mbhangui at gmail
Mar 27, 2009, 10:35 AM
Post #1 of 1
(874 views)
Permalink
|
|
DKIM Support for netqmail with ADSP
|
|
I have just managed to incorporate Author Domain Signing Practice (ADSP) for
qmail/netqmail.
This is through a patch which gives an executable qmail-dkim
qmail-dkim also supports Sender Signing Practice (SSP) which can be used by
setting
the environment variable SIGN_PRACTICE=ssp
ADSP is described below
http://tools.ietf.org/id/draft-ietf-dkim-ssp-09.txt
ADSP is still under discussion in the IETF working group
http://en.wikipedia.org/wiki/Sender_Signing_Policy
The patch dkim-netqmail-1.06.patch-1.3.gz can be downloaded at
https://sourceforge.net/project/showfiles.php?group_id=230686&package_id=314675
How to apply patch
#fetch libdomainkeys from http://sourceforge.net/projects/domainkeys/
tar xfz libdomainkeys-0.69.tar.gz
cd libdomainkeys-0.69
echo "-lresolv" > dns.lib
make
cp libdomainkeys.a ..
cd ..
tar xfz /path/to/netqmail-1.06.tar.gz
gunzip -c dkim-netqmail-1.06.patch-1.3.gz | patch - p0
The patch will provde qmail-dk, qmail-dkim, dkimtest, qmail-dkim.8 (man
page)
% cd netqmail-1.06
% make
% sudo make setup
Then to use it you have to set some environment variables in the
programs that (ultimately) invoke qmail-queue. If you are running
netqmail-1.06, or otherwise have the qmailqueue patch installed, you
can invoke it by setting the QMAILQUEUE environment variable
You can also use dkimtest to sign/verify messages
% cat /tmp/test.msg | dkim -l -t -z 1 -b 2 -s
/var/indimail/control/domainkeys/private
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=consim.com;
s=private; l=35; t=1238173510; x=1238778310; h=To:From:Subject;
bh=IibB1oF3RGv+x38la208y0I8Ilo=; b=PmfTEOHBrtc/wzV2lvkOjQf+y7aA+
HC9NZInNykM94yA/egjh5J6Vym1kJFKRiA8JdyKV2DYvyNhF/i5AxZUP+QD+10He
kEUsROHmB5IAFGayo2ujHo/UTaENg1jr79S
% (cat /tmp/test.msg | dkimtest -l -t -z 1 -b 2 -s
/var/indimail/control/domainkeys/private; \
cat /tmp/test.msg) | dkimtest -v
DKIM-Status: good
%
The code is experimental as of this date and I have not been able to
extensively
test it (especially verification).
DKIM with ADSP is also available as a library libdkim-1.1 at
https://sourceforge.net/project/showfiles.php?group_id=230686&package_id=306202
libdkim-1.1 is a forked version of libdkim by ALT-N technology at
https://sourceforge.net/projects/libdkim/
comments and bugs for fixing welcome
regards Manvendra
--
Regards Manvendra - http://www.indimail.org
Sent from: Tamil Nadu India.
|
