succesfully installed exim 4.71 and now?

rvandam

Verified User
Joined
Aug 28, 2009
Messages
39
I have installed Exim 4.71 with DKIM support succesfully, using custom_build The configuration file exim.conf is not altered (which is a good thing). Exim 4.71 with the old config is running without problems.

I will now describe the things I have done so far to get dkim working. Please let me know if these steps are ok/not ok, so i wont mesh things up when it goes into production.

1. I have generated a key in /etc using "openssl genrsa -out /etc/dkim.key 1024"
2. Generated a public key in etc using "openssl rsa -in /etc/dkim.key -out /etc/dkim.public -pubout -outform PEM"
3. removed the begin and end tags in the dkim.public and removed the linebreaks.
4. i am going to add this line in the DNS record:
Code:
mail._domainkey.yourdomain.com. IN TXT "v=DKIM1; g=*; k=rsa; p=MIGfMA0GCSqGSIb3DQE..complete public key...KXaAKH1MH5I4y0+JsqQIDAQAB"
5. i am going to add these lines in exim.conf
Code:
remote_smtp:
driver = smtp
#
dkim_domain=yourdomain.com
dkim_selector=mail
dkim_private_key=/etc/dkim.key
#

Will everything be ok with this setup?

Most things I described above are from this site:
http://atmail.com/kb/2008/installing-dkim-for-outbound-messages/
 
I got no response here, and i wanted to give it a try. Unfortunately my registrar don't support DKIM input on dns TXT fields. So now I have two choices.

1. change registrar
2. use my own nameserver instead of the registrar one. I must find out now if the default DA setup meets the requirements of the SIDN
 
I have found a registrar who has support for dkim fields in the dns administration. I found out that adding:

dkim_domain=yourdomain.com

in exim.conf is the wrong approach because every domain will be signed with yourdomain.com. So i will probably need a macro here. Unfortunately i cant test much because i work on a production server. Anyone already has a macro for dkim_domain?
 
I'm working on a solution with my developers to set up DomainKeys and DKIM in DirectAdmin. I've done it for some customers of mine who host their website with us, as well as have a custom email marketing dedicated server. I'll post back when I get some more information. Thanks!
 
Have there been any updates with this? Exim 4.71 has been out for a few months so I would like to begin using DKIM on outbound mail and eventually inbound. Since I host many domains, I want to make sure it is set for each of them.

Thanks,
 
so custombuild is the new method for upgrading exim? as I see no new binaries from DA still but is now a tarball in the custombuild directory.
 
I have found a registrar who has support for dkim fields in the dns administration. I found out that adding:

dkim_domain=yourdomain.com

in exim.conf is the wrong approach because every domain will be signed with yourdomain.com. So i will probably need a macro here. Unfortunately i cant test much because i work on a production server. Anyone already has a macro for dkim_domain?
In my opininion there is no need of registrar support for especials records in dns

here you are my configuration of remote smftp transport and is perfectly working for every domain in my server thas has apropiate dns records

Code:
remote_smtp:
  driver = smtp
  interface =${lookup{$sender_address_domain}lsearch{/etc/exim4/interfaces}{$value}{95.211.14.35}}
  helo_data="${lookup{$sender_address_domain}lsearch{/etc/exim4/interfaces}{$sender_address_domain}{$primary_hostname}}"
  dkim_domain = "${lookup{$sender_address_domain}lsearch{/etc/exim4/interfaces}{$sender_address_domain}{$primary_hostname}}"
  dkim_selector = dkim
  dkim_private_key = /usr/local/etc/dkim/rsa.private

notice that you have to create a file that contains

yourdomain.com 111.222.333.444

pairs where exim can locate it i have named this interfaces.

In order to inser apropiate records different domains i have edited txt_template in directadmin data directory so every new domain could have this records by default.

or clicking default settin in every domain you want to have this records.

(be careful with this I have broken one of my dns server who has to A records not by default)
 
Into what script?

If DirectAdmin staff will agree to maintain the file I can certainly add it exim.conf, but if the file doesn't exist, and I've included it in exim.conf, then exim won't run.

And how do you envision handling domains that aren't in the list? Someone needs to write and test how the default of the servername would run.

But I still don't like it. Because my understanding of the RFCs is that you're supposed to send mail from a server, not from a domain.

Note that when I'm working on exim.conf I do NOT look at threads that don't have the word SpamBlocker in the subject line, so I won't be looking at this thread again when working on the SpamBlocker Technology exim.conf file. You'd be better off continuing the thread in South Raven's post directly above.

Jeff
 
Back
Top