So i have a mail server say "mailer.com". Postfix handles mail for mailer.com also for "virtual.com" (postfix virtual domain).
So, when i create the DKIM key pair:
opendkim-genkey -s mail -d example.com
Which domain do i use here? mailer.com or virtual.com?
Then i put the public key in TXT record on the virtual.com domain?
FYI I used this guide:
https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-dkim-with-postfix-on-debian-wheezy
You need to create keys for each domain you want to sign messages for and put appropriate DNS records in each domain DNS zone.
Related
I am using the extension "Trigger E-Mail" in Firebase. When I try to send an e-mail and I get the following error:
Error [ERR_TLS_CERT_ALTNAME_INVALID]: Hostname/IP does not match certificate's altnames
Does this mean the loaded certificate must contain my hostname to work? Sorry, I just have started studying certificates. If I am right then one solution would be to add my hostname into the certificate. As I am using a thirdparty mailprovider. UPDATE: The smtp server uses a shared certificate which doesnt include any other domain and it will never happen.
Similar posts using nodejs tell to set the following configuration:
{ rejectUnauthorized : false }
First I cannot set his configuration into the Extension, secondly I do not want to remove the security feature.
What do you recommend?
I have Postfix set up to deliver all incoming email to 〈any_random_address〉#mydomain.com to myname#mydomain.com. I've recently noticed that a large percentage of spam is going to the same non-existent username, and I'd like to block incoming email to that username, while still sending all other emails to my inbox. What is the best way to accomplish that?
Aside from the fact that catch-all doesn't really make sense:
In your virtual aliases map (e.g. /etc/postfix/virtual_alias_maps), add the following line:
john.doe#example.com devnull
In /etc/aliases, add the following line:
devnull: /dev/null
This defines a mailbox named devnull and stores its contents in /dev/null.
Don't forget to update the alias caches and restart Postfix, for example like
sudo postmap /etc/postfix/virtual_alias_maps
sudo newaliases
sudo service postfix restart
Now you should be fine.
In our production a user sent an email to the following address "xxx" (Literally the email is address xxx). This address is within our companies organization (xxx#company.com.ph), I am being asked how it was sent without "#company.com.ph".
I told them it was probably the configuration of our SMTP server as I am sure the application I made is not appending "#company.com.ph" to mails without (hostName/domainName).
Our SMTP server is Qmail in a Unix box. Can anyone tell me what configurations we could check to explain how this happened?
Unfortunately, I do not have a Qmail or Unixbox so I cant test it myself and I don't have access to our production servers so I could really use some help.
PS. Can anyone also give me the correct term for "#company.com.ph" is it the hostName/domainName?
Checks Done
1) According to the administrator - "defaultdomain" is set to "mail.company"
Yes by default qmail will add defaultdomain to any recipient address missing the domain part.
#company.com.ph is the domain name part of the email address.
defaultdomain file by default is in /var/qmail/control directory as from documentation: http://www.lifewithqmail.org/lwq.html#config-files
Here is the issue:
I have an email server with OpenDKIM and Postfix installed as here:
http://www.serveridol.com/2012/02/17/opendkim-configuring-dkim-keys-on-postfix/
My TXT DNS record is on the main domain (Server domain name)
Here: senderServer.com
It works great when I send an email from senderServer.com using my FROM address as: anything#senderServer.com
The problem is when I send an email using my FROM address as: anything#otherDomain.com
The DKIM signature is added but using otherDomain as the domain value tag:
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
d=otherDomain.com; s=20131125; t=1385596727;
bh=g3zLYH4xKxcPrHOD18z9YfpQcnk/GaJedfustWU5uGs=;
h=Date:To:Subject:From;
b=ujfsdhfu9hf9sdfs9df9sfs9fhsd9hfsfnsvkjnsdlvljsv
so, the server that is receiving the messages is not finding the DNS record which is obviously clear since the d= tag value is otherDomain.com instead senderServer.com
I would like to find the way to retrieve the d= value from the server name instead retrieve it from the FROM header email address... or override it to be always d=senderServer.com
Domain *
KeyFile /etc/postfix/dkim.key
Selector mail
in /etc/opendkim.conf to use the same key for multiple domains ( documentation )
and added no_milters to /etc/postfix/master.cf
made this line:
-o receive_override_options=no_header_body_checks,no_unknown_recipient_checks
look like:
-o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters
This prevented opendkim signing messages twice.
Recently, my wordpress website has been experiencing a spike in hack attempts by various IPs but they all have the same user Hostname:
A user with IP address xxx.xxx.xx.x has been locked out from the signing in or using the password recovery form for the following reason: Used an invalid username to try to sign in.
User IP: 91.121.156.62
User hostname: ks359219.badhost.com
A user with IP address xxx.xxx.xx.x has been locked out from the signing in or using the password recovery form for the following reason: Used an invalid username to try to sign in.
User IP: 5.135.182.147
User hostname: ks3289006.badhost.com
A user with IP address xxx.xxx.xx.x has been locked out from the signing in or using the password recovery form for the following reason: Used an invalid username to try to sign in.
User IP: 5.135.185.89
User hostname: ks3290602.badhost.com
A user with IP address xxx.xxx.xx.x has been locked out from the signing in or using the password recovery form for the following reason: Used an invalid username to try to sign in.
User IP: 5.39.86.162
User hostname: ks3273571.badhost.com
The security plugin I am using seems to be fending them off, but I would like to be able to block all requests from ANY IP that is associated with the user hostname using a wildcard like xxx.badhost.com
The plugin lets me block a range of IPs such as 123.12.1.* but not hostnames. What would be the best way to block these hacking attempts? .htaccess? Thanks
Refer to this Apache doc page for examples of what you might want to do. It covers most cases of redirecting, blocking, etc. from direct domains and referring sites.
http://httpd.apache.org/docs/2.2/rewrite/access.html#blocked-inline-images
For WordPress you can use VSF Simple block http://wordpress.org/plugins/vsf-simple-block/
In Block Rules settings enter the part of the hostname string you want to block e.g. badhost.com
Bear in mind this is an active plugin, so does use some server resources and database queries for each lookup request, but we haven't found it too heavy.
PS - from the ks. part of the example I have a good idea of the hosts you wantto ban - I agree with you, these hosts are bad news - Ban them.... :)
If you do whois ks3273571.badhost.com, it'll tell you the NetRange and CIDR for that ISP's netblock.
For example, whois 69.59.197.21 (StackOverflow) reports:
NetRange: 69.59.192.0 - 69.59.223.255
CIDR: 69.59.192.0/19