»

DomainKeys with Sendmail

Required Packages
Sendmail full package like sendmail, sendmail-devel etc..
(should be 8.13 or above version)
OpenSSL
SASL Packages

Download the Package of dk-milter (dk-milter-1.0.0.tar.gz)

tar zxvf dk-milter-1.0.0.tar.gz
cd dk-milter-1.0.0
cd devtools/Site
and add/modify the following lines to site.config.m4
APPENDDEF(`conf_sendmail_ENVDEF’, `-DMILTER’)
APPENDDEF(`confENVDEF’,`-DSASL -DSTARTTLS’)
APPENDDEF(`confLIBS’, `-lsasl -lssl -lcrypto’)
APPENDDEF(`confINCDIRS’, `-I/usr/local/ssl/include ‘)
APPENDDEF(`confLIBDIRS’, `-L/usr/local/ssl/lib ‘)
APPENDDEF(`confENVDEF’, `-D_FFR_ANTICIPATE_SENDMAIL_MUNGE ‘)

Add the following lines to dk-milter-1.0.0/dk-filter/Makefile.m4

APPENDDEF(`confLIBS’, `-lssl -lcrypto’)

dnl Enable and edit these paths as per your configuration:

APPENDDEF(`confINCDIRS’, `-I/usr/local/ssl/include ‘)
APPENDDEF(`confLIBDIRS’, `-L/usr/local/ssl/lib ‘)
bldPUSH_SMLIB(`dk’)
APPENDDEF(`confINCDIRS’, `-I../libdk/ ‘)
bldPUSH_SMLIB(`sm’)
APPENDDEF(`confINCDIRS’, `-I/usr/local/sendmail/include’)
APPENDDEF(`confLIBDIRS’, `-L/usr/local/sendmail/libmilter’)
APPENDDEF(`confLIBDIRS’, `-L/usr/local/sendmail/libsm’)
APPENDDEF(`confLIBDIRS’, `-L/usr/local/sendmail/libsmdb’)
APPENDDEF(`confLIBDIRS’, `-L/usr/local/sendmail/libsmutil’)
And add the following line(s) to sendmail.mc
INPUT_MAIL_FILTER(`dk-filter’, `S=inet:5000@localhost’)
dk-filter is domain key filter and 5000 is port on which dk-filter daemon will listen…

Then goto the dk-milter-1.0.0 directory and run the following commands
1) ./Build
2) ./Build install

Now create servers public/private key pair for the domain using the following command:
1) openssl genrsa -out rsa.private 1024
2) openssl rsa -in rsa.private -out rsa.public -pubout -outform PEM
Now change private key name to like test.com_key.pem

Now time to DNS TXT record entry with public key

mail._domainkey.test.com. 1D IN TXT “k=rsa; t=y;
p=MHwwDQYJKoZIhvcNAQEBBQADawAwaA
JhAJUf/A69N7tYPcoursysqYFzBl3+yzCCUsNQA
Y6TIcD02OEix1xETOOubJ1Z5i7UrR3E36aEeeH
A9tdDu1P+xvQ6PoQEXeevGWfs61j4lVRQErx4K
m+KKcqja6nSgZbflQIDAQAB”

Replace test.com with your domain, and *mail* in the DNS record *mail*._domainkey.test.com. is selector to select the key.

Create a user for dk-milter like dkuser and run the following command to start dk-milter for your server.
dk-filter -l -p inet:5000@localhost -c nofws -d test.com -D -H -s
/usr/share/ssl/private/test.com_key.pem -S mail -u dkuser -m MTA

restart sendmail service.

Send mail to any Yahoo!/GMail ID and check to see whether the
authentication-results header shows result as pass or fail.

Advertisement

This entry was posted on July 9, 2008 at 6:55 am and is filed under mail server. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

Follow

Get every new post delivered to your Inbox.