I am planning on implementing the three following How-To's that are found on this site. http://www.howtoforge.com/postfix_spf http://www.howtoforge.com/how-to-implement-domainkeys-in-postfix-using-dk-milter-centos5.1 http://www.howtoforge.com/postfix-dkim-with-dkim-milter-centos5.1 I am running Postfix on an Ubuntu 8.04 server which was setup to use a MySQL database for virtual users. It was configured by following this How-To http://www.howtoforge.com/virtual-users-domains-postfix-courier-mysql-squirrelmail-ubuntu8.04 As I understand, these methods require changes to DNS records. Where I am confused in in regards to which DNS records I need to add these TXT records. Do I only add the information for the DNS record of the email server? Or do I need to add a TXT record for each domain that is authorized to send mail through my email server? To me, the first one makes more sense since the email server is sending mail on behalf of the virtual host domains, but I am not sure I am correct in this thinking. Thanks.
The OpenSPF website is down. After reading some posts, it sounds as though it has been down for several weeks and it is unknown at this time when it will be up again and under which domain name. Does anyone happen to have a copy of the download I need from www.openspf.org that is referenced in the Postfix SPF How-To? Thanks.
I think these links are helpful if the openspf web aite doesn't work anymore: http://emailuniverse.com/ezine-tips/?id=1202 http://www.linuxjournal.com/article/7327
I see today that the OpenSPF site is now back online. In the mean time, I have been trying to implement DomainKeys on my Ubuntu machine running Postfix. I have two resources that I am trying to use, but I have gotten stumped. The first is a How To here on this site: http://www.howtoforge.com/how-to-implement-domainkeys-in-postfix-using-dk-milter-centos5.1 The How To on this site is focused on CentOS. The installation process is different and I believe the configuration files are different. But the Postfix stuff should be relatively similar. The second resource is here: http://stas.nerd.ro/blog/index.php/2008/05/13/configuring-postfix-domainkeys-dkim-on-ubuntu-hardy/ This site and the resulting tutorial isn't nearly as well documented or explained as I have come accustomed to on How To Forge. I originally setup my mail server by following this guide: http://www.howtoforge.com/virtual-users-domains-postfix-courier-mysql-squirrelmail-ubuntu8.04 I have installed dk-filter and adjusted the settings in the configuration file under the /etc directory. I have generated keys and pasted the public key into a TXT record in my DNS record. I have checked this DNS entry with some online tools and they returned no errors. I have tried to muddle my way through the necessary changes to the Postfix main and/or master configuration files, but that is where my experience is lacking. Do I need to add statements to both files? I am guessing I need to setup another loop similar to how amavis is looping between 10024 and 10025.
According to http://stas.nerd.ro/blog/index.php/2008/05/13/configuring-postfix-domainkeys-dkim-on-ubuntu-hardy/ you only need to edit main.cf. What's the output of Code: netstat -tap ?
I think I have SPF up and running now. So I am onto the DomainKeys implementation. Here is a snippet of the results of netstat -tap (I removed all apache, mysql, and tcp6 lines as I didn't think they were important): Code: Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name tcp 0 0 localhost.localdo:60000 *:* LISTEN 6564/postgrey.pid - tcp 0 0 localhost.localdo:10024 *:* LISTEN 6430/amavisd (maste tcp 0 0 localhost.localdo:10025 *:* LISTEN 13100/master tcp 0 0 localhost.localdo:spamd *:* LISTEN 6568/spamd.pid tcp 0 0 *:smtp *:* LISTEN 13100/master tcp 0 0 localhost.localdom:8892 *:* LISTEN 13173/dk-filter When I enable the following lines in the Postfix main.cf file by uncommenting them, I cannot send email. Code: milter_default_action = accept milter_protocol = 2 smtpd_milters = inet:localhost:8892 non_smtpd_milters = inet:localhost:8892 Instead, I get an error from Outlook saying: Code: Reported error (0x800CCC6A) : 'Your outgoing (SMTP) e-mail server has reported an internal error. If you continue to receive this message, contact your server administrator or Internet service provider (ISP). The server responded: 451 4.7.1 Service unavailable - try again later' In my mail log, I see the following: Code: Sep 27 22:26:24 gopher dk-filter[13173]: D2702C0CC18: dk_getsig(): resource unavailable: PEM_read_bio_PrivateKey() failed Sep 27 22:26:24 gopher dk-filter[13173]: D2702C0CC18 SSL error:0906D06C:PEM routines:PEM_read_bio:no start line Sep 27 22:26:24 gopher postfix/cleanup[13293]: D2702C0CC18: milter-reject: END-OF-MESSAGE from unknown[192.168.100.2]: 4.7.1 Service unavailable - try again later; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<xxxx>
