl => 30*24*3600 },

8

Re: DKIM generation

You have correct settings in Amavisd, i have no idea. sad