Re: [qmailtoaster] Can anyone point me to QTP for QMT .13, Centos 4.6
On 05/21/2012 07:50 AM, Ev Batey WA6CRE wrote: Just upgraded, QMT, Centos, iron and location. I'm hoping someone has a link, how-to, on migrating qmt-mail-folders, users, lists, aliases. Failed to be recognized when scp -rp from oldhost:/home/vpopmail/domains/eachone to newhost:/same... I'm also getting no MX records found going one way. Inbound mail not -- - - Please visit qmailtoaster.com for the latest news, updates, and packages. To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com - To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
Re: [qmailtoaster] Can anyone
That's a good guess, either that or SPF. DK and SPF errors don't log any indication of rejection at the receiving server (unless you've installed Alexey's very cool patch). I'm very eager to see EE roll Alexey's patches into the toaster. Kyle Quillen wrote: Shed some light on this situation. I have just installed a fresh new server for a client but it seems to not be working they way it should I get this when I try to send out. Could this be something with the domain keys? i. This is the qmail-send program at mail.hwy39.net. I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out. [EMAIL PROTECTED]: User and password not set, continuing without authentication. [EMAIL PROTECTED] 12.168.80.5 failed after I sent the message. Remote host said: 554 mail server permanently rejected message (#5.3.0) --- Below this line is a copy of the message. Return-Path: [EMAIL PROTECTED] Received: (qmail 17463 invoked by uid 89); 20 Dec 2006 16:48:16 - Comment: DomainKeys? See http://antispam.yahoo.com/domainkeys DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=private; d=hwy39.net; b=RbMLlNZ2VFlaAJTl+P8pj0ZPXc/y52dqczdV4QzKizY1mEcdCrMzfeS276jR6uD/ ; Received: from unknown (HELO 12.168.80.126) (127.0.0.1) by mail.hwy39.net with SMTP; 20 Dec 2006 16:48:16 - Received: from 12.168.80.3 (SquirrelMail authenticated user [EMAIL PROTECTED]) by 12.168.80.126 with HTTP; Wed, 20 Dec 2006 11:48:16 -0500 (EST) Message-ID: [EMAIL PROTECTED] Date: Wed, 20 Dec 2006 11:48:16 -0500 (EST) Subject: test From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] User-Agent: SquirrelMail/1.4.8-1.3.4 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal test my man test Thanks much Q - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Can anyone
Greetings, Kyle. On 20 декабря 2006 г., 19:52:18 you wrote: Shed some light on this situation. I have just installed a fresh new server for a client but it seems to not be working they way it should I get this when I try to send out. Could this be something with the domain keys? i. This is the qmail-send program at mail.hwy39.net. I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out. [EMAIL PROTECTED]: User and password not set, continuing without authentication. [EMAIL PROTECTED] 12.168.80.5 failed after I sent the message. Remote host said: 554 mail server permanently rejected message (#5.3.0) --- Below this line is a copy of the message. Return-Path: [EMAIL PROTECTED] Received: (qmail 17463 invoked by uid 89); 20 Dec 2006 16:48:16 - Comment: DomainKeys? See http://antispam.yahoo.com/domainkeys DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=private; d=hwy39.net; b=RbMLlNZ2VFlaAJTl+P8pj0ZPXc/y52dqczdV4QzKizY1mEcdCrMzfeS276jR6uD/ ; Received: from unknown (HELO 12.168.80.126) (127.0.0.1) by mail.hwy39.net with SMTP; 20 Dec 2006 16:48:16 - Received: from 12.168.80.3 (SquirrelMail authenticated user [EMAIL PROTECTED]) by 12.168.80.126 with HTTP; Wed, 20 Dec 2006 11:48:16 -0500 (EST) Message-ID: [EMAIL PROTECTED] Date: Wed, 20 Dec 2006 11:48:16 -0500 (EST) Subject: test From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] User-Agent: SquirrelMail/1.4.8-1.3.4 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal test my man test Thanks much Looks like qmail-dk trouble. Fast fix is: # cd /var/qmail/bin # rm -f qmail-queue; ln -s qmail-queue.orig qmail-queue For more info, read more on it here: http://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg09460.html http://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg09841.html -- Best regards, Alexey Loukianov mailto:[EMAIL PROTECTED] System Engineer, IT Department, Lavtech Corp - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Can anyone
On Wed, 2006-12-20 at 20:18 +0300, Alexey Loukianov wrote: Greetings, Kyle. On 20 декабря 2006 г., 19:52:18 you wrote: Shed some light on this situation. I have just installed a fresh new server for a client but it seems to not be working they way it should I get this when I try to send out. Could this be something with the domain keys? i. This is the qmail-send program at mail.hwy39.net. I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out. [EMAIL PROTECTED]: User and password not set, continuing without authentication. [EMAIL PROTECTED] 12.168.80.5 failed after I sent the message. Remote host said: 554 mail server permanently rejected message (#5.3.0) --- Below this line is a copy of the message. Return-Path: [EMAIL PROTECTED] Received: (qmail 17463 invoked by uid 89); 20 Dec 2006 16:48:16 - Comment: DomainKeys? See http://antispam.yahoo.com/domainkeys DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=private; d=hwy39.net; b=RbMLlNZ2VFlaAJTl+P8pj0ZPXc/y52dqczdV4QzKizY1mEcdCrMzfeS276jR6uD/ ; Received: from unknown (HELO 12.168.80.126) (127.0.0.1) by mail.hwy39.net with SMTP; 20 Dec 2006 16:48:16 - Received: from 12.168.80.3 (SquirrelMail authenticated user [EMAIL PROTECTED]) by 12.168.80.126 with HTTP; Wed, 20 Dec 2006 11:48:16 -0500 (EST) Message-ID: [EMAIL PROTECTED] Date: Wed, 20 Dec 2006 11:48:16 -0500 (EST) Subject: test From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] User-Agent: SquirrelMail/1.4.8-1.3.4 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal test my man test Thanks much Looks like qmail-dk trouble. Fast fix is: # cd /var/qmail/bin # rm -f qmail-queue; ln -s qmail-queue.orig qmail-queue For more info, read more on it here: http://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg09460.html http://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg09841.html Would this be done on the machine sending or the machine receiving because the machine receiving is working fine with dk turned on? Much thanks Q - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re[2]: [qmailtoaster] Can anyone
Greetings, Kyle. On 20 декабря 2006 г., 20:29:19 you wrote: On Wed, 2006-12-20 at 20:18 +0300, Alexey Loukianov wrote: Greetings, Kyle. On 20 декабря 2006 г., 19:52:18 you wrote: Shed some light on this situation. I have just installed a fresh new server for a client but it seems to not be working they way it should I get this when I try to send out. Could this be something with the domain keys? i. This is the qmail-send program at mail.hwy39.net. I'm afraid I wasn't able to deliver your message to the following addresses. This is a permanent error; I've given up. Sorry it didn't work out. [EMAIL PROTECTED]: User and password not set, continuing without authentication. [EMAIL PROTECTED] 12.168.80.5 failed after I sent the message. Remote host said: 554 mail server permanently rejected message (#5.3.0) --- Below this line is a copy of the message. Return-Path: [EMAIL PROTECTED] Received: (qmail 17463 invoked by uid 89); 20 Dec 2006 16:48:16 - Comment: DomainKeys? See http://antispam.yahoo.com/domainkeys DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=private; d=hwy39.net; b=RbMLlNZ2VFlaAJTl+P8pj0ZPXc/y52dqczdV4QzKizY1mEcdCrMzfeS276jR6uD/ ; Received: from unknown (HELO 12.168.80.126) (127.0.0.1) by mail.hwy39.net with SMTP; 20 Dec 2006 16:48:16 - Received: from 12.168.80.3 (SquirrelMail authenticated user [EMAIL PROTECTED]) by 12.168.80.126 with HTTP; Wed, 20 Dec 2006 11:48:16 -0500 (EST) Message-ID: [EMAIL PROTECTED] Date: Wed, 20 Dec 2006 11:48:16 -0500 (EST) Subject: test From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] User-Agent: SquirrelMail/1.4.8-1.3.4 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal test my man test Thanks much Looks like qmail-dk trouble. Fast fix is: # cd /var/qmail/bin # rm -f qmail-queue; ln -s qmail-queue.orig qmail-queue For more info, read more on it here: http://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg09460.html http://www.mail-archive.com/qmailtoaster-list@qmailtoaster.com/msg09841.html Would this be done on the machine sending or the machine receiving because the machine receiving is working fine with dk turned on? This should be done on the server side, host 12.168.80.5 in your case. -- Best regards, Alexey Loukianov mailto:[EMAIL PROTECTED] System Engineer, IT Department, Lavtech Corp - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re[2]: [qmailtoaster] Can anyone
Greetings, Kyle. On 20 декабря 2006 г., 20:29:19 you wrote: Would this be done on the machine sending or the machine receiving because the machine receiving is working fine with dk turned on? This also might give you an insight: [EMAIL PROTECTED] bin]# dktest -v Return-Path: [EMAIL PROTECTED] Received: (qmail 17463 invoked by uid 89); 20 Dec 2006 16:48:16 - Comment: DomainKeys? See http://antispam.yahoo.com/domainkeys DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=private; d=hwy39.net; b=RbMLlNZ2VFlaAJTl+P8pj0ZPXc/y52dqczdV4QzKizY1mEcdCrMzfeS276jR6uD/ ; Received: from unknown (HELO 12.168.80.126) (127.0.0.1) by mail.hwy39.net with SMTP; 20 Dec 2006 16:48:16 - Received: from 12.168.80.3 (SquirrelMail authenticated user [EMAIL PROTECTED]) by 12.168.80.126 with HTTP; Wed, 20 Dec 2006 11:48:16 -0500 (EST) Message-ID: [EMAIL PROTECTED] Date: Wed, 20 Dec 2006 11:48:16 -0500 (EST) Subject: test From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] User-Agent: SquirrelMail/1.4.8-1.3.4 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal test my man test Comment: DomainKeys? See http://domainkeys.sourceforge.net/ DomainKey-Status: no key dktest: DK_STAT_NOKEY: No public key available (permanent failure) I mean, your DK setup is wrong, there's no public DK key available, so it's impossible for server to check a message, and due to a bug in qmail-dk it gets bounced no matter the settings you've got in DKVERIFY environment variable on server. -- Best regards, Alexey Loukianov mailto:[EMAIL PROTECTED] System Engineer, IT Department, Lavtech Corp - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Re[2]: [qmailtoaster] Can anyone
On Wed, 2006-12-20 at 20:46 +0300, Alexey Loukianov wrote: Greetings, Kyle. On 20 декабря 2006 г., 20:29:19 you wrote: Would this be done on the machine sending or the machine receiving because the machine receiving is working fine with dk turned on? This also might give you an insight: [EMAIL PROTECTED] bin]# dktest -v Return-Path: [EMAIL PROTECTED] Received: (qmail 17463 invoked by uid 89); 20 Dec 2006 16:48:16 - Comment: DomainKeys? See http://antispam.yahoo.com/domainkeys DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=private; d=hwy39.net; b=RbMLlNZ2VFlaAJTl+P8pj0ZPXc/y52dqczdV4QzKizY1mEcdCrMzfeS276jR6uD/ ; Received: from unknown (HELO 12.168.80.126) (127.0.0.1) by mail.hwy39.net with SMTP; 20 Dec 2006 16:48:16 - Received: from 12.168.80.3 (SquirrelMail authenticated user [EMAIL PROTECTED]) by 12.168.80.126 with HTTP; Wed, 20 Dec 2006 11:48:16 -0500 (EST) Message-ID: [EMAIL PROTECTED] Date: Wed, 20 Dec 2006 11:48:16 -0500 (EST) Subject: test From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] User-Agent: SquirrelMail/1.4.8-1.3.4 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal test my man test Comment: DomainKeys? See http://domainkeys.sourceforge.net/ DomainKey-Status: no key dktest: DK_STAT_NOKEY: No public key available (permanent failure) I mean, your DK setup is wrong, there's no public DK key available, so it's impossible for server to check a message, and due to a bug in qmail-dk it gets bounced no matter the settings you've got in DKVERIFY environment variable on server. I think what I am getting is the fact that I don't have a domain key setup on the 80.5 address i think I will figure out how to do that then that might fix this issue. Thanks q - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re[4]: [qmailtoaster] Can anyone
Greetings, Kyle. On 20 декабря 2006 г., 20:51:57 you wrote: I think what I am getting is the fact that I don't have a domain key setup on the 80.5 address i think I will figure out how to do that then that might fix this issue. Consider this: [EMAIL PROTECTED] bin]# host -a gamma._domainkey.lavtech.ru Trying gamma._domainkey.lavtech.ru ;; -HEADER- opcode: QUERY, status: NOERROR, id: 26819 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3 ;; QUESTION SECTION: ;gamma._domainkey.lavtech.ru. IN ANY ;; ANSWER SECTION: gamma._domainkey.lavtech.ru. 89078 IN TXT t=y\; k=rsa\; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDffysEduzZf7/r0xxaAmTlKM2GEZKxkyLBYXIxL/xagheFlUIij2ukSF9ycOSKBqxde+VJuGWq5IfuR+qJg22LtPD5otTBmDAN1CherlwUYoAXwhbeII8nlk/UwUGdPsyRCMqrYs8Nu2TcF9Sm8yY1pKrkrmtZhr4P1PE7IQ/BrQIDAQAB ;; AUTHORITY SECTION: lavtech.ru. 604730 IN NS ns1.lavtech.ru. lavtech.ru. 604730 IN NS ns2.lavtech.ru. lavtech.ru. 604730 IN NS ns.lavtech.ru. ;; ADDITIONAL SECTION: ns.lavtech.ru. 67526 IN A 195.239.38.3 ns1.lavtech.ru. 67526 IN A 195.239.38.230 ns2.lavtech.ru. 67526 IN A 195.239.40.130 Received 389 bytes from 127.0.0.1#53 in 2 ms [EMAIL PROTECTED] bin]# host -a private._domainkey.hwy39.net Trying private._domainkey.hwy39.net Host private._domainkey.hwy39.net not found: 3(NXDOMAIN) Received 105 bytes from 127.0.0.1#53 in 1 ms First query is a query to my correctly settled up DNS server, second is the query to your, incorrect DK setup. That is the cause. -- Best regards, Alexey Loukianov mailto:[EMAIL PROTECTED] System Engineer, IT Department, Lavtech Corp - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Re[4]: [qmailtoaster] Can anyone
On Wed, 2006-12-20 at 21:01 +0300, Alexey Loukianov wrote: Greetings, Kyle. On 20 декабря 2006 г., 20:51:57 you wrote: I think what I am getting is the fact that I don't have a domain key setup on the 80.5 address i think I will figure out how to do that then that might fix this issue. Consider this: [EMAIL PROTECTED] bin]# host -a gamma._domainkey.lavtech.ru Trying gamma._domainkey.lavtech.ru ;; -HEADER- opcode: QUERY, status: NOERROR, id: 26819 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 3, ADDITIONAL: 3 ;; QUESTION SECTION: ;gamma._domainkey.lavtech.ru. IN ANY ;; ANSWER SECTION: gamma._domainkey.lavtech.ru. 89078 IN TXT t=y\; k=rsa\; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDffysEduzZf7/r0xxaAmTlKM2GEZKxkyLBYXIxL/xagheFlUIij2ukSF9ycOSKBqxde+VJuGWq5IfuR+qJg22LtPD5otTBmDAN1CherlwUYoAXwhbeII8nlk/UwUGdPsyRCMqrYs8Nu2TcF9Sm8yY1pKrkrmtZhr4P1PE7IQ/BrQIDAQAB ;; AUTHORITY SECTION: lavtech.ru. 604730 IN NS ns1.lavtech.ru. lavtech.ru. 604730 IN NS ns2.lavtech.ru. lavtech.ru. 604730 IN NS ns.lavtech.ru. ;; ADDITIONAL SECTION: ns.lavtech.ru. 67526 IN A 195.239.38.3 ns1.lavtech.ru. 67526 IN A 195.239.38.230 ns2.lavtech.ru. 67526 IN A 195.239.40.130 Received 389 bytes from 127.0.0.1#53 in 2 ms [EMAIL PROTECTED] bin]# host -a private._domainkey.hwy39.net Trying private._domainkey.hwy39.net Host private._domainkey.hwy39.net not found: 3(NXDOMAIN) Received 105 bytes from 127.0.0.1#53 in 1 ms First query is a query to my correctly settled up DNS server, second is the query to your, incorrect DK setup. That is the cause. So i am correct in stating that I need to setup a record in dns for the domain key. Do I use the private key that is in the /var/qmail/control/domainkeys/hwy39.net or do I have to create a public one. Further more do I just insert this in the zone config or do i need to create a seperate file. Once I get into keys such as ssl and etc I seem to get in over my head at least at this point. Thanks Q - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Re[4]: [qmailtoaster] Can anyone
On Wed, 2006-12-20 at 13:17 -0500, Kyle Quillen wrote: So i am correct in stating that I need to setup a record in dns for the domain key. Do I use the private key that is in the /var/qmail/control/domainkeys/hwy39.net or do I have to create a public one. Further more do I just insert this in the zone config or do i need to create a seperate file. This is one thing where the documentation falls down. I had the same issue. Bottom line. You need two TXT records in your DNS. The first will be an entry for _domainkey in your hwy39.net zone. It tells the other mail servers what your domainkey policy is. Mine contains o=-\; [EMAIL PROTECTED] The o means the domain signs all email and the r is the responsible party address. The second DNS entry is a text record containing your public key. If you followed the directions verbatim you should have a directory /var/qmail/control/domainkeys/hw39.net In that directory you will have two files. One is called private the other is hwy39.net-dk.txt. The txt file is the public key to put in the DNS entry. You will create an entry called private._domainkey with the TXT value in the file. The reason it is called private is because that is the name on your private key. If you send out mail under other domain names you will need to create a directory and key under domainkeys for each domain you handle. Took me a couple of minutes to figure that one out. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Re[4]: [qmailtoaster] Can anyone
On Wed, 2006-12-20 at 10:35 -0800, Vince Callaway wrote: On Wed, 2006-12-20 at 13:17 -0500, Kyle Quillen wrote: So i am correct in stating that I need to setup a record in dns for the domain key. Do I use the private key that is in the /var/qmail/control/domainkeys/hwy39.net or do I have to create a public one. Further more do I just insert this in the zone config or do i need to create a seperate file. This is one thing where the documentation falls down. I had the same issue. Bottom line. You need two TXT records in your DNS. The first will be an entry for _domainkey in your hwy39.net zone. It tells the other mail servers what your domainkey policy is. Mine contains o=-\; [EMAIL PROTECTED] The o means the domain signs all email and the r is the responsible party address. The second DNS entry is a text record containing your public key. If you followed the directions verbatim you should have a directory /var/qmail/control/domainkeys/hw39.net In that directory you will have two files. One is called private the other is hwy39.net-dk.txt. The txt file is the public key to put in the DNS entry. You will create an entry called private._domainkey with the TXT value in the file. The reason it is called private is because that is the name on your private key. If you send out mail under other domain names you will need to create a directory and key under domainkeys for each domain you handle. Took me a couple of minutes to figure that one out. I see where I goofed now I did not take of the \ when i created the new domain key. Before in the domainkeys dir i only had private now i have hwy39.net-dk.txt and private. So now the only area that I am grey on is how do I implement this into my bind authoratative dns servers. As soon as I am done with this I am going to update the wiki with more detailed instructions. Thanks Q - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Re[4]: [qmailtoaster] Can anyone
Hi Kyle, Edit the domain name record in /var/named/chroot/var/named/ for your domain which is hwt39.net (I believe) and add a new TXT entry for the domain. Eg. private._domainkey IN TXT k=rsa; p=MEwwDQYp=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDffysEduzZf7/r0xxaAmTlKM2GE ZKxkyLBYXIxL/xagheFlUIij2ukSF9ycOSKBqxde+VJuGWq5IfuR+qJg22LtPD5otTBmDAN1Cher lwUYoAXwhbeII8nlk/UwUGdPsyRCMqrYs8Nu2TcF9Sm8yY1pKrkrmtZhr4P1PE7IQ/BrQIDAQAB IMPORTANT NOTE: You must include the quotation marks Then save and quit the file and finally restart bind. If you are running multiple bind servers and both are authoritative then add an entry into both of them. Don't forget to change the serial for the domain!! Regards, Rangi -Original Message- From: Kyle Quillen [mailto:[EMAIL PROTECTED] Sent: Thursday, 21 December 2006 7:47 a.m. To: qmailtoaster-list@qmailtoaster.com Subject: Re: Re[4]: [qmailtoaster] Can anyone On Wed, 2006-12-20 at 10:35 -0800, Vince Callaway wrote: On Wed, 2006-12-20 at 13:17 -0500, Kyle Quillen wrote: So i am correct in stating that I need to setup a record in dns for the domain key. Do I use the private key that is in the /var/qmail/control/domainkeys/hwy39.net or do I have to create a public one. Further more do I just insert this in the zone config or do i need to create a seperate file. This is one thing where the documentation falls down. I had the same issue. Bottom line. You need two TXT records in your DNS. The first will be an entry for _domainkey in your hwy39.net zone. It tells the other mail servers what your domainkey policy is. Mine contains o=-\; [EMAIL PROTECTED] The o means the domain signs all email and the r is the responsible party address. The second DNS entry is a text record containing your public key. If you followed the directions verbatim you should have a directory /var/qmail/control/domainkeys/hw39.net In that directory you will have two files. One is called private the other is hwy39.net-dk.txt. The txt file is the public key to put in the DNS entry. You will create an entry called private._domainkey with the TXT value in the file. The reason it is called private is because that is the name on your private key. If you send out mail under other domain names you will need to create a directory and key under domainkeys for each domain you handle. Took me a couple of minutes to figure that one out. I see where I goofed now I did not take of the \ when i created the new domain key. Before in the domainkeys dir i only had private now i have hwy39.net-dk.txt and private. So now the only area that I am grey on is how do I implement this into my bind authoratative dns servers. As soon as I am done with this I am going to update the wiki with more detailed instructions. Thanks Q - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Re[4]: [qmailtoaster] Can anyone
On Wed, 2006-12-20 at 10:35 -0800, Vince Callaway wrote: On Wed, 2006-12-20 at 13:17 -0500, Kyle Quillen wrote: So i am correct in stating that I need to setup a record in dns for the domain key. Do I use the private key that is in the /var/qmail/control/domainkeys/hwy39.net or do I have to create a public one. Further more do I just insert this in the zone config or do i need to create a seperate file. This is one thing where the documentation falls down. I had the same issue. Bottom line. You need two TXT records in your DNS. The first will be an entry for _domainkey in your hwy39.net zone. It tells the other mail servers what your domainkey policy is. Mine contains o=-\; [EMAIL PROTECTED] The o means the domain signs all email and the r is the responsible party address. The second DNS entry is a text record containing your public key. If you followed the directions verbatim you should have a directory /var/qmail/control/domainkeys/hw39.net In that directory you will have two files. One is called private the other is hwy39.net-dk.txt. The txt file is the public key to put in the DNS entry. You will create an entry called private._domainkey with the TXT value in the file. The reason it is called private is because that is the name on your private key. If you send out mail under other domain names you will need to create a directory and key under domainkeys for each domain you handle. Took me a couple of minutes to figure that one out. Ok I think I have this figured out now would just like to know for sure before i go entering into my dns zone files my txt records would look like this _domainkey IN TXT o=-\; [EMAIL PROTECTED] private._domainkey IN TXT k=rsa;p=MEwwDQYJKoZI Only the second line would be with the full key and the quotes closed? Thanks Q - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Re[4]: [qmailtoaster] Can anyone
Correct!! -Original Message- From: Kyle Quillen [mailto:[EMAIL PROTECTED] Sent: Thursday, 21 December 2006 8:00 a.m. To: qmailtoaster-list@qmailtoaster.com Subject: Re: Re[4]: [qmailtoaster] Can anyone On Wed, 2006-12-20 at 10:35 -0800, Vince Callaway wrote: On Wed, 2006-12-20 at 13:17 -0500, Kyle Quillen wrote: So i am correct in stating that I need to setup a record in dns for the domain key. Do I use the private key that is in the /var/qmail/control/domainkeys/hwy39.net or do I have to create a public one. Further more do I just insert this in the zone config or do i need to create a seperate file. This is one thing where the documentation falls down. I had the same issue. Bottom line. You need two TXT records in your DNS. The first will be an entry for _domainkey in your hwy39.net zone. It tells the other mail servers what your domainkey policy is. Mine contains o=-\; [EMAIL PROTECTED] The o means the domain signs all email and the r is the responsible party address. The second DNS entry is a text record containing your public key. If you followed the directions verbatim you should have a directory /var/qmail/control/domainkeys/hw39.net In that directory you will have two files. One is called private the other is hwy39.net-dk.txt. The txt file is the public key to put in the DNS entry. You will create an entry called private._domainkey with the TXT value in the file. The reason it is called private is because that is the name on your private key. If you send out mail under other domain names you will need to create a directory and key under domainkeys for each domain you handle. Took me a couple of minutes to figure that one out. Ok I think I have this figured out now would just like to know for sure before i go entering into my dns zone files my txt records would look like this _domainkey IN TXT o=-\; [EMAIL PROTECTED] private._domainkey IN TXT k=rsa;p=MEwwDQYJKoZI Only the second line would be with the full key and the quotes closed? Thanks Q - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
RE: Re[4]: [qmailtoaster] Can anyone
Correction. Both must be enclosed in quotation marks. -Original Message- From: Kyle Quillen [mailto:[EMAIL PROTECTED] Sent: Thursday, 21 December 2006 8:00 a.m. To: qmailtoaster-list@qmailtoaster.com Subject: Re: Re[4]: [qmailtoaster] Can anyone On Wed, 2006-12-20 at 10:35 -0800, Vince Callaway wrote: On Wed, 2006-12-20 at 13:17 -0500, Kyle Quillen wrote: So i am correct in stating that I need to setup a record in dns for the domain key. Do I use the private key that is in the /var/qmail/control/domainkeys/hwy39.net or do I have to create a public one. Further more do I just insert this in the zone config or do i need to create a seperate file. This is one thing where the documentation falls down. I had the same issue. Bottom line. You need two TXT records in your DNS. The first will be an entry for _domainkey in your hwy39.net zone. It tells the other mail servers what your domainkey policy is. Mine contains o=-\; [EMAIL PROTECTED] The o means the domain signs all email and the r is the responsible party address. The second DNS entry is a text record containing your public key. If you followed the directions verbatim you should have a directory /var/qmail/control/domainkeys/hw39.net In that directory you will have two files. One is called private the other is hwy39.net-dk.txt. The txt file is the public key to put in the DNS entry. You will create an entry called private._domainkey with the TXT value in the file. The reason it is called private is because that is the name on your private key. If you send out mail under other domain names you will need to create a directory and key under domainkeys for each domain you handle. Took me a couple of minutes to figure that one out. Ok I think I have this figured out now would just like to know for sure before i go entering into my dns zone files my txt records would look like this _domainkey IN TXT o=-\; [EMAIL PROTECTED] private._domainkey IN TXT k=rsa;p=MEwwDQYJKoZI Only the second line would be with the full key and the quotes closed? Thanks Q - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Re[4]: [qmailtoaster] Can anyone
On Wed, 2006-12-20 at 13:59 -0500, Kyle Quillen wrote: _domainkeyIN TXT o=-\; [EMAIL PROTECTED] You can remove the \ and it needs to be enclosed in quotes. private._domainkey IN TXT k=rsa;p=MEwwDQYJKoZI Only the second line would be with the full key and the quotes closed? Correct. - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Re[6]: [qmailtoaster] Can anyone
well shit how the hell do i create the public key then On Wed, 2006-12-20 at 23:19 +0300, Alexey Loukianov wrote: - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Re[6]: [qmailtoaster] Can anyone
Sorry, This is just getting kinda frustrating just becuase i am at a learning curve here with this whole keys thing. Thanks Q On Wed, 2006-12-20 at 15:25 -0500, Kyle Quillen wrote: well shit how the hell do i create the public key then On Wed, 2006-12-20 at 23:19 +0300, Alexey Loukianov wrote: - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re[8]: [qmailtoaster] Can anyone
Greetings, Kyle. On 20 декабря 2006 г., 23:25:36 you wrote: Normally you will generate keys like this: # cd ~ # dknewkey myserverkey 1024 myserverkey._domainkey IN TXT k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDtXq1/gjQ4iXnytD7bff5P1BWqkAQN0qjwgDn9rYWyywEze97jPnIX3dWYRxRU8vxTbwWoFnWF8+oJQz4NILfZ5QD/EeopTIjRtNAXNCCN2FtmnIiSbxzF7SpPpROEQ37kZaUcgYGsiL97///cJ1YQTCAQ8xnNKNtTyqDj++3E8QIDAQAB # ls mys* myserverkey # chmod 0600 myserverkey That's it. Copy to somewhere the output from dknewkey - that is your public key. Head on to your domains' zone file and edit it inserting the line you're copied somewhere. Don't forget to increment zone serial in SOA record, then check the zone file for spelling errors using named-checkzone (I assume that you're using Bind), and reload named using service named reload. Check if all is ok using: # host -a myserverkey._domainkey.your.domain.com To be totally DK-Draft-02 complaint you will also have to add _domainkey TXT record for your domain specifying your domain DK policy. Read more about it in the draft itself, I'm to lazy to write about it here :-). The file myserverkey contains the private key. Copy it to the /var/qmail/control/domainkeys/your.domain.com/ folder, head on to /etc/tcprules.d and edit tcp.smtp so your DKSIGN will look like this: DKSIGN=/var/qmail/control/domainkeys/%/myserverkey. Do # qmailctl cdb and you should be done. -- Best regards, Alexey Loukianov mailto:[EMAIL PROTECTED] System Engineer, IT Department, Lavtech Corp - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: Re[6]: [qmailtoaster] Can anyone
On Wed, 2006-12-20 at 12:41 -0800, Vince Callaway wrote: On Wed, 2006-12-20 at 23:19 +0300, Alexey Loukianov wrote: Private key is THE TOP SECRET YOU HAVE This is why I feel the documentation needs work. He is publishing the public key, but it is labeled private because that is what the docs say to use. I just read that in the docs before you sent this. Thanks for the clarification. I will update the Docs Later tonight Q - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re[8]: [qmailtoaster] Can anyone
Greetings, Vince. On 20 декабря 2006 г., 23:41:12 you wrote: Private key is THE TOP SECRET YOU HAVE This is why I feel the documentation needs work. He is publishing the public key, but it is labeled private because that is what the docs say to use. Agreed. Qmail DK documentation quality being ranged from pure to none. Someone with an adequate knowledge of English language should take a job of documenting it. Hope, here is somebody who want to do it, huh? -- Best regards, Alexey Loukianov mailto:[EMAIL PROTECTED] System Engineer, IT Department, Lavtech Corp - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
Re: [qmailtoaster] Can anyone
My apologies for the confusing documentation. I fleshed it out considerably from when I first set up domain keys, and was not much past the state that Kyle is in (confused). Perhaps private would be more appropriately named mydomain. A simplified explanation of the role of private and public keys would probably also be appropriate. Have at it! Kyle Quillen wrote: I have been taking notes on this whole thing and I am going to update as much as I know how hopefully that will help someone in the future thanks Q On Wed, 2006-12-20 at 23:49 +0300, Alexey Loukianov wrote: Greetings, Vince. On 20 декабря 2006 г., 23:41:12 you wrote: Private key is THE TOP SECRET YOU HAVE This is why I feel the documentation needs work. He is publishing the public key, but it is labeled private because that is what the docs say to use. Agreed. Qmail DK documentation quality being ranged from pure to none. Someone with an adequate knowledge of English language should take a job of documenting it. Hope, here is somebody who want to do it, huh? -- -Eric 'shubes' - QmailToaster hosted by: VR Hosted http://www.vr.org - To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]