Configuration Ptr, Spf, Dkim

Raphael40 · November 8, 2020, 8:38pm

Hello,

I work :
1 °) on a Ste SoYouStart server which manages the site of my domain name:
SoYouStart server
Centos: 7.8.2003
Webmin: 1.955
Virtualmin: 6.12
Hostname: ns31.ovh.net (WWW.XXX.YYY.ZZZ)
This server manages in fact (with Bind from Webmin / Virtualmin) the Dns of this domain name.

2 °) on a Ste Kimsufi server which manages the mail service (by Iredmail)
With like Ip4: AAA.BBB.CCC.DDD
With like Ip6: azerty
Hostname: post.cdoi.fr (AAA.BBB.CCC.DDD)

I installed the following PTRs on the Kimsufi server configuration:
AAA.BBB.CCC.DDD post.cdoi.fr.
Azerty post.cdoi.fr.
DKIM key provided by the order:
amavisd -c /etc/amavisd/amavisd.conf showkeys

We have
(“v = DKIM1; k = rsa; t = s; p = aqwxszEDCVFRtgbNHY”
“muDrFSOFIhP / ZJgNeFF5qqTpz3XT9VrVC9wocyS82j20MaCPqcfNRwDRdfko2AZk0YN4QCh + 6kXlvQ1W”
“UqSDguuzXg / IdY + 5mRtUvWmXwXcDrwYBRDjOEYOQ / xz0mbpyVndT / wTtvLatNGm3uSOFUM3gcY12cHSA”
“7nEmF07WcELQurHk / HHUr0gi4LcH82p8fqeuRI3mUibRvjz6aaHytOtjzaihSMQnrut24wGxc3zmZe4A”
“iyLOX0FXhWDIltYDzVAyWu7USzZ / dRWZmwZtUkEXKT1KXASA3q / buetZHFXV4WH8 + / qRz0hXo6Ax5LD /”
“p2tW0n5ywIDAQAB”)

In the Dns records due to the virtual server of the cdoi.fr domain on the Ste SoYouStart server, I try to set up the following SPF and DKIM records:
cdoi.fr. 36000 IN TXT “v = spf1 a mx a: cdoi.fr ip4: WWW.XXX.YYY.ZZZ ip4: AAA.BBB.CCC.DDD ip6: azerty ip6: qsdfgh -all”
dkim._domainkey.cdoi.fr. IN TXT (“v = DKIM1; k = rsa; t = s; p = aqwxszEDCVFRtgbNHY”
“muDrFSOFIhP / ZJgNeFF5qqTpz3XT9VrVC9wocyS82j20MaCPqcfNRwDRdfko2AZk0YN4QCh + 6kXlvQ1W”
“UqSDguuzXg / IdY + 5mRtUvWmXwXcDrwYBRDjOEYOQ / xz0mbpyVndT / wTtvLatNGm3uSOFUM3gcY12cHSA”
“7nEmF07WcELQurHk / HHUr0gi4LcH82p8fqeuRI3mUibRvjz6aaHytOtjzaihSMQnrut24wGxc3zmZe4A”
“iyLOX0FXhWDIltYDzVAyWu7USzZ / dRWZmwZtUkEXKT1KXASA3q / buetZHFXV4WH8 + / qRz0hXo6Ax5LD /”
“p2tW0n5ywIDAQAB”)
It doesn’t seem to be working. Does anyone have an idea, a remark, an idea of modification? Please thank you

cordially

Raphael40

calport · November 9, 2020, 4:34am

Umm, I don’t see any MX records…

But the other records look okay to me.

What’s not working? Are you not able to send mail? Or receive mail? What do the logs say?

Raphael40 · November 9, 2020, 10:36pm

hello,

Thank you

There is the following Mx record
post.cdoi.fr MX AAA.BBB.CCC.DDD

the following test (done on the mail server (Kimsufi)
[root@post ~]# amavisd -c /etc/amavisd/amavisd.conf testkeys

It gives the result:
TESTING#1 cdoi.fr: dkim._domainkey.cdoi.fr => invalid (public key: DNS query timeout for dkim._domainkey.cdoi.fr)

Here is the result of a test done on mail-tester.com:

Your DKIM signature is not valid
DomainKeys Identified Mail (DKIM) is a method of associating a domain name with an email message, which allows a person, an organization to claim certain responsibilities for the message.

The DKIM signature of your message is:

v=1;
a=rsa-sha256;
c=relaxed/simple;
d=cdoi.fr;
h=content-transfer-encoding:content-type:message-id:user-agent:subject:to:from:date:mime-version;
s=dkim;
t=1604903433;
x=1607495434;
bh=UZv5X92UkA4XINz17OA3AUYukhltXwscYl/E1VYE9e0=;
b=BF7MVe7LmAtbS3UT/83GfVmFpuir37ZzO/INnB+K7Wad0F/ZEeR6Hmjhgosek9dwcgUyiXpKpFC4ik2LajYEAoxrMJi1XNkX0W8Nncnaq4utLTOIQ7PHaJ5aaPjSduJ6MsMqhSk8DMqvUfaT+hepLJaXyLw9SZ4sY8tT8cgI1PFSbSLn3bCClaPjLJFK+Vp4MMVqRfM3F021zli8DwnWpd874gnLiwMTw7jAyngCH8H+5nA+hYuvoQID5uSkTcKrHj8mKc+8JwEyj8oNatGmjEsPurPCTLZt3HjvuJjeAyD78NOyJ+3F8132DnZPt8hZ13lN0idyT3jXbHlbL9EYZw==

Your public key is:

“v=DKIM1;
k=rsa;
t=s;
p=aqwxszEDCVFRtgbNHYmuDrFSOFIhP/ZJgNeFF5qqTpz3XT9VrVC9wocyS82j20MaCPqcfNRwDRdfko2AZk0YN4QCh+6kXlvQ1WUqSDguuzXg/IdY+5mRtUvWmXwXcDrwYBRDjOEYOQ/xz0mbpyVndT/wTtvLatNGm3uSOFUM3gcY12cHSA7nEmF07WcELQurHk/HHUr0gi4LcH82p8fqeuRI3mUibRvjz6aaHytOtjzaihSMQnrut24wGxc3zmZe4AiyLOX0FXhWDIltYDzVAyWu7USzZ/dRWZmwZtUkEXKT1KXASA3q/buetZHFXV4WH8+/qRz0hXo6Ax5LD/p2tW0n5ywIDAQAB”
Longueur de la clé : 2048bits

Votre signature DKIM n’est pas valide

From the Roundcube, I can send emails and receive them in mailboxes such as Gmail or Yopmail, for example

Bye
Raphael40

calport · November 10, 2020, 4:14am

This is what I use for a DKIM signature:

v=DKIM1; k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5iUXsdYFAKne/qncNIGPOWJmApXZr+tmf4sEIudFl4hpY0KWLUQLZ7IqyB1dH6Mb60we3y1TkoOksXbOtBLIrfjp5DFI2KzvaQOGkTxMOSPF4J7gq98BmgdeActNli64WMZ0aOxXdePsslo6lmkenj+6Lz70QuUk0J/O7qZp4fWVpu560NkJ2AYvAGvRAVkdknm4ZdE8OukLH3K3lM+EnVv/o7Y5YgU1+40KfV2Z8rauVHpONJcNciw9YwLZhKLTefGUVj1F7IN5LvZNbZKz7zZitDGesVYDIbr4D20j6MGj+sGXBVOZQ8YBOOZSZnGKL5oFOKCAmbu9xln3jpj9+QIDAQAB

I got this from Virtualmin -> Email Settings - > DomainKeys Identified Mail in the text area captioned “DKIM DNS records for domains”

system · December 10, 2020, 4:14am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.