Re: [qmailtoaster] Re: Strange Behavior of Domainkey
Hi all, The problem with the stock domainkey configuration is that it will only sign things when they enter the queue. If any application uses qmail as sendmail replacement (e.g. a locally installed squirrelmail or horde webmail can be configured to do it), then the message will not be signed. The DKIM replacement (there was a video Jake did on that) is much better - it will sign messages when they LEAVE the system and it can be configured to do DKIM and Domainkeys. I'd really recommend replacing the stock domainkeys config by the dkim enhancement. There should also be a page on the wiki about it. Thanks, Martin -- Martin Waschbüsch IT-Dienstleistungen Lautensackstr. 16 80687 München Telefon: +49 89 57005708 Fax: +49 89 57868023 Mobil: +49 170 2189794 mar...@waschbuesch.de http://martin.waschbuesch.de Am 28.12.2010 um 18:53 schrieb Eric Shubert: > The stock qmail-dk is just plain broken. It sometimes works, but it also > fails to sign properly in some (unpredictable AFAICT) circumstances. I > recommmend using DKIM if you really need to sign messages with a key. > -- > -Eric 'shubes' > > On 12/28/2010 10:34 AM, ya...@ardmail.com wrote: >> SPF is configured and not causing any problem in both cases. >> I was contemplating the possibility that it could be some difference in >> the config line for localhost vs anything else, but i made them identical >> as well. and it doesn't help :( >> >> 127.:allow,RELAYCLIENT="",DKSIGN="/var/qmail/control/domainkeys/%/private",RBLSMTPD="",NOP0FCHECK="1" >> 192.168.1.60:allow,RELAYCLIENT="",DKSIGN="/var/qmail/control/domainkeys/%/private",RBLSMTPD="",NOP0FCHECK="1" >> :allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="50",CHKUSER_WRONGRCPTLIMIT="10",DKSIGN="/var/qmail/control/domainkeys/%/private" >> >> >> >> >>> On 12/28/2010 02:36 AM, Anil Aliyan wrote: Is your tcp.smtp configuration for localhost or mailserver and you client has the same configuration? >>> >>> This is on the right track. The 'stock' configuration for squirrelmail >>> presently uses an open relay configuration for localhost, with no >>> authentication (this will hopefully change in v2). For the sake of >>> consistency (and a little better security), I change my SM config to >>> submit via port 587 and authenticate, and remove the 127.: line from >>> tcp.smtp. See http://wiki.qmailtoaster.com/index.php/Fetchmail for such >>> SM configuration. >>> >>> I expect that this will not fix your problem, and will cause the problem >>> to exist with SM as well as Outlook. There's something to be said for >>> consistency. ;) >>> >>> How have you implemented DK? The 'stock' configuration is a bit flakey. >>> I think that there is a DKIM implementation that works well, although I >>> haven't used it personally yet. I would look into DKIM (as opposed to >>> using DK) if you haven't already. >>> Have you configured SPF records for your clients network in your DNS records? >>> >>> Shouldn't need this, as SPF has to do with the server which sends the >>> message, not client (origin) addresses. >>> Regards, Anil Aliyan >>> >>> Thanks for your input, Anil. I'll let you help Yuri on this further. >>> -Original Message- From: ya...@ardmail.com [mailto:ya...@ardmail.com] Sent: 28 December 2010 14:36 To: qmailtoaster-list@qmailtoaster.com Subject: [qmailtoaster] Strange Behavior of Domainkey Hello, I noticed very strange behavior of domainkey with yahoo :( if i am sending the mail from squirrelmail everything works and yahoo passing the signature. if i am sending the same mail from outlook client yahoo says the signature is bad. is this a problem of my configuration? Any help will be appreciated. Thanks, ~yuri - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! >>> >>> >>> -- >>>
RE: [qmailtoaster] Re: Strange Behavior of Domainkey
I agree. SPF has nothing to do with signing of the mail by Domainkeys or DKIM. If need any help in setting up DKIM please let me know. I have 5 servers and all are configured with DKIM and working without any issue. Regards, Anil Aliyan -Original Message- From: Eric Shubert [mailto:e...@shubes.net] Sent: 28 December 2010 23:24 To: qmailtoaster-list@qmailtoaster.com Subject: [qmailtoaster] Re: Strange Behavior of Domainkey The stock qmail-dk is just plain broken. It sometimes works, but it also fails to sign properly in some (unpredictable AFAICT) circumstances. I recommmend using DKIM if you really need to sign messages with a key. -- -Eric 'shubes' On 12/28/2010 10:34 AM, ya...@ardmail.com wrote: > SPF is configured and not causing any problem in both cases. > I was contemplating the possibility that it could be some difference > in the config line for localhost vs anything else, but i made them > identical as well. and it doesn't help :( > > 127.:allow,RELAYCLIENT="",DKSIGN="/var/qmail/control/domainkeys/%/private",R BLSMTPD="",NOP0FCHECK="1" > 192.168.1.60:allow,RELAYCLIENT="",DKSIGN="/var/qmail/control/domainkeys/%/pr ivate",RBLSMTPD="",NOP0FCHECK="1" > :allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="50",CHKUSER_WRONG RCPTLIMIT="10",DKSIGN="/var/qmail/control/domainkeys/%/private" > > > > >> On 12/28/2010 02:36 AM, Anil Aliyan wrote: >>> Is your tcp.smtp configuration for localhost or mailserver and you >>> client has the same configuration? >> >> This is on the right track. The 'stock' configuration for >> squirrelmail presently uses an open relay configuration for >> localhost, with no authentication (this will hopefully change in v2). >> For the sake of consistency (and a little better security), I change >> my SM config to submit via port 587 and authenticate, and remove the >> 127.: line from tcp.smtp. See >> http://wiki.qmailtoaster.com/index.php/Fetchmail for such SM configuration. >> >> I expect that this will not fix your problem, and will cause the >> problem to exist with SM as well as Outlook. There's something to be >> said for consistency. ;) >> >> How have you implemented DK? The 'stock' configuration is a bit flakey. >> I think that there is a DKIM implementation that works well, although >> I haven't used it personally yet. I would look into DKIM (as opposed >> to using DK) if you haven't already. >> >>> Have you configured SPF records for your clients network in your DNS >>> records? >> >> Shouldn't need this, as SPF has to do with the server which sends the >> message, not client (origin) addresses. >> >>> Regards, >>> >>> Anil Aliyan >> >> Thanks for your input, Anil. I'll let you help Yuri on this further. >> >>> -Original Message- >>> From: ya...@ardmail.com [mailto:ya...@ardmail.com] >>> Sent: 28 December 2010 14:36 >>> To: qmailtoaster-list@qmailtoaster.com >>> Subject: [qmailtoaster] Strange Behavior of Domainkey >>> >>> >>> Hello, >>> >>> I noticed very strange behavior of domainkey with yahoo :( if i am >>> sending the mail from squirrelmail everything works and yahoo >>> passing the signature. >>> if i am sending the same mail from outlook client yahoo says the >>> signature is bad. >>> >>> is this a problem of my configuration? >>> Any help will be appreciated. >>> >>> Thanks, >>> >>> ~yuri >>> >>> >>> >>> >>> >>> - >>> Qmailtoaster is sponsored by Vickers Consulting Group >>> (www.vickersconsulting.com) >>> Vickers Consulting Group offers Qmailtoaster support and >>> installations. >>> If you need professional help with your setup, contact them >>> today! >>> >>> >>> - >>>Please visit qmailtoaster.com for the latest news, updates, >>> and packages. >>> >>> To unsubscribe, e-mail: >>> qmailtoaster-list-unsubscr...@qmailtoaster.com >>>For additional commands, e-mail: >>> qmailtoaster-list-h...@qmailtoaster.com >>> >>> >>> >>> >>> >>> - Qmailtoaster is sponsored by Vickers Consulting Group >>> (www.vickersconsulting.com) >>> Vickers Consulting Group offers Qmailtoaster support and >>> installations. >>> If you need professional help with your setup, contact them >>> today! >> >> >> -- >> -Eric 'shubes' >> >> >> - >> Qmailtoaster is sponsored by Vickers Consulting Group >> (www.vickersconsulting.com) >> Vickers Consulting Group offers Qmailtoaster support and >> installations. >>If you need professional help with your setup, contact them today! >> - >> Please visit qmailtoaster.com for the latest news, updates, and >> packages. >> >>To unsu
[qmailtoaster] RE: Re: autoreply error
> Hi, Eric, > > Thanks for replying me via PM. I had brought our conversation to the ML. > >>> I am referred by Cecil regarding an issue with autoreply running on >>> Webmin/Virtualmin and qmail. >>> >>> Everytime, the user receive an email, there will be an error in the log. >>> >>> @40004d11c7482ee08e94 delivery 7243: deferral: >>> >>> sh:_-c:_line_0:_unexpected_EOF_while_looking_for_matching_`"'/sh:_-c: >>> _line_1 >>> >>> :_syntax_error:_unexpected_end_of_file/ >>> >>> At times, the user will get many duplicate emails. >>> >>> Is there a solution or work around? >> I suspect there might be a problem with the user's .qmail file, which >> specifies delivery. > The .qmail is like this > ./Maildir/ > |/etc/webmin/virtual-server/autoreply.pl > |/home/www/miltrade.com.sg/autoreply-eric.txt eric > |/var/virtualmin-autoreply/12762307171957-autoreply-eric.txt >> I highly recommend you use qmail-toaster (http://www.qmailtoaster.com/). >> It is much more reliable than trying to use qmail otherwise. > > I am already using shupp toaster. Is there a way to fix this without having to reinstall with qmailtoaster? > >> Also, please use the qmailtoaster email list for future correspondence. >> That way others may benefit as well from solutions to your problems. > > Yes I am here already. > > Thanks Eric Another thing I notice that, The Autoreply did not reply to me. I had sent some test emails to the user but I did not get any reply messages. Please help. Many thanks - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Re: Strange Behavior of Domainkey
The stock qmail-dk is just plain broken. It sometimes works, but it also fails to sign properly in some (unpredictable AFAICT) circumstances. I recommmend using DKIM if you really need to sign messages with a key. -- -Eric 'shubes' On 12/28/2010 10:34 AM, ya...@ardmail.com wrote: SPF is configured and not causing any problem in both cases. I was contemplating the possibility that it could be some difference in the config line for localhost vs anything else, but i made them identical as well. and it doesn't help :( 127.:allow,RELAYCLIENT="",DKSIGN="/var/qmail/control/domainkeys/%/private",RBLSMTPD="",NOP0FCHECK="1" 192.168.1.60:allow,RELAYCLIENT="",DKSIGN="/var/qmail/control/domainkeys/%/private",RBLSMTPD="",NOP0FCHECK="1" :allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="50",CHKUSER_WRONGRCPTLIMIT="10",DKSIGN="/var/qmail/control/domainkeys/%/private" On 12/28/2010 02:36 AM, Anil Aliyan wrote: Is your tcp.smtp configuration for localhost or mailserver and you client has the same configuration? This is on the right track. The 'stock' configuration for squirrelmail presently uses an open relay configuration for localhost, with no authentication (this will hopefully change in v2). For the sake of consistency (and a little better security), I change my SM config to submit via port 587 and authenticate, and remove the 127.: line from tcp.smtp. See http://wiki.qmailtoaster.com/index.php/Fetchmail for such SM configuration. I expect that this will not fix your problem, and will cause the problem to exist with SM as well as Outlook. There's something to be said for consistency. ;) How have you implemented DK? The 'stock' configuration is a bit flakey. I think that there is a DKIM implementation that works well, although I haven't used it personally yet. I would look into DKIM (as opposed to using DK) if you haven't already. Have you configured SPF records for your clients network in your DNS records? Shouldn't need this, as SPF has to do with the server which sends the message, not client (origin) addresses. Regards, Anil Aliyan Thanks for your input, Anil. I'll let you help Yuri on this further. -Original Message- From: ya...@ardmail.com [mailto:ya...@ardmail.com] Sent: 28 December 2010 14:36 To: qmailtoaster-list@qmailtoaster.com Subject: [qmailtoaster] Strange Behavior of Domainkey Hello, I noticed very strange behavior of domainkey with yahoo :( if i am sending the mail from squirrelmail everything works and yahoo passing the signature. if i am sending the same mail from outlook client yahoo says the signature is bad. is this a problem of my configuration? Any help will be appreciated. Thanks, ~yuri - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today!
Re: [qmailtoaster] Re: Strange Behavior of Domainkey
SPF is configured and not causing any problem in both cases. I was contemplating the possibility that it could be some difference in the config line for localhost vs anything else, but i made them identical as well. and it doesn't help :( 127.:allow,RELAYCLIENT="",DKSIGN="/var/qmail/control/domainkeys/%/private",RBLSMTPD="",NOP0FCHECK="1" 192.168.1.60:allow,RELAYCLIENT="",DKSIGN="/var/qmail/control/domainkeys/%/private",RBLSMTPD="",NOP0FCHECK="1" :allow,BADMIMETYPE="",BADLOADERTYPE="M",CHKUSER_RCPTLIMIT="50",CHKUSER_WRONGRCPTLIMIT="10",DKSIGN="/var/qmail/control/domainkeys/%/private" > On 12/28/2010 02:36 AM, Anil Aliyan wrote: >> Is your tcp.smtp configuration for localhost or mailserver and you >> client >> has the same configuration? > > This is on the right track. The 'stock' configuration for squirrelmail > presently uses an open relay configuration for localhost, with no > authentication (this will hopefully change in v2). For the sake of > consistency (and a little better security), I change my SM config to > submit via port 587 and authenticate, and remove the 127.: line from > tcp.smtp. See http://wiki.qmailtoaster.com/index.php/Fetchmail for such > SM configuration. > > I expect that this will not fix your problem, and will cause the problem > to exist with SM as well as Outlook. There's something to be said for > consistency. ;) > > How have you implemented DK? The 'stock' configuration is a bit flakey. > I think that there is a DKIM implementation that works well, although I > haven't used it personally yet. I would look into DKIM (as opposed to > using DK) if you haven't already. > >> Have you configured SPF records for your clients network in your DNS >> records? > > Shouldn't need this, as SPF has to do with the server which sends the > message, not client (origin) addresses. > >> Regards, >> >> Anil Aliyan > > Thanks for your input, Anil. I'll let you help Yuri on this further. > >> -Original Message- >> From: ya...@ardmail.com [mailto:ya...@ardmail.com] >> Sent: 28 December 2010 14:36 >> To: qmailtoaster-list@qmailtoaster.com >> Subject: [qmailtoaster] Strange Behavior of Domainkey >> >> >> Hello, >> >> I noticed very strange behavior of domainkey with yahoo :( if i am >> sending >> the mail from squirrelmail everything works and yahoo passing the >> signature. >> if i am sending the same mail from outlook client yahoo says the >> signature >> is bad. >> >> is this a problem of my configuration? >> Any help will be appreciated. >> >> Thanks, >> >> ~yuri >> >> >> >> >> - >> Qmailtoaster is sponsored by Vickers Consulting Group >> (www.vickersconsulting.com) >> Vickers Consulting Group offers Qmailtoaster support and >> installations. >>If you need professional help with your setup, contact them >> today! >> >> - >> Please visit qmailtoaster.com for the latest news, updates, and >> packages. >> >>To unsubscribe, e-mail: >> qmailtoaster-list-unsubscr...@qmailtoaster.com >> For additional commands, e-mail: >> qmailtoaster-list-h...@qmailtoaster.com >> >> >> >> >> - >> Qmailtoaster is sponsored by Vickers Consulting Group >> (www.vickersconsulting.com) >> Vickers Consulting Group offers Qmailtoaster support and >> installations. >>If you need professional help with your setup, contact them >> today! > > > -- > -Eric 'shubes' > > > - > Qmailtoaster is sponsored by Vickers Consulting Group > (www.vickersconsulting.com) > Vickers Consulting Group offers Qmailtoaster support and > installations. > If you need professional help with your setup, contact them today! > - > Please visit qmailtoaster.com for the latest news, updates, and > packages. > > To unsubscribe, e-mail: > qmailtoaster-list-unsubscr...@qmailtoaster.com > For additional commands, e-mail: > qmailtoaster-list-h...@qmailtoaster.com > > > - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Re: Strange Behavior of Domainkey
On 12/28/2010 02:36 AM, Anil Aliyan wrote: Is your tcp.smtp configuration for localhost or mailserver and you client has the same configuration? This is on the right track. The 'stock' configuration for squirrelmail presently uses an open relay configuration for localhost, with no authentication (this will hopefully change in v2). For the sake of consistency (and a little better security), I change my SM config to submit via port 587 and authenticate, and remove the 127.: line from tcp.smtp. See http://wiki.qmailtoaster.com/index.php/Fetchmail for such SM configuration. I expect that this will not fix your problem, and will cause the problem to exist with SM as well as Outlook. There's something to be said for consistency. ;) How have you implemented DK? The 'stock' configuration is a bit flakey. I think that there is a DKIM implementation that works well, although I haven't used it personally yet. I would look into DKIM (as opposed to using DK) if you haven't already. Have you configured SPF records for your clients network in your DNS records? Shouldn't need this, as SPF has to do with the server which sends the message, not client (origin) addresses. Regards, Anil Aliyan Thanks for your input, Anil. I'll let you help Yuri on this further. -Original Message- From: ya...@ardmail.com [mailto:ya...@ardmail.com] Sent: 28 December 2010 14:36 To: qmailtoaster-list@qmailtoaster.com Subject: [qmailtoaster] Strange Behavior of Domainkey Hello, I noticed very strange behavior of domainkey with yahoo :( if i am sending the mail from squirrelmail everything works and yahoo passing the signature. if i am sending the same mail from outlook client yahoo says the signature is bad. is this a problem of my configuration? Any help will be appreciated. Thanks, ~yuri - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! -- -Eric 'shubes' - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
RE: [qmailtoaster] Strange Behavior of Domainkey
Is your tcp.smtp configuration for localhost or mailserver and you client has the same configuration? Have you configured SPF records for your clients network in your DNS records? Regards, Anil Aliyan -Original Message- From: ya...@ardmail.com [mailto:ya...@ardmail.com] Sent: 28 December 2010 14:36 To: qmailtoaster-list@qmailtoaster.com Subject: [qmailtoaster] Strange Behavior of Domainkey Hello, I noticed very strange behavior of domainkey with yahoo :( if i am sending the mail from squirrelmail everything works and yahoo passing the signature. if i am sending the same mail from outlook client yahoo says the signature is bad. is this a problem of my configuration? Any help will be appreciated. Thanks, ~yuri - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
[qmailtoaster] Strange Behavior of Domainkey
Hello, I noticed very strange behavior of domainkey with yahoo :( if i am sending the mail from squirrelmail everything works and yahoo passing the signature. if i am sending the same mail from outlook client yahoo says the signature is bad. is this a problem of my configuration? Any help will be appreciated. Thanks, ~yuri - Qmailtoaster is sponsored by Vickers Consulting Group (www.vickersconsulting.com) Vickers Consulting Group offers Qmailtoaster support and installations. If you need professional help with your setup, contact them today! - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
