Erik, You wrote:
127.:allow,RELAYCLIENT="",DKSIGN="/var/qmail/control/domainkeys/%/private" :allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="50",CHKUSER_WRONG RCPTLIMIT="10",DKVERIFY="BDEGIJKfh",QMAILQUEUE="/var/qmail/bin/simscan",DKQU EUE="/var/qmail/bin/qmail-queue.orig",DKSIGN="/var/qmail/control/domainkeys/ %/private" Since 127. already is in the group allow, there is no real reason to add the DKSIGN environment to the ip address alone, since it's already in the allow group. A proper enviroemnt, without setting the environment again, should look like 127.:allow,RELAYCLIENT="" :allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="50",CHKUSER_WRONG RCPTLIMIT="10",DKVERIFY="BDEGIJKfh",QMAILQUEUE="/var/qmail/bin/simscan",DKQU EUE="/var/qmail/bin/qmail-queue.orig",DKSIGN="/var/qmail/control/domainkeys/ %/private" -----Original Message----- From: Erik Espinoza [mailto:[EMAIL PROTECTED] Sent: den 22 maj 2006 19:16 To: qmailtoaster-list@qmailtoaster.com Subject: Re: [qmailtoaster] Re: domainkeys signing failing? Not sure I understand what you're asking. On 5/22/06, Mattias Segerdahl <[EMAIL PROTECTED]> wrote: > Erik, > > Why would you put up the domain key signing for both the ip address and once > again in the allow group? This should only be needed once. > > // Mattias > > -----Original Message----- > From: John Q. Fernandez [mailto:[EMAIL PROTECTED] > Sent: den 22 maj 2006 14:32 > To: qmailtoaster-list@qmailtoaster.com > Subject: Re: [qmailtoaster] Re: domainkeys signing failing? > > I had it setup like this: > 127.:allow,RELAYCLIENT="" > :allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="50",CHKUSER_WRONG > RCPTLIMIT="10",DKVERIFY="BDEGIJKfh",QMAILQUEUE="/var/qmail/bin/simscan",DKQU > EUE="/var/qmail/bin/qmail-queue.orig",DKSIGN="/var/qmail/control/domainkeys/ > %/private" > > Then I tried the way you said it should look like > 127.:allow,RELAYCLIENT="",DKSIGN="/var/qmail/control/domainkeys/%/private" > :allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="50",CHKUSER_WRONG > RCPTLIMIT="10",DKVERIFY="BDEGIJKfh",QMAILQUEUE="/var/qmail/bin/simscan",DKQU > EUE="/var/qmail/bin/qmail-queue.orig",DKSIGN="/var/qmail/control/domainkeys/ > %/private" > > I am still getting: > DomainKey-Status: bad > . > . > DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=private; d=domain.com; > > b=KXnemYAno0ThL4LaL7sTRY+4U1dlzwTefvLyz0AFjklEY8yEfSO+Qp6zrUqtMPpWla2F76LNpp > EW7+etv2E1FhnkOowygaN6YZosad9E+QQcp6dNLfQRQHkzLMFstsz8 > ; > > Any help on resolution would be great. > > Thanks, > John > > > Looks like your key is set up correctly in DNS. Perhaps your tcp.smtp > > is misconfigured. Without these two lines, you will not be signing at > > all. > > > > The default should look as follows (2 lines): > > 127.:allow,RELAYCLIENT="",DKSIGN="/var/qmail/control/domainkeys/%/private" > > > :allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="50",CHKUSER_WRONG > RCPTLIMIT="10",DKVERIFY="BDEGIJKfh",QMAILQUEUE="/var/qmail/bin/simscan",DKQU > EUE="/var/qmail/bin/qmail-queue.orig",DKSIGN="/var/qmail/control/domainkeys/ > %/private" > > > > Thanks, > > Erik > > > > On 5/21/06, John Fernandez <[EMAIL PROTECTED]> wrote: > >> $ host -t txt private._domainkey.domain.com > >> private._domainkey.domain.com text "k=rsa\; > >> > p=MEwwDQYJKoZIhvcNxdrvfeAIxAPL//Tp0mGa06ZYwnJWEfds4tgEFvvdV5/f2zEyrb5ohF#5fs > dfsdfdh53fzGHXV+/087gKKwIDAQAB" > >> > >> > >> Erik Espinoza wrote: > >> > Oops. I pulled the wrong record. Type 'host -t txt > >> > private._domainkey.domain.com' > >> > > >> > Thanks, > >> > Erik > >> > > >> > On 5/21/06, John Fernandez <[EMAIL PROTECTED]> wrote: > >> >> Maybe I didn't add it right but here is what I added. > >> >> > >> >> I added a TXT record using godaddy wizard > >> >> > >> >> TXT name is: private._domainkey.domain.com > >> >> TXT value is: k=rsa; > >> >> p=XXXxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx......... > >> >> > >> >> I wasn't really sure what to put on the name. In my SPF I only had @ > >> in > >> >> the TXT name. Should I be putting @ also for domainkeys? > >> >> > >> >> Here is the output you are asking for. > >> >> $ host -t txt domain.com > >> >> domain.com text "v=spf1 a mx:domain.com ip4:xxx.xxx.xxx.xxx/24 -all" > >> >> > >> >> Thanks, > >> >> > >> >> John. > >> >> > >> >> > >> >> Erik Espinoza wrote: > >> >> > What type of record did you add in GoDaddy? Did you make sure it > >> was a > >> >> > txt record? What shows up when you type host -t txt domain.com at > >> the > >> >> > command line? > >> >> > > >> >> > On 5/20/06, John Fernandez <[EMAIL PROTECTED]> wrote: > >> >> >> I am getting the below results when sending to both yahoo > >> and > >> >> >> gmail. > >> >> >> > >> >> >> yahoo > >> >> >> Authentication-Results: mta183.mail.re4.yahoo.com > >> >> from=domain.com; > >> >> >> domainkeys=fail (bad sig) > >> >> >> . > >> >> >> . > >> >> >> DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=private; > >> >> >> d=domain.com; > >> >> >> b=Dxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx ; > >> >> >> > >> >> >> gmail > >> >> >> DomainKey-Status: bad > >> >> >> . > >> >> >> . > >> >> >> DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=private; > >> >> >> d=domain.com; > >> >> >> b=Zxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx ; > >> >> >> > >> >> >> here is my tcp.smtp > >> >> >> 127.:allow,RELAYCLIENT="" > >> >> >> > >> >> > :allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="50",CHKUSER_WRONG > RCPTLIMIT="10",DKVERIFY="DEGIJKfh",QMAILQUEUE="/var/qmail/bin/simscan",DKQUE > UE="/var/qmail/bin/qmail-queue.orig",DKSIGN="/var/qmail/control/domainkeys/d > omain.com/private" > >> >> > >> >> >> > >> >> >> > >> >> >> Here is what I have in my dns. (i have godaddy and im guessing > >> >> they are > >> >> >> using bind). > >> >> >> > >> >> >> > >> >> >> > >> >> >> private._domainkey.domain.com > >> >> >> k=rsa; > >> >> >> > >> >> > p=Mxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx > xx > >> >> > >> >> >> > >> >> >> 3600 > >> >> >> > >> >> >> > >> >> --------------------------------------------------------------------- > >> >> >> QmailToaster hosted by: VR Hosted > >> >> >> > >> >> --------------------------------------------------------------------- > >> To > >> >> >> unsubscribe, e-mail: > >> >> [EMAIL PROTECTED] For > >> >> >> additional commands, e-mail: > >> [EMAIL PROTECTED] > >> >> > > >> >> > > --------------------------------------------------------------------- > >> >> > QmailToaster hosted by: VR Hosted <http://www.vr.org> > >> >> > > --------------------------------------------------------------------- > >> >> > To unsubscribe, e-mail: > >> [EMAIL PROTECTED] > >> >> > For additional commands, e-mail: > >> >> [EMAIL PROTECTED] > >> >> > > >> >> > >> >> > >> >> --------------------------------------------------------------------- > >> >> QmailToaster hosted by: VR Hosted <http://www.vr.org> > >> >> --------------------------------------------------------------------- > >> >> To unsubscribe, e-mail: > >> [EMAIL PROTECTED] > >> >> For additional commands, e-mail: > >> [EMAIL PROTECTED] > >> >> > >> >> > >> > > >> > --------------------------------------------------------------------- > >> > QmailToaster hosted by: VR Hosted <http://www.vr.org> > >> > --------------------------------------------------------------------- > >> > To unsubscribe, e-mail: [EMAIL PROTECTED] > >> > For additional commands, e-mail: > >> [EMAIL PROTECTED] > >> > > >> > >> > >> --------------------------------------------------------------------- > >> QmailToaster hosted by: VR Hosted <http://www.vr.org> > >> --------------------------------------------------------------------- > >> To unsubscribe, e-mail: [EMAIL PROTECTED] > >> For additional commands, e-mail: [EMAIL PROTECTED] > >> > >> > > > > --------------------------------------------------------------------- > > QmailToaster hosted by: VR Hosted <http://www.vr.org> > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > --------------------------------------------- > .how soon not now becomes never. _martin luther > > > --------------------------------------------------------------------- > QmailToaster hosted by: VR Hosted <http://www.vr.org> > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > --------------------------------------------------------------------- > QmailToaster hosted by: VR Hosted <http://www.vr.org> > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- QmailToaster hosted by: VR Hosted <http://www.vr.org> --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- QmailToaster hosted by: VR Hosted <http://www.vr.org> --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]