Am 10.08.21 13:29 schrieb latincom@vcn.bc.ca:
> > On Tue, 2021-08-10 at 04:32 -0700, latincom@vcn.bc.ca wrote:
> >> > On Aug 10 01:52:57, latincom@vcn.bc.ca wrote:
> >> > > > - smtpd had its first commit in 2008 and back then was far from
> >> > > > Â production ready: So are you using base smtpd, or sendmail, or
> >> > > > Â something else?
> >> > >
> >> > > Yes, 2000 it was sendmail, nginx, apache, smtpd if i remember
> >> correctly;
> >> > > but my question is:
> >> > >
> >> > > "Could someone please point me to specific openbsd place to look for
> >> > > it?"
> >> >
> >> > To look for what? smtpd documentation? man smtpd, man spmtpd.conf,
> >> > there's a dkim example right there.
> >>
> >> Jay in this case it looks out of context, because it is a question after
> >> the explanation! Look for understandable (my level) information related
> >> to
> >> dkim, dmarc, and spf! My field is agriculture!
> >>
> >> >
> >> > > > - I assume it's related to outbound mail, but even that is not
> >> > > > Â completely clear to me.
> >> > >
> >> > > No, it is the complete behaviour of dkim, dmarc, and spf. i got 0/10
> >> at
> >> > > this page: https://www.mail-tester.com/Â and yes, i can receive
> >> mail, but
> >> > > mine is considered spam!
> >> >
> >> > The fact that and arbitrary third site "tester" gives you this score
> >> > or another can mean a lot of things. Nobody has seen your DNS or a
> >> > single line of your conig yet, so it's hard to help you really.
> >> >
> >>
> >> Well, i never said that it is the last word! I am asking for clear
> >> information for dkim, dmarc, spf, and now dkimproxy and anything related
> >> to send mail correctly; where correctly means "NO qualify my mail as
> >> spam"
> >>
> >> > > > - Did you just put a dkim txt record in DNS without any additional
> >> > > > Â configuration on your mailserver?
> >> > >
> >> > > ok: i have 2 servers: 1. managed by nsd, which obtained 9.7/10 at
> >> the
> >> > > same
> >> > > web page, not a problem; 2. vultr managed by their dns app, here i
> >> am
> >> > > not
> >> > > able to make it work correctly. What should be the additional
> >> > > configuration on the mail server please?
> >> >
> >> > What mail server?
> >> > What "additional" configuration?
> >>
> >> This server:
> >> > > > - Did you just put a dkim txt record in DNS without any additional
> >> > > > Â configuration on your mailserver?
> >>
> >> >
> >> > If you want help with a mail config,
> >> > you need to show your mail config.
> >> >
> >>
> >> No problem:
> >> I am used to use only the base system.
> >>
> >> #Â Â Â Â Â Â Â $OpenBSD: smtpd.conf,v 1.14 2019/11/26 20:14:38 gilles
> >> Exp $
> >>
> >> # This is the smtpd server system-wide configuration file.
> >> # See smtpd.conf(5) for more information.
> >>
> >> table aliases file:/etc/mail/aliases
> >>
> >> listen on socket
> >>
> >> # To accept external mail, replace with: listen on all
> >> #
> >> listen on all filter "dkimsign"
> >>
> >> action "local_mail" mbox alias <aliases>
> >> action "outbound" relay
> >>
> >> # Uncomment the following to accept external mail for domain
> >> "example.org"
> >> #
> >> # match from any for domain "example.org" action "local_mail"
> >> match from any for domain "agroena.org" action "local_mail"
> >> match from local for local action "local_mail"
> >> match from local for any action "outbound"
> >>
> >> # dkim
> >> filter "dkimsign" proc-exec "filter-dkimsign -d agroena.org -s s1 -k
> >> /etc/mail/dkim/private.key" user _dkimsign group _dkimsign
> >>
> >>
> > So assuming that you actually installed opensmtpd-filter-dkimsign and
> > everything starts okay, you haven't put the public key in the DNS like
> > you claimed in your original e-mail.
> > $ dig +short txt s1._domainkey.agroena.org
> > $
> >
>
> I am not sure if it is a problem, but the selector is: mail.
>
> $ dig +short txt mail._domainkey.agroena.org
> "k=rsa; t=s; h=sha256;
> p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDOGOPbZVPidt2KCGqb38+OOD/cIZZnkpMY67oUPAfjVzP7vjJnxeTUOYtuQPTYv3whE6dwRSDwdw96DELKTjbaJ8DMEDFxbeqZxFl4EivuxuIwRSJVZQ36ed+TnfrPxLQowcno3kIh9je3t2VQ7GfD4WJfPD2GzfVljcTmJP3gNQIDAQAB"
>
>
First you should match the selectors name.
Either by telling the filter to use the key in selector "mail"
or by changing the selectors name in DNS to "s1"
Then you can debug further (e.g. your public key in DNS should match
/etc/mail/dkim/private.key)
No comments:
Post a Comment