LinkBack URL
About LinkBacksYour script is most likely using sendmail to send it's mail out, bypassing exim and it's dkim signing. You'll need to configure your script to send out via your smtp server instead.
Your script is most likely using sendmail to send it's mail out, bypassing exim and it's dkim signing. You'll need to configure your script to send out via your smtp server instead.
Thanks! I'll try that. I have no idea how to do it, but I guess that's a topic for another forum.
After a little research, I agree that the problem is that my script is using sendmail, but I no longer think the return-path being "nobody" has any effect because I noticed that either way I send it, Yahoo recognizes my domain name in its "authentication results" -- just not the domainkey when I use sendmail.
Therefore, does anyone know if there would be any problem installing sendmail's domainkey milter and using it in addition to using the one already supplied by cpanel. I'm assuming the result would be that there are two different keys generated and therefore two different DNS entries. I kinda got the idea from a domainkeys info site that this wouldn't be a problem, but I'm wondering if anyone has tried it and if it works. This way, no matter how I send an email, a domainkey is attached (I hope).
Update: I just discovered a PDF for a cPanel training seminar at http://trainingseminar.cpanel.net/sl...amAssassin.pdf
and it says the following:
"It is important to state that on cPanel Servers
sendmail is basically a symlink to the Exim binary,
therefore all sendmail calls are processed by Exim."
So I'm assuming that means that Sendmail isn't even on my server and installing the Domainkeys milter for Sendmail wouldn't work.
I guess that means that Domainkeys for cPanel isn't quite ready for primetime yet if it can't add a domainkey to a sendmail call.
I've performed this upgrade on my domain. First we upgraded cpanel to the latest.
I noticed that when it inserted the TXT record to the DNS it added the t=y flag. That means that the domain is "testing" domainkeys. Also emails sent to a gmail account from the system shows that gmail is honoring that setting via this header with the relevant portion bolded:
Authentication-Results: mx.google.com; spf=pass (google.com: domain of info@gradegenie.com designates 72.52.200.215 as permitted sender) smtp.mail=info@gradegenie.com; domainkeys=pass (test mode) header.From=info@gradegenie.com
However, mail is still dropping into the "junk" folder of domain. We also have SPF and reverse DNS set up correctly.
Does anyone know if this could be due to the "test" flag?
Thanks,
Dan
I'm assuming you mean it's still dropping in the junk mail folder of Yahoo. From my experience so far, having domainkeys doesn't help much on Yahoo.
Instead, get on their whitelist:
http://help.yahoo.com/l/us/yahoo/mai...ster/bulk.html
Once you're accepted, it doesn't matter if you have domainkeys or not.
Well, I applied for Yahoo whitelisting. Thanks for the link. A lot of their questions in the form are not really applicable for my site. We just use the email system for password resets, not bulk mailing. I suppose with time our IP reputation will go up.
Domain Keys on FreeBSD - and why I hate Yahoo
Here in New Zealand our biggest ISP, Xtra, have recently moved to have their emails handled by Yahoo... so, all of a sudden 10 days ago all our customers emails started to get put straight into the 'Bulk Mail' spam folder.
Here is a slightly long-winded list of steps I took to get Domain Keys working on FreeBSD with Exim.
At the start I want to say thanks to many of you for your suggestions on setting up Domain Keys. I had some annoying troubles which I will outline here with the solutions I found - hopfully it will help someone out who is having the same hassles.
My experience of setting up Domain Keys on FreeBSD with Exim
1. Upgrade cPanel
I upgraded cPanel to 11 Current.
2. Run domain_keys_installer Script
Tried to run the following install script: /usr/local/cpanel/bin/domain_keys_installer <username for cpanel>
but got the following error: "Domain Keys are not installed on this machine"
3. Configured Exim port and reinstalled Exim
Added the following line to /etc/make.conf as a defult option when making ports (in this case for exim in particular): WITH_DOMAINKEYS=yes
Then I ran the following script to rebuild and reinstall exim /scripts/eximup --force
4. Tested
At this stage exim was installed with the Domain Keys, but I still got the same error listed when I ran the command in step 2 above - "Domain Keys are not installed on this machine"
5. Backed up exim configuration
Backed up my my Exim configuration from /etc/exim.conf and /usr/local/etc/exim/configure.
I didn't actually do this, but you should!
6. Ran /scripts/buildeximconf
This added the required file /etc/domain_keys_active to the etc directory and added the required commands to the exim configuration so that it would add the keys when sending mail
7. Ran the domain_keys_installer script as in step 2
Success! This time it worked - no errors and it created the private keys for the domain in the correct directory /var/cpanel/domain_keys/<private and public> and added the domain key to the /etc/namedb/<domainname>.db files for the user.
8. Restarted the Bind service
9. Restarted the Exim service and tested thoroughly to make sure it still sent and received mail
10. Checked to see if the Domain Keys worked by sending an email to dk at dk.crynwr.com
Failed :-(
11. Tested sending message through ssh command line
exim -v postmaster@your.domain.example
From: user@your.domain.example
To: postmaster@your.domain.example
Subject: Testing Exim
This is a test message.
^D
An error kept coming up in the results saying "DK: Unusable key, Public if verifying, Private if signing"
At this stage I went on a bit of a goose chase - took a while to realise that I needed to go on with step 14...
12. Tried manually creating keys
Used the information at the exim wiki to manually configure things: http://wiki.exim.org/DomainKeys
Restarted Exim and Tested as in 10 and 11 above and it worked!
13. Changed it back to the cPanel configuration
Restarted Exim - Failed :-( Copied the private key that I created in step 12 into the folder where cPanel stores the private keys it creates, and it still failed... But it worked if I pointed the exim config to the directory I manually created the key in - ie. problem with directory permissions
14. Change directory owner
I didn't want to chmod the /var/cpanel/domain_keys/private directory to 664, as this would allow server users to view my private keys. I changed the group/user on the domain key private directory to mailnull:mailnull so that the exim process could read the directory. Is this the correct procedure?
15. Restared Exim and tested..
Yahoo! I mean - It Worked! (The phrase Yahoo leaves a bad taste in my mouth now).
My emails are still being trashed by Yahoo, but it says that my Domain Keys are right and that the emails are genuine... but it still trashes them... Oh the joy of big companies. Hopefully they will take me off their filter now... waiting to hear... the suspense is killing me...
If you are in New Zealand, my suggestion, leave Xtra as soon as possible and go to Orcon - awesome service, great prices and fast broadband.
Hope this helps someone - let me know if it does - all my pain can't be for nothing I hope...
Last edited by nzrubyrock; 10-31-2007 at 12:13 AM. Reason: Tidy up layout
Does anyone know why on that ESP site, it says that my DomainKeys are passing, yet DKIM aren't?
It says that there's no signature found.
Anyone?
Does anyone know how to enable DKIM?
Must be no-one has figured it
can anyone please tell me how I can extract the private key for a domain that has had it's domain key auto generated/installed via
/usr/local/cpanel/bin/domain_keys_installer username
?
Reply With Quote