Results 1 to 9 of 9

Thread: Anyone had any success with DKIM or domainkeys?

  1. #1
    Join Date
    May 2007
    Posts
    46
    Rep Power
    8

    Default Anyone had any success with DKIM or domainkeys?

    Hi All,
    Can anyone help me make sense of this:
    I have a clients domain which has a newsletter system on another server their mx and spf records list both the zimbra server I am in charge of and their newsletter server which they bulk mail to their mailing list with. They were having some issues with gmail and their newsletters getting through so they were advised to setup DomainKeys on their newsletter server. As far as I understand it they need to add the public key to their DNS and they have asked me if I need to setup the key on the zimbra server???

    Is this necessary? If so how would I impliment this. I have read a few posts here but I haven't seen a definitive guide and to be hnest I really don't understand all this DKIM/DomainKeys thing? Do I really need to do this just because their newsletter server uses it?

    Please can someone bring me into the light.

    Thanks very much!

  2. #2
    Join Date
    Oct 2005
    Location
    USA, Canada and India
    Posts
    777
    Rep Power
    11

    Default

    Mail-DKIM and DKIMproxy
    this is all you need to do dkim/domainkeys..follow all steps and do postfix setup steps..and it should work.

    * your changes may need to be re-applied across zimbra upgrades

    Raj
    i2k2 Networks
    Dedicated & Shared Zimbra Hosting Provider

  3. #3
    Join Date
    Jul 2007
    Posts
    72
    Rep Power
    8

    Default

    iredmail

    iredmail - Project Hosting on Google Code

    I relay through iredmail and DKIM sign everything. works great!

  4. #4
    Join Date
    Mar 2006
    Location
    Kansas City
    Posts
    36
    Rep Power
    9

    Default

    Quote Originally Posted by raj View Post
    Mail-DKIM and DKIMproxy
    this is all you need to do dkim/domainkeys..follow all steps and do postfix setup steps..and it should work.

    * your changes may need to be re-applied across zimbra upgrades

    Raj
    As Raj stated, if you follow the steps for DKIM Proxy, its pretty straightforward. We have all emails being signed before sending. One thing to keep in mind, when making changes to Postfix, change the master.cf.in file, not the master.cf (which gets overwritten on restart). Course I know this because I found out the hard way.

  5. #5
    Join Date
    Dec 2007
    Posts
    12
    Rep Power
    8

    Default

    Hey,

    I followed the instructions on the DKIM web page. If I connect to my mail server on the submission port (587) using an external client (e.g. my iPhone) then dkim proxy kicks in and the message is signed. However, when I send emails from the web client they do not seem to be signed.

    Can someone describe how to make dkim proxy kick in for the web client?

    thanks
    Joe

  6. #6
    Join Date
    Oct 2005
    Location
    USA, Canada and India
    Posts
    777
    Rep Power
    11

    Default

    Globl settings --> MTA
    Relay MTA for external delivery: 127.0.0.1 : 587

    technically instead of handing over email to external sever you could use your 127.0.0.1:587
    logically should work..

    make sure you test all in and out and AV/AS email functions before putting this to production

    please post here if this works

    Raj
    i2k2 Networks
    Dedicated & Shared Zimbra Hosting Provider

  7. #7
    Join Date
    Dec 2007
    Posts
    12
    Rep Power
    8

    Default

    Unfortunately, it didn't work - the email was bounced with:

    host 127.0.0.1[127.0.0.1] said: 554 5.4.0 Error:
    too many hops (in reply to end of DATA command)

    Looking at the mail logs it looks like the following is happening (excuse my dumbness with postfix/smtp):

    - web client sends email to the local smtp
    - local smtp relays to localhost:587
    - email gets forwarded to dkim process on 10027
    - dkim signs the process and forwards to port 10028
    - postfix picks up the email from port 10028 and forwards it onto the local smtp, which goes back to the beginning of this sequence

    this appears to continue until the max number of hops is reached and the email is then bounced.

    Any clues from the more knowledgeable zimbra/postfix gurus as to how to get past this?

  8. #8
    Join Date
    Jul 2009
    Location
    Vietnam
    Posts
    25
    Rep Power
    6

    Post

    Quote Originally Posted by raj View Post
    Globl settings --> MTA
    Relay MTA for external delivery: 127.0.0.1 : 587

    technically instead of handing over email to external sever you could use your 127.0.0.1:587
    logically should work..

    Raj
    If I set that, I got the error: host 127.0.0.1[127.0.0.1] said: 554 5.4.0 Error:
    too many hops (in reply to end of DATA command)

    If I change port to 587 (submission), It seems very well. The header is signed. Does anybody know to change the port of webmail to 587?

  9. #9
    Join Date
    Sep 2008
    Location
    Stockholm, Sweden
    Posts
    55
    Rep Power
    7

    Default Vote for DKIM (DomainKeys) feature

    If you want DKIM (DomainKeys Identified Mail) signing and verification built into Zimbra, please vote for it!

    Bug 11524 – DKIM/DK signing support in Amavisd

    As of writing, I can see that already 98 people have voted for this feature. Vote for it you too!

Similar Threads

  1. DKIM Coming?
    By LMStone in forum Developers
    Replies: 8
    Last Post: 08-21-2009, 05:50 AM
  2. [SOLVED] Zimbra logwatch.
    By nishith in forum Administrators
    Replies: 5
    Last Post: 06-10-2009, 05:42 PM
  3. Zimbra with Domainkeys ?
    By HostVN in forum Administrators
    Replies: 0
    Last Post: 07-15-2008, 09:35 PM
  4. [SOLVED] Backup says SUCCESS...reality - who knows?
    By Centurion in forum Administrators
    Replies: 2
    Last Post: 03-24-2008, 02:32 AM
  5. [SOLVED] Upgraded to 5.0 OSS - Sendmail Problem
    By Chewie71 in forum Installation
    Replies: 11
    Last Post: 12-28-2007, 07:07 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •