Hi Alexey,
This worked :) ....Thanks a lot... Midhun On 11/26/06, Alexey Loukianov <[EMAIL PROTECTED]> wrote:
Здравствуйте, Midhun. Вы писали 25 ?????? 2006 ?., 6:51:25: > I have disabled the DKVERIFY in the tcp.smtp. It was "DEGIJKfh". Got just the same trouble with delivering mails. My setup is as following: 1. Corporate office mail servers (gamma, bravo). Shared NFS HA volume with /home/vpopmail, /etc/tcprules.d and /var/qmail/. /var/qmail/queue and /var/qmail/control/me are symlinks to /opt/qmaillocal/localqueue and /opt/qmaillocal/control/me, that are located in local filesystem on each server. Contents of /etc/tcprules.d/tcp.smtp: 127.0.0.1:allow ,RELAYCLIENT="",RBLSMTPD="",DKSIGN="/var/qmail/control/domainkeys/%/private" 192.168.1.:allow ,RELAYCLIENT="",RBLSMTPD="",DKSIGN="/var/qmail/control/domainkeys/%/private" XXX.YYY.ZZZ.:allow,RELAYCLIENT="",RBLSMTPD="",DKVERIFY="" :allow,BADMIMETYPE="",BADLOADERTYPE="",CHKUSER_RCPTLIMIT="50",DKVERIFY="degijkfh",CHKUSER_WRONGRCPTLIMIT="10",QMAILQUEUE="/var/qmail/bin/simscan",DKQUEUE="/var/qmail/bin/qmail- queue.orig",DKSIGN="/var/qmail/control/domainkeys/%/private" 2. Corporate 'external' mail servers (mx01...mx05). Just the same setup as for office mail servers, except for /etc/tcprules.d/tcp.smtp: 127.:allow,RELAYCLIENT="",DKSIGN="/var/qmail/control/domainkeys/%/private" 10.:allow,RELAYCLIENT="",DKSIGN="/var/qmail/control/domainkeys/%/private" :allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="50",CHKUSER_WRONGRCPTLIMIT="10",DKVERIFY="DEGIJKfh",QMAILQUEUE="/var/qmail/bin/simscan",DKQUEUE="/var/qmail/bin/qmail- queue.orig",DKSIGN="/var/qmail/control/domainkeys/%/private" External mail servers serve as a base for "Free web-based mail for our customers", and some of the addresses are set up to forward mail directly to the office mail servers. When a message comes from yahoo.com and gmail.com directly to office mail servers all is fine. But if it first comes to external mail servers (where it gets checked by SA and ClamAV, i.e. - modifying contents and invalidating DK Sign), and then it gets forwarded to office mailservers, it get's bounced no matter what is the value of DKVERIFY, and even when DKVERIFY isn't defined at all. Looks to me like a bug in qmail-dk. The only way to turn off domainkeys checking for qmail-smtpd is to remove symlink from qmail-queue to qmail-dk and recreate it to point to qmail-queue.orig: # cd /var/qmail/bin # rm -f qmail-queue; ln -s qmail-queue.orig qmail-queue -- С уважением, Alexey mailto:[EMAIL PROTECTED] --------------------------------------------------------------------- QmailToaster hosted by: VR Hosted <http://www.vr.org> --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
