Date: Mon, 7 May 2007 08:53:42 -0500 From: "Noel Jones" <noeldude@gmail.com> To: PeterPluta <peter@placidpublishing.net> Cc: freebsd-questions@freebsd.org Subject: Re: DomainsKeys/DKIM with Postfix - Questions Message-ID: <cce506b0705070653m214519aftbdb718fa7162a78b@mail.gmail.com> In-Reply-To: <10352478.post@talk.nabble.com> References: <10352478.post@talk.nabble.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 5/7/07, PeterPluta <peter@placidpublishing.net> wrote: > > I'm currently running FreeBSD 6.2, Postfix, Amavisd-new, Spamassasin, > Dovecot, and ClamAV for my mail setup. I've been meaning to add Domain > Keys/DKIM for a while now, but I don't really know where to start. I > understand the basic concept, but it seems a bit confusing as you get into > it. > > Has anyone here sucessfully set it up? I've been following this guide > http://www.ijs.si/software/amavisd/a...docs.html#dkim and found the > confusion to start when they recommend using both Domainkeys and DKIM. I > thought DKIM is a replacement for the older Domain Keys? I've noticed Gmail > has both Domainkey and DKIM headers. What the point of using both? Also, can > I send mail from virtual domains I have without the DNS check being invalid? > Say I send mail with a TO: peter@testdomain.com and my mailserver's > hostname/domain is mail.mydomain2500.com, will that be rejected? The port > for DKIM seems to be broken too! :( > > I'd appreciate someone chiming in. > > Cheers, > Ferrarislave I have a similar setup to yours, I use both DKIM and DomainKeys with my postfix installation. I just followed the MILTER_README included with postfix and the INSTALL instructions that came with dkim-miler, but I've read the instructions you mention and they are correct also. I use both DKIM and DomainKeys because many providers still only recognize DomainKeys. As more folks move to DKIM, I'll eventually be able to drop DomainKeys. As for virtual domains, you can define for each domain if it is to use DKIM. They can all share the same private/public key files, but each domain must have its own DNS entry defining DKIM/DomainKeys usage and public key. Start with one domain using DKIM as a test, then add more as you get familiar with it. It won't cause problems to have a subset of your domains using DKIM. When I built mine a few months ago, I built both dkim-miler and dk-milter from source downloaded from sourceforge since the ports were a few versions behind at the time and the ports packages seemed very sendmail-specific - no surprise there. Haven't looked at the ports status of these two lately. I do know that dk-milter-0.5.0 and dkim-milter-0.6.6 both built easily from source and don't require any patching to work correctly with postfix (older versions needed some minor patches). I notice dkim-milter-0.7.0 was just released yesterday, haven't tried it yet. -- Noel Jones
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?cce506b0705070653m214519aftbdb718fa7162a78b>