From: CROCKETT, E. \(SBCSI\) <ec...@sb...> - 2005-03-17 20:36:27
|
Hello, I'm having a problem figuring out how to get my outbound smtp server to sign the mail ... I have followed the instructions in the dk-milter package reademe. I've looked at the draft-delany-domainkeys-base-01.txt... I have not make the public key available, but do have the private key in place on my server.. I wanted to make sure that I had that part working first...=20 From my mail log: mail goes through, and no domainkey header.. [root@ylpvm52 dk-filter]# grep j2HKR82Q008010 /mail/logs/maillog Mar 17 15:27:08 ylpvm52 sendmail[8010]: j2HKR82Q008010: Milter (dk-filter): init success to negotiate Mar 17 15:27:08 ylpvm52 sendmail[8010]: j2HKR82Q008010: Milter: connect to filters Mar 17 15:27:08 ylpvm52 sendmail[8010]: j2HKR82Q008010: milter=3Ddk-filter, action=3Dconnect, continue Mar 17 15:27:21 ylpvm52 sendmail[8010]: j2HKR82Q008010: milter=3Ddk-filter, action=3Dmail, continue Mar 17 15:27:41 ylpvm52 sendmail[8010]: j2HKR82Q008010: from=3D<eo...@pr...>, size=3D61, class=3D0, nrcpts=3D1, msgid=3D<200...@yl...>, = proto=3DESMTP, daemon=3DMTA, relay=3Dylpvm52.prodigy.net [207.115.57.83] Mar 17 15:27:41 ylpvm52 sendmail[8010]: j2HKR82Q008010: milter=3Ddk-filter, action=3Dheader, continue Mar 17 15:27:41 ylpvm52 sendmail[8010]: j2HKR82Q008010: milter=3Ddk-filter, action=3Dheader, continue Mar 17 15:27:41 ylpvm52 dk-filter[7989]: j2HKR82Q008010 external host ylpvm52.prodigy.net attempted to send as prodigy.net Mar 17 15:27:41 ylpvm52 sendmail[8010]: j2HKR82Q008010: milter=3Ddk-filter, action=3Deoh, continue Mar 17 15:27:41 ylpvm52 sendmail[8010]: j2HKR82Q008010: milter=3Ddk-filter, action=3Dbody, continue Mar 17 15:27:41 ylpvm52 sendmail[8010]: j2HKR82Q008010: Milter accept: message Mar 17 15:27:41 ylpvm52 sendmail[8015]: j2HKR82Q008010: SMTP outgoing connect on ylpvm52.prodigy.net Mar 17 15:27:41 ylpvm52 sendmail[8015]: j2HKR82Q008010: to=3D<eo...@pr...>, delay=3D00:00:14, xdelay=3D00:00:00, = mailer=3Dwildfire, pri=3D120061, relay=3Ddeliver.rr2.prodigy.net. [207.115.63.31], = dsn=3D2.0.0, stat=3DSent (Message accepted for delivery.) Mar 17 15:27:41 ylpvm52 sendmail[8015]: j2HKR82Q008010: done; delay=3D00:00:14, ntries=3D1 If I telnet into my outbound server, then I do get a bad format header, because I'm only doing the mail enveloMar 17 15:29:56 ylpvm52 sendmail[8052]: j2HKTuMT008052: Milter (dk-filter): init success to negotiate Mar 17 15:29:56 ylpvm52 sendmail[8052]: j2HKTuMT008052: Milter: connect to filters Mar 17 15:29:56 ylpvm52 sendmail[8052]: j2HKTuMT008052: milter=3Ddk-filter, action=3Dconnect, continue Mar 17 15:30:04 ylpvm52 sendmail[8052]: j2HKTuMT008052: milter=3Ddk-filter, action=3Dmail, continue Mar 17 15:30:11 ylpvm52 sendmail[8052]: j2HKTuMT008052: from=3D<eo...@pr...>, size=3D13, class=3D0, nrcpts=3D1, msgid=3D<200...@yl...>, = proto=3DESMTP, daemon=3DMTA, relay=3Dylpvm52.prodigy.net [207.115.57.83] Mar 17 15:30:11 ylpvm52 dk-filter[7989]: j2HKTuMT008052: no From: header; accepting Mar 17 15:30:11 ylpvm52 sendmail[8052]: j2HKTuMT008052: milter=3Ddk-filter, action=3Deoh, continue Mar 17 15:30:11 ylpvm52 sendmail[8052]: j2HKTuMT008052: milter=3Ddk-filter, action=3Dbody, continue Mar 17 15:30:11 ylpvm52 sendmail[8052]: j2HKTuMT008052: Milter insert (1): header: DomainKey-Status: bad format Mar 17 15:30:11 ylpvm52 sendmail[8052]: j2HKTuMT008052: Milter accept: message Mar 17 15:30:11 ylpvm52 sendmail[8065]: j2HKTuMT008052: SMTP outgoing connect on ylpvm52.prodigy.net Mar 17 15:30:11 ylpvm52 sendmail[8065]: j2HKTuMT008052: to=3D<eo...@pr...>, delay=3D00:00:03, xdelay=3D00:00:00, = mailer=3Dwildfire, pri=3D120013, relay=3Ddeliver.rr2.prodigy.net. [207.115.63.107], = dsn=3D2.0.0, stat=3DSent (Message accepted for delivery.) Mar 17 15:30:11 ylpvm52 sendmail[8065]: j2HKTuMT008052: done; delay=3D00:00:03, ntries=3D1pe to and from ...=20 This is a linux platform .. Using sendmail8.13.1 and dk-milter 0.2.4 (had a compile error with 0.2.5) Can you point me in the right direction? How do I specify sign every message? Is this something in the key? Thanks, Eddie |
From: Scott G. <sgr...@bo...> - 2005-03-17 20:44:24
|
Have you added the sendmail define yet in sendmail's config? On Thursday March 17 2005 12:34, CROCKETT, EDNA (SBCSI) wrote: > Hello, > I'm having a problem figuring out how to get my outbound smtp server > to sign the mail ... I have followed the instructions in the dk-milter > package reademe. I've looked at the > draft-delany-domainkeys-base-01.txt... I have not make the public key > available, but do have the private key in place on my server.. I wanted > to make sure that I had that part working first...=20 >=20 >=20 > >From my mail log: mail goes through, and no domainkey header.. >=20 >=20 > [root@ylpvm52 dk-filter]# grep j2HKR82Q008010 /mail/logs/maillog > Mar 17 15:27:08 ylpvm52 sendmail[8010]: j2HKR82Q008010: Milter > (dk-filter): init success to negotiate > Mar 17 15:27:08 ylpvm52 sendmail[8010]: j2HKR82Q008010: Milter: connect > to filters > Mar 17 15:27:08 ylpvm52 sendmail[8010]: j2HKR82Q008010: > milter=3Ddk-filter, action=3Dconnect, continue > Mar 17 15:27:21 ylpvm52 sendmail[8010]: j2HKR82Q008010: > milter=3Ddk-filter, action=3Dmail, continue > Mar 17 15:27:41 ylpvm52 sendmail[8010]: j2HKR82Q008010: > from=3D<eo...@pr...>, size=3D61, class=3D0, nrcpts=3D1, > msgid=3D<200...@yl...>, proto=3DESMTP, > daemon=3DMTA, relay=3Dylpvm52.prodigy.net [207.115.57.83] > Mar 17 15:27:41 ylpvm52 sendmail[8010]: j2HKR82Q008010: > milter=3Ddk-filter, action=3Dheader, continue > Mar 17 15:27:41 ylpvm52 sendmail[8010]: j2HKR82Q008010: > milter=3Ddk-filter, action=3Dheader, continue > Mar 17 15:27:41 ylpvm52 dk-filter[7989]: j2HKR82Q008010 external host > ylpvm52.prodigy.net attempted to send as prodigy.net > Mar 17 15:27:41 ylpvm52 sendmail[8010]: j2HKR82Q008010: > milter=3Ddk-filter, action=3Deoh, continue > Mar 17 15:27:41 ylpvm52 sendmail[8010]: j2HKR82Q008010: > milter=3Ddk-filter, action=3Dbody, continue > Mar 17 15:27:41 ylpvm52 sendmail[8010]: j2HKR82Q008010: Milter accept: > message > Mar 17 15:27:41 ylpvm52 sendmail[8015]: j2HKR82Q008010: SMTP outgoing > connect on ylpvm52.prodigy.net > Mar 17 15:27:41 ylpvm52 sendmail[8015]: j2HKR82Q008010: > to=3D<eo...@pr...>, delay=3D00:00:14, xdelay=3D00:00:00, mailer=3Dwi= ldfire, > pri=3D120061, relay=3Ddeliver.rr2.prodigy.net. [207.115.63.31], dsn=3D2.0= =2E0, > stat=3DSent (Message accepted for delivery.) > Mar 17 15:27:41 ylpvm52 sendmail[8015]: j2HKR82Q008010: done; > delay=3D00:00:14, ntries=3D1 >=20 > If I telnet into my outbound server, then I do get a bad format header, > because I'm only doing the mail enveloMar 17 15:29:56 ylpvm52 > sendmail[8052]: j2HKTuMT008052: Milter (dk-filter): init success to > negotiate > Mar 17 15:29:56 ylpvm52 sendmail[8052]: j2HKTuMT008052: Milter: connect > to filters > Mar 17 15:29:56 ylpvm52 sendmail[8052]: j2HKTuMT008052: > milter=3Ddk-filter, action=3Dconnect, continue > Mar 17 15:30:04 ylpvm52 sendmail[8052]: j2HKTuMT008052: > milter=3Ddk-filter, action=3Dmail, continue > Mar 17 15:30:11 ylpvm52 sendmail[8052]: j2HKTuMT008052: > from=3D<eo...@pr...>, size=3D13, class=3D0, nrcpts=3D1, > msgid=3D<200...@yl...>, proto=3DESMTP, > daemon=3DMTA, relay=3Dylpvm52.prodigy.net [207.115.57.83] > Mar 17 15:30:11 ylpvm52 dk-filter[7989]: j2HKTuMT008052: no From: > header; accepting > Mar 17 15:30:11 ylpvm52 sendmail[8052]: j2HKTuMT008052: > milter=3Ddk-filter, action=3Deoh, continue > Mar 17 15:30:11 ylpvm52 sendmail[8052]: j2HKTuMT008052: > milter=3Ddk-filter, action=3Dbody, continue > Mar 17 15:30:11 ylpvm52 sendmail[8052]: j2HKTuMT008052: Milter insert > (1): header: DomainKey-Status: bad format > Mar 17 15:30:11 ylpvm52 sendmail[8052]: j2HKTuMT008052: Milter accept: > message > Mar 17 15:30:11 ylpvm52 sendmail[8065]: j2HKTuMT008052: SMTP outgoing > connect on ylpvm52.prodigy.net > Mar 17 15:30:11 ylpvm52 sendmail[8065]: j2HKTuMT008052: > to=3D<eo...@pr...>, delay=3D00:00:03, xdelay=3D00:00:00, mailer=3Dwi= ldfire, > pri=3D120013, relay=3Ddeliver.rr2.prodigy.net. [207.115.63.107], dsn=3D2.= 0.0, > stat=3DSent (Message accepted for delivery.) > Mar 17 15:30:11 ylpvm52 sendmail[8065]: j2HKTuMT008052: done; > delay=3D00:00:03, ntries=3D1pe to and from ...=20 >=20 > This is a linux platform .. Using sendmail8.13.1 and dk-milter 0.2.4 > (had a compile error with 0.2.5) >=20 >=20 > Can you point me in the right direction? How do I specify sign every > message? Is this something in the key? >=20 > Thanks, > Eddie >=20 >=20 >=20 >=20 > ------------------------------------------------------- > SF email is sponsored by - The IT Product Guide > Read honest & candid reviews on hundreds of IT Products from real users. > Discover which products truly live up to the hype. Start reading now. > http://ads.osdn.com/?ad_ide95&alloc_id=14396&op=CCk > _______________________________________________ > dk-milter-discuss mailing list > dk-...@li... > https://lists.sourceforge.net/lists/listinfo/dk-milter-discuss >=20 |
From: Adrian D. H. <ad...@ha...> - 2005-03-17 21:01:03
|
Have you used the "-d yourdomain.com" option? All mail matching the domains (and subdomains of these domains if -D is set as well) will be signed with your private key. CROCKETT, EDNA (SBCSI) wrote: >Hello, > I'm having a problem figuring out how to get my outbound smtp server >to sign the mail ... I have followed the instructions in the dk-milter >package reademe. I've looked at the >draft-delany-domainkeys-base-01.txt... I have not make the public key >available, but do have the private key in place on my server.. I wanted >to make sure that I had that part working first... > > |
From: SM <sm...@re...> - 2005-03-18 04:48:40
|
Hello, At 12:34 17-03-2005, CROCKETT, EDNA (SBCSI) wrote: > >From my mail log: mail goes through, and no domainkey header.. >msgid=<200...@yl...>, proto=ESMTP, >daemon=MTA, relay=ylpvm52.prodigy.net [207.115.57.83] dk-milter was not told to sign mail sent from ylpvm52.prodigy.net. >If I telnet into my outbound server, then I do get a bad format header, >because I'm only doing the mail enveloMar 17 15:29:56 ylpvm52 > >Mar 17 15:30:11 ylpvm52 dk-filter[7989]: j2HKTuMT008052: no From: >header; accepting When you telnet to your server, you did not send a properly formatted message. The From: header is missing. >This is a linux platform .. Using sendmail8.13.1 and dk-milter 0.2.4 >(had a compile error with 0.2.5) The latest version is 0.2.7. It compiles under Linux. >Can you point me in the right direction? How do I specify sign every >message? Is this something in the key? The key is not the problem here. I suggest that you submit mail through the MSA port (tcp 587) and run dk-filter with the -m MSA parameter for it to sign mail going through MSA. http://www.elandsys.com/resources/sendmail/domainkeys.html explains how to set up dk-filter for DomainKeys signing and verification. Regards, -sm |