Learn about Centmin Mod LEMP Stack today
Register Now

Beta Branch add addons/opendkim.sh for dkim setup for 123.09beta01

Discussion in 'Centmin Mod Github Commits' started by eva2000, Apr 13, 2016.

Tags:
  1. eva2000

    eva2000 Administrator Staff Member

    45,657
    10,358
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,076
    Local Time:
    8:08 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    already does that in code for addons/opendkim.sh but there's a check for the vhostname i.e. = domain.com which if matches hostname.domain.com then wont' be added


    strange worked for me so will double check
     
  2. pamamolf

    pamamolf Premium Member Premium Member

    3,884
    381
    83
    May 31, 2014
    Ratings:
    +741
    Local Time:
    12:08 PM
    Nginx-1.17.x
    MariaDB 10.3.x
    Ok microsoft don't like my emails but that's ok i give up with them even if i have rdns spf dkim and dmark all ok they push my email to spam :)

    Checking there the headers i can see:

    Code:
    dkim=pass (identity alignment result is pass and alignment mode is relaxed)
    so dkim now seems to work :)
     
  3. pamamolf

    pamamolf Premium Member Premium Member

    3,884
    381
    83
    May 31, 2014
    Ratings:
    +741
    Local Time:
    12:08 PM
    Nginx-1.17.x
    MariaDB 10.3.x
    Is hostname and domain the same and domain not need a separate entry there?
     
  4. eva2000

    eva2000 Administrator Staff Member

    45,657
    10,358
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,076
    Local Time:
    8:08 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    separate entries for host.domain.com and domain.com as this script is only for host.domain.com in out of box centmin mod setups unless you add full email @domain.com for in/out bound to your server to be locally hosted.

    but i did fix up at Beta Branch - fixes for addons/opendkim.sh in 123.09beta01 | Centmin Mod Community
     
  5. pamamolf

    pamamolf Premium Member Premium Member

    3,884
    381
    83
    May 31, 2014
    Ratings:
    +741
    Local Time:
    12:08 PM
    Nginx-1.17.x
    MariaDB 10.3.x
    Great it seems also that it needs to comment this line ? as KeyTable is in used:

    /etc/opendkim.conf

    Code:
    #KeyFile        /etc/opendkim/keys/default.private
     
  6. eva2000

    eva2000 Administrator Staff Member

    45,657
    10,358
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,076
    Local Time:
    8:08 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    no need KeyFile is ignored if KeyTable enabled
    Code (Text):
    ##  Gives the location of a private key to be used for signing ALL messages. This
    ##  directive is ignored if KeyTable is enabled.
    KeyFile /etc/opendkim/keys/default.private
    
    ##  Gives the location of a file mapping key names to signing keys. In simple terms,
    ##  this tells OpenDKIM where to find your keys. If present, overrides any KeyFile
    ##  directive in the configuration file. Requires SigningTable be enabled.
    KeyTable        /etc/opendkim/KeyTable
    
    ##  Defines a table used to select one or more signatures to apply to a message based
    ##  on the address found in the From: header field. In simple terms, this tells
    ##  OpenDKIM how to use your keys. Requires KeyTable be enabled.
    SigningTable    refile:/etc/opendkim/SigningTable
    
     
  7. pamamolf

    pamamolf Premium Member Premium Member

    3,884
    381
    83
    May 31, 2014
    Ratings:
    +741
    Local Time:
    12:08 PM
    Nginx-1.17.x
    MariaDB 10.3.x
    Before your fix the script had commented this line at KeyTable:

    Code:
    #default._domainkey.example.com example.com:default:/etc/opendkim/keys/default.private
    so i will have to test again now :)
     
  8. eva2000

    eva2000 Administrator Staff Member

    45,657
    10,358
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,076
    Local Time:
    8:08 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    That's just a commented reference to remind me of the format for entries
     
  9. pamamolf

    pamamolf Premium Member Premium Member

    3,884
    381
    83
    May 31, 2014
    Ratings:
    +741
    Local Time:
    12:08 PM
    Nginx-1.17.x
    MariaDB 10.3.x
    and this one also at SigningTable:

    Code:
    #*@example.com default._domainkey.example.com
    I think both must be enabled to get signed emails from a domain or not?
     
  10. eva2000

    eva2000 Administrator Staff Member

    45,657
    10,358
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,076
    Local Time:
    8:08 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    no they are commented as reference only
     
  11. pamamolf

    pamamolf Premium Member Premium Member

    3,884
    381
    83
    May 31, 2014
    Ratings:
    +741
    Local Time:
    12:08 PM
    Nginx-1.17.x
    MariaDB 10.3.x
    Ok two last questions :)

    Actually the first one is to have a check for Postfix version and if it is < 2,6 version to use:

    Code:
    milter_protocol = 2
    and if it is > 2,6 version to use:

    Code:
    milter_protocol = 6
    and last one does it make any difference as i can see at:

    Code:
    /etc/opendkim.conf
    Socket inet:8891@localhost

    but on:

    Code:
    /etc/postfix/main.cf
    we use:

    smtpd_milters = inet:127.0.0.1:8891

    So is it better to adjust them to use ip or localhost both ?

    Thank you so much !!!!!
     
  12. eva2000

    eva2000 Administrator Staff Member

    45,657
    10,358
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,076
    Local Time:
    8:08 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    Postfix before-queue Milter support
    Doesn't matter

    indeed a bug in opendkim.sh :)
     
    Last edited: Oct 10, 2016
  13. SFLC

    SFLC Active Member

    224
    59
    28
    Dec 4, 2016
    The Canadas
    Ratings:
    +112
    Local Time:
    12:08 PM
    1
    10
    This is too good to be true,

    spf, dkim, dmarc are things ive never understood for years and could never get working right especially with gmail, it's become a habit, everytime i email a friend i have to tell them to check their spam folders because my emails likely there.

    now with this addon its working right and all it took was a few button clicks

    i am now certain that @eva2000 is the most valuable man on earth, thank you!!
     
  14. Jimmy

    Jimmy Well-Known Member

    1,707
    365
    83
    Oct 24, 2015
    East Coast USA
    Ratings:
    +923
    Local Time:
    5:08 AM
    1.17.x
    MariaDB 10.3.x
    @eva2000 could this thread be moved to the addons forum? Lots of great info in this thread, shouldn't be in the github commits IMO.
     
  15. eva2000

    eva2000 Administrator Staff Member

    45,657
    10,358
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,076
    Local Time:
    8:08 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    thanks :)

    @Jimmy it's a commit if you see 1st post so should stay here :)

    i'll add a permanent redirect though
     
  16. Jimmy

    Jimmy Well-Known Member

    1,707
    365
    83
    Oct 24, 2015
    East Coast USA
    Ratings:
    +923
    Local Time:
    5:08 AM
    1.17.x
    MariaDB 10.3.x
    That's understandable. But if you look at the main commits forum, every other thread has 0 replies except this one which has 54. This is not your normal commit thread. It's become more of an addon thread, discussing the addon.

    Redirect works. Too bad you could just leave the first post and move the rest to the addons forum.
     
  17. SFLC

    SFLC Active Member

    224
    59
    28
    Dec 4, 2016
    The Canadas
    Ratings:
    +112
    Local Time:
    12:08 PM
    1
    10
    how do you rerun opendkim, i ran it from the addons and it installed and worked, however later on I installed dovecot and removed it and now my emails are not being signed, i tried rerunning from the addons folder but it goes back to the command prompt again so im not sure what its doing.

    do i have to delete the older keys and if so where are they stored
     
  18. eva2000

    eva2000 Administrator Staff Member

    45,657
    10,358
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,076
    Local Time:
    8:08 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x
    You can clean up old runs with command
    Code (Text):
    addons/opendkim.sh clean

    then a new set of dkim and spf records are made
     
  19. eva2000

    eva2000 Administrator Staff Member

    45,657
    10,358
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +16,076
    Local Time:
    8:08 PM
    Nginx 1.19.x
    MariaDB 5.5/10.x