I am wrestling with the issues arising from Yahoo.com, and now AOL.com,
enforcing dkim for their addresses. Specifically we run a small number of
mailing lists using Mailman which have a large number of subscribers from both
these domains. As Mailman is configured to forward mail without altering
I should have provided this in my original post:
CentOS-6.5 (x86_64)
Postfix-2.6.6
Mailman-2.1.12
OpenDKIM-2.9.0
# postconf -n
alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
amavisd-new genrsa /path/to/domain1.com-dkim.key.pem 2048
Show the formatted value for DNS TXT record:
amavisd-new showkeys domain1.com
Marius.
-Original Message-
From: owner-postfix-us...@postfix.org
[mailto:owner-postfix-us...@postfix.org] On Behalf Of James B. Byrne
Sent: Monday, May
James B. Byrne:
> I am wrestling with the issues arising from Yahoo.com, and now AOL.com,
> enforcing dkim for their addresses. Specifically we run a small number of
> mailing lists using Mailman which have a large number of subscribers from both
> these domains. As Mailman is configured to forwa
On Mon, May 5, 2014 14:29, Marius Gologan wrote:
> I've noticed you are using amavisd-new. It can easily sign your messages.
>
> I'm showing what I use:
>
> cat /etc/amavis/conf.d/22-dkim
> use strict;
>
> $enable_dkim_signing = 1;
>
> dkim_key('domain1.com', 'dkim', '/path/to/domain1.com-dkim.k
Am 05.05.2014 20:45, schrieb James B. Byrne:
> Forgive me if I do not understand what you are trying to convey. We already
> have Postfix DKIM correctly signing emails originating in our domains and
> passing through our outgoing smtp gateway. The problem is that mail that
> comes to that host
On Mon, May 5, 2014 14:42, Wietse Venema wrote:
>
> The DMARC FAQ, specifically http://dmarc.org/faq.html#s_3, shows
> that there are different solutions with different pros and cons.
Yes, I am aware of that resource. In fact what I am trying to accomplish is a
variant of
B. Replace From: addre
On Mon, May 5, 2014 14:58, li...@rhsoft.net wrote:
>
>
> Am 05.05.2014 20:45, schrieb James B. Byrne:
>> Forgive me if I do not understand what you are trying to convey. We already
>> have Postfix DKIM correctly signing emails originating in our domains and
>> passing through our outgoing smtp ga
Am 05.05.2014 21:17, schrieb James B. Byrne:
> On Mon, May 5, 2014 14:58, li...@rhsoft.net wrote:
>>
>> Am 05.05.2014 20:45, schrieb James B. Byrne:
>>> Forgive me if I do not understand what you are trying to convey. We already
>>> have Postfix DKIM correctly signing emails originating in our d
James B. Byrne:
> I was not expecting any alteration to the existing software since I presumed
> that my problem was in essence simply a configuration issue beyond my current
> ability to diagnose. It seems to me though that if the Postfix handoff to
> Mailman could be configured to resubmit the f
On Mon, May 5, 2014 15:21, li...@rhsoft.net wrote:
>
> as said: you need a recent mailman version
>
> http://marc.info/?l=centos&m=139886198321420&w=2
>
I see no useful purpose to referring me to one of my own posts looking for
said, and non-existent for the moment, "recent" mailman edition. I d
Am 05.05.2014 21:28, schrieb James B. Byrne:
>
> On Mon, May 5, 2014 15:21, li...@rhsoft.net wrote:
>>
>> as said: you need a recent mailman version
>>
>> http://marc.info/?l=centos&m=139886198321420&w=2
>>
>
> I see no useful purpose to referring me to one of my own posts looking for
> said, a
On Mon, 5 May 2014, James B. Byrne wrote:
And although I have not the life expectancy to read them all I have found and
read many. And I never said that it was a Postfix PROBLEM. I thought that
asked if it were not possible to configure Mailman with Postfix so that
Mailman's forwarded messages
he message appears as from @gmail.com @yahoo.com is no point in DKIM.
Marius.
-Original Message-
From: James B. Byrne [mailto:byrn...@harte-lyne.ca]
Sent: Monday, May 5, 2014 9:46 PM
To: Postfix users
Cc: Marius Gologan
Subject: RE: Getting DKIM to work with Mailman and Postfix
On Mon, May 5,
On Mon, May 5, 2014 15:38, Larry Stone wrote:
> On Mon, 5 May 2014, James B. Byrne wrote:
> And despite your claim that you told
> Mailman to send to port 587 instead (no proof provided), you must not have
> done what you thought you did. But the Mailman list is the place for what
> you need.
>
On Mon, May 5, 2014 15:22, Wietse Venema wrote:
> What program is being used to sign the mail?
opendkim
>
> For this program to sign mailman submissions, those submissions
> must follow a path that runs through that same program. What evidence
> do you have that mail is actually following that
James B. Byrne:
> On Mon, May 5, 2014 15:22, Wietse Venema wrote:
>
> > What program is being used to sign the mail?
>
> opendkim
>
> >
> > For this program to sign mailman submissions, those submissions
> > must follow a path that runs through that same program. What evidence
> > do you have th
On Mon, May 05, 2014 at 04:55:42PM -0400, James B. Byrne wrote:
> And that is the expected and necessary behaviour I realize upon reflection.
The DMARC specifications should have allowed the Sender: header to
preempt From:, it did not. Expected yes, can't say I am willing
to call this mistake "
On Mon, 2014-05-05 at 13:11:31 -0400, James B. Byrne wrote:
> I am wrestling with the issues arising from Yahoo.com, and now
> AOL.com, enforcing dkim for their addresses. Specifically we run a
> small number of mailing lists using Mailman which have a large number
> of subscribers from both thes
On Mon, May 5, 2014 22:23, Sahil Tandon wrote:
> On Mon, 2014-05-05 at 13:11:31 -0400, James B. Byrne wrote:
>
>> I am wrestling with the issues arising from Yahoo.com, and now
>> AOL.com, enforcing dkim for their addresses. Specifically we run a
>> small number of mailing lists using Mailman whi
On Mon, May 5, 2014 17:50, Wietse Venema wrote:
>
> Well nothing works without correct configuration. Is your SMTP
> server correctly set up to sign local submissions on 127.0.0.1
> and the TCP port that mailman is talking to?
>
> You'd have to verify that first. Only then does it make sense
> t
James B. Byrne:
> > Well nothing works without correct configuration. Is your SMTP
> > server correctly set up to sign local submissions on 127.0.0.1
> > and the TCP port that mailman is talking to?
> >
> > You'd have to verify that first. Only then does it make sense
> > to try to make signing wo
On Tue, May 6, 2014 10:20, Wietse Venema wrote:
> James B. Byrne:
>> > Well nothing works without correct configuration. Is your SMTP
>> > server correctly set up to sign local submissions on 127.0.0.1
>> > and the TCP port that mailman is talking to?
>> >
>> > You'd have to verify that first. On
James B. Byrne:
> >> This is my MSA configuration in Master.cf
> >>
> >> submission inet n - n - - smtpd -v
[...]
Wietse:
[have you ever used this with mailman before?]
James B. Byrne:
> I never tried before this incident and that attempt failed as I previously
> rep
On Tue, May 6, 2014 10:53, Wietse Venema wrote:
> James B. Byrne:
>> >> This is my MSA configuration in Master.cf
>> >>
>> >> submission inet n - n - - smtpd -v
> [...]
>
> Wietse:
> [have you ever used this with mailman before?]
>
> James B. Byrne:
>> I never tried b
On Tue, May 6, 2014 10:53, Wietse Venema wrote:
>
> master.cf:
> 127.0.0.1:26 inet n - n - - smtpd
> -o smtpd_tls_security_level=none
> -o smtpd_sasl_auth_enable=no
> -o smtpd_client_restrictions=
> -o smtpd_helo_restrictions=
> -o s
26 matches
Mail list logo
