Dear Alex,
I do agree with you and we can use two different keys but them you
will have to use both DKIM and Domainkeys separately and need to
configure them separately. But when DKIM alone can handle both DKIM
and Domainkeys with single key its not required to configure serparately.
Regards,
Anil Aliyan
*From:* Postmaster [mailto:postmas...@seawise-chartering.co.uk]
*Sent:* Monday, April 05, 2010 5:41 PM
*To:* qmailtoaster-list@qmailtoaster.com
*Subject:* Re: [qmailtoaster] Re: Mails getting bounced
There is no reason why different keys cannot be used for Domainkey and
DKIM.
I am using different keys and have had no problems so far.
Regards
Alex
On 05/04/2010 13:01, Anil Aliyan wrote:
I have checked both the entries exists but not updated globally yet.
BUT BOTH KEYS ARE DIFFERENT, please use one single key for both DKIM
and DomainKeys
If you run dig command from your server you can see these records:
*dig txt _domainkey.vanza.com (Answers as Below)*
[r...@ncode-imss ~]# dig txt dkim1._domainkey.vanaz.com
; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5 <<>> txt
dkim1._domainkey.vanaz.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27481
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 0
;; QUESTION SECTION:
;dkim1._domainkey.vanaz.com. IN TXT
;; ANSWER SECTION:
dkim1._domainkey.vanaz.com. 3600 IN TXT "k=rsa\;
p=MEwwDQYJKoZIhvcNAQEBBQADOwAwOAIxAMr0cG1KMKOsR3sNt69ZuqdCPts+mUfBappgKc0qvB+6+X1cXYln9Eq6sikdiIzV4QIDAQAB"
;; AUTHORITY SECTION:
vanaz.com. 172368 IN NS ns2.iknowledgefactory.com.
vanaz.com. 172368 IN NS ns.iknowledgefactory.com.
[r...@ncode-imss ~]# dig txt private._domainkey.vanaz.com
; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5 <<>> txt
private._domainkey.vanaz.com
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 54065
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;private._domainkey.vanaz.com. IN TXT
;; ANSWER SECTION:
private._domainkey.vanaz.com. 2753 IN TXT "k=rsa\;
p=MEwwDQYJKoZIhvcNAQEBBQADOwAwOAIxAMOyyYU7C8EPAq5QMKFXWuaEbtS/uCSBaKlCU8bNlpTcIyVZxDvoQJra6um3v9mc5QIDAQAB"
Regards,
Anil Aliyan
*From:* Postmaster [mailto:postmas...@seawise-chartering.co.uk]
*Sent:* Monday, April 05, 2010 5:23 PM
*To:* qmailtoaster-list@qmailtoaster.com
<mailto:qmailtoaster-list@qmailtoaster.com>
*Subject:* Re: [qmailtoaster] Re: Mails getting bounced
There is another problem.
You should have two entries for Domainkeys and one entry for DKIM:
Domainkey:
- _domainkey.vanaz.com
- private._domainkey.vanaz.com
Please refer to http://wiki.qmailtoaster.com/index.php/Domainkeys
DKIM:
- dkim1._domainkey.vanaz.com
Please refer to video.qmailtoaster.com
One of your TXT records is for vanaz.com rather than
_domainkey.vanaz.com - please correct it.
Once again see the above link about Domiankeys on how to setup your DNS.
Regards
Alex
On 05/04/2010 12:34, Anil Aliyan wrote:
Dear Amit,
Your DNS entry has one problem. You have k=rsa; twice in you DNS
entry please remove one k=rsa; from the DNS entry.
private._domainkey.vanaz.com
New test <http://domainkeys.sourceforge.net/selectorcheck.html>
TXT Record length = 120
*k=rsa; k=rsa;*
p=MEwwDQYJKoZIhvcNAQEBBQADOwAwOAIxAMOyyYU7C8EPAq5QMKFXWuaEbtS/uCSB
...aKlCU8bNlpTcIyVZxDvoQJra6um3v9mc5QIDAQAB
*This selector is in error: TagValue# 2, Tag 'k': Duplicate token at
position 1*
Regards,
Anil Aliyan
*From:* Amit Dalia [mailto:a...@ikf.co.in]
*Sent:* Monday, April 05, 2010 4:20 PM
*To:* qmailtoaster-list@qmailtoaster.com
<mailto:qmailtoaster-list@qmailtoaster.com>
*Subject:* Re: [qmailtoaster] Re: Mails getting bounced
Dear Anil/Alex,
Please check the link below:
http://domainkeys.sourceforge.net/cgi-bin/check_policy?domain=vanaz.com&Submit=Submit
<http://domainkeys.sourceforge.net/cgi-bin/check_policy?domain=vanaz.com&Submit=Submit>
http://domainkeys.sourceforge.net/cgi-bin/check_selector?selector=private._domainkey.vanaz.com&Submit=Submit
<http://domainkeys.sourceforge.net/cgi-bin/check_selector?selector=private._domainkey.vanaz.com&Submit=Submit>
Anyway I will proceed for DKIM installation now.
Thanks and regards,
Amit
At Monday, 05-04-2010 on 15:34 Postmaster wrote:
Issue the following command:
ln -sf qmail-dk qmail-queue
Restart qmail
and do not forget to insert two TXT records into your DNS and make
sure you have done it in a right way.
This would help you to test it:
http://domainkeys.sourceforge.net/policycheck.html
http://domainkeys.sourceforge.net
<http://domainkeys.sourceforge.net/policycheck.html>
Also refer to qmailtoaster wiki.
Regards
Alex
On 05/04/2010 10:57, Amit Dalia wrote:
I had removed qmail-dk from my server using
ln -sf qmail-queue.orig qmail-queue
Now how do re-enable qmail-dk for my server.
Regards,
Amit
At Monday, 05-04-2010 on 15:08 Postmaster wrote:
This may not help. You do not have control over the other server and
your domain may be rejected if the other server has
a strict Domainkey policy. I would recommend to keep qmail-dk and DNS
entries unless you have serious problems (qmail-dk is completely broken).
Personally, I have not had any issues with Domainkey.
Regards
Alex
On 05/04/2010 10:21, Amit Dalia wrote:
It is my domain which got rejected. And I had now removed domain key
for signing my out going emails. Also I had deleted domain key entries
from my DNS Server.
Amit
At Monday, 05-04-2010 on 14:48 Postmaster wrote:
Is it your server rejecting mail or is it your domain got rejected?
Let's check - http://domainkeys.sourceforge.net/policycheck.html
Testing private._domainkey.vanaz.com
New test <http://domainkeys.sourceforge.net/policycheck.html>
No _domainkey TXT record found for private._domainkey.vanaz.com
and
Testing _domainkey.vanaz.com
New test <http://domainkeys.sourceforge.net/policycheck.html>
No _domainkey TXT record found for _domainkey.vanaz.com
So there is no policy for vanaz.com, hence this domain would fail
domainkey policy on other servers.
You need to insert 2 TXT records in vanaz.com DNS.
Regards
Alex
On 05/04/2010 07:21, Amit Dalia wrote:
Hi Eric/Jake,
I had removed Domain Key from my server but I'm still getting below error:
<pnq.fitd...@orbit-star.com <mailto:pnq.fitd...@orbit-star.com>>:
202.46.201.27 failed after I sent the message.
Remote host said: 550 Message does not pass DomainKeys requirements
for domain vanaz.com <http://vanaz.com/>
Any help since this is creating problem to me know.
Regards,
Amit
At Monday, 29-03-2010 on 21:53 Eric Shubert wrote:
Not at all.
Amit Dalia wrote:
> Eric/Jake,
>
> Will re-installing qmail toaster package can solve the problem?
>
> Amit
>
> At Monday, 29-03-2010 on 21:18 Eric Shubert wrote:
>
> Amit,
>
> No way to repair qmail-dk, until someone steps up and fixes the code.
>
> Check out Jake's videos for a way to use DKIM.
>
> In order to disable DK entirely, do:
> # cd /var/qmail/bin
> # ln -sf qmail-queue.orig qmail-queue
>
> --
> -Eric 'shubes'
>
> Amit Dalia wrote:
> >
> > Dear Eric,
> >
> > This was outgoing mail from server and occurred first time only. If
> > qmail-dk is broken then is there any way to repair this? Is there
> any
> > other way to use Domain Key or DKIM with my server? Else how to
> remove
> > Domain Key from my server.
> >
> > Thanks and regards,
> >
> > Amit
> >
> > At Monday, 29-03-2010 on 20:50 Eric Shubert wrote:
> >
> > Amit Dalia wrote:
> > > Dear Team,
> > >
> > > I have been using Domain Key for one of my domain without any
> > problem
> > > from long time. But today 1 server bounced it back mentioning the
> > below
> > > error:
> > >
> > > [<02>] The reason of the delivery failure was:
> > > >
> > > > 550 Message does not pass DomainKeys requirements for domain
> > vanaz.com
> > >
> > > Is my domain key break?
> > >
> > > Thanks and regards,
> > >
> > > Amit
> >
> > Perhaps. The qmail-dk program included with QMT is broken in some
> > areas,
> > particularly inbound. While we've been under the impression that
> > signing
> > was working ok, it's entirely possible that there's a bug in
> there. The
> > safest bet is to simply not use it at all.
> >
> > --
> > -Eric 'shubes'
> >
>
>
>
---------------------------------------------------------------------------------
> Qmailtoaster is sponsored by Vickers Consulting Group
> (www.vickersconsulting.com <http://www.vickersconsulting.com>)
> Vickers Consulting Group offers Qmailtoaster support and installations.
> If you need professional help with your setup, contact them today!
>
---------------------------------------------------------------------------------
> Please visit qmailtoaster.com for the latest news, updates, and
> packages.
>
> To unsubscribe, e-mail:
qmailtoaster-list-unsubscr...@qmailtoaster.com
<mailto:qmailtoaster-list-unsubscr...@qmailtoaster.com>
> For additional commands, e-mail:
qmailtoaster-list-h...@qmailtoaster.com
<mailto:qmailtoaster-list-h...@qmailtoaster.com>
>
--
-Eric 'shubes'
---------------------------------------------------------------------------------
Qmailtoaster is sponsored by Vickers Consulting Group
(www.vickersconsulting.com <http://www.vickersconsulting.com>)
Vickers Consulting Group offers Qmailtoaster support and installations.
If you need professional help with your setup, contact them today!
---------------------------------------------------------------------------------
Please visit qmailtoaster.com for the latest news, updates, and packages.
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
<mailto:qmailtoaster-list-unsubscr...@qmailtoaster.com>
For additional commands, e-mail:
qmailtoaster-list-h...@qmailtoaster.com
<mailto:qmailtoaster-list-h...@qmailtoaster.com>
