develooper Front page | perl.qpsmtpd | Postings from April 2013

new feature: DKIM message signing

Thread Next
Matt Simerson
April 26, 2013 08:47
new feature: DKIM message signing
Message ID:

I added a signing feature to my DKIM plugin.


PS: for added pleasure, I also added a script that makes deploying DKIM really, really easy.  How easy?

	# cd ~smtpd/config/dkim
	# ./

Voila. Keys and selector generated. Now DNS needs to be updated. I made that easy too:

	# cat

apr2013._domainkey TXT "v=DKIM1;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/Wu1fd74UXwH//0uiX/6C0hkv3I/PdeTxfnzHN6GrehJpCYBd1BKuigduwt/wZFVgUopwxmcjxSK6qrkADtHC+ZiqC/sqcVuVDhnvzkIgd7dYhqBcVORg6f8Eg8132yPkmHyDm588qKfdFSEUVgBqSfqZg4ZdG4Uq5erHAyQIEcs0h7xqUKJKA5xJWdRwaVYbNkNDAscax1WrSvMHQkKBf5bWUtkMGc/HeoZ6T3VTn5Le0OgLoINj4lNTFfT6toXsbZsKzOaUYacnWVOq2v2lWgghOMRQHYPr7ldl2E7/6sNSpNT8KXAiT7wlfE+/xXg+0DyQq/ahKaPgAecCCFiwIDAQAB"

Tell the world that the ONLY mail servers that send mail from this domain are DKIM signed and/or bear our MX and A records.

With SPF:

        SPF "v=spf1 mx a -all"
        TXT "v=spf1 mx a -all"


_dmarc  TXT "v=DMARC1; p=reject; adkim=s; aspf=r;; ruf=mailto:dmarc-feedback@'; pct=100"

With DomainKeys (deprecated)

_domainkey TXT "o=-; t=y;"

For more information about DKIM and SPF policy, the documentation within each plugin contains a longer discussion and links to more detailed information:

   perldoc plugins/dkim
   perldoc plugins/sender_permitted_from

Thread Next Perl Programming lists via nntp and http.
Comments to Ask Bjørn Hansen at | Group listing | About