Implementing domainlkeys signature

This forum contains features that has been archived. This section contains implemented features, duplicate requests, and requests which we have decided not to implement.
Post Reply

Do you need this feature?

Yes
101
98%
No
2
2%
 
Total votes: 103

Kob
New user
New user
Posts: 15
Joined: 2005-10-01 13:02

Implementing domainlkeys signature

Post by Kob » 2005-10-01 13:20

No rush, but it may be a good idea to try to implement Yahoo's domainkeys system to combat spam. I see that gmail has implemented this too.

See the details in:

http://antispam.yahoo.com/domainkeys
and in
http://domainkeys.sourceforge.net/

cmurphy54
Senior user
Senior user
Posts: 550
Joined: 2004-09-25 22:11
Location: Atlanta, GA
Contact:

Post by cmurphy54 » 2005-10-01 19:36

Duplicate request of this one here:

http://www.hmailserver.com/forum/viewto ... domainkeys

Although that one doesn't have the two question poll interface.

User avatar
martin
Developer
Developer
Posts: 6834
Joined: 2003-11-21 01:09
Location: Sweden
Contact:

Post by martin » 2005-10-01 20:50

I removed the other one..

iprat
Normal user
Normal user
Posts: 247
Joined: 2005-05-20 16:50
Location: Barcelona, EU
Contact:

Even beter if DKIM

Post by iprat » 2005-10-02 01:28

DK seems to have evolved to "DomainKeys Identified Mail (DKIM)", wich provides tools to fight spam and pishing even better than DK.

I think that if Martin decides to implement DK, should try to do the work only once and support DK and DKIM (in fact I think DK is a subset of DKIM functions).

Best regards,

Info:
http://mipassoc.org/dkim/
http://www.ietf.org/internet-drafts/dra ... ase-00.txt
http://files.altn.com/MDaemon/White_Pap ... Daemon.pdf

Ignasi

CraigHarris
Senior user
Senior user
Posts: 886
Joined: 2005-11-28 11:43

Post by CraigHarris » 2005-12-16 13:49

Is this going to be implemented both for checking incoming mail & for signing outgoing mail?
This would be a really nice feature to have, and the existing free libraries seem to implement everything.

iprat
Normal user
Normal user
Posts: 247
Joined: 2005-05-20 16:50
Location: Barcelona, EU
Contact:

Post by iprat » 2005-12-16 14:00

Hope so ! But I think it's poll ranking and Martin's decision.

Anyway Martin seems to be very interested in impementing spam fighting tools for 4.3, maybe will give some extra points to spam fighting related feature requests.... but anyway it's Martin who's gona have to make it so he'll decide ;)
My perfect combination:
hMailServer 5.6.1 (B2208), ASSP 1.3.3.8 (antispam), Clamav 0.98.6 (antivirus)

User avatar
Slug
Moderator
Moderator
Posts: 1369
Joined: 2005-03-13 05:42
Location: Sydney Australia
Contact:

Post by Slug » 2006-04-19 18:10

bump :D
Missing Hmailserver ... Now running Debian servers

ajw
Normal user
Normal user
Posts: 150
Joined: 2006-04-17 20:29
Location: Needham, MA 02492 USA
Contact:

Post by ajw » 2006-05-07 23:59

Just came here to vote 'yes' - the voting buttons aren't there any more. (uh, at least for me :)

Was that because it's being implemented in 4.3 or after?

My ISP (cablemodem - Comcast) doesn't support SPF on their server and since I send via their server when at home, I can't use SPF for my domain. Haven't looked at Domain keys yet (nor DKIM at all...) so I don't know if I can use that, but I'd sure like both SPF and DK/DKIM in hMailServer!

- Al Weiner -

ajw
Normal user
Normal user
Posts: 150
Joined: 2006-04-17 20:29
Location: Needham, MA 02492 USA
Contact:

Post by ajw » 2006-05-08 00:01

oh, now *that's* funny!?!? After posting the above, the voting buttons are there, and the results aren't! Ok, so I'm voting yes... :)

- Al -

westdam
Senior user
Senior user
Posts: 728
Joined: 2006-08-01 21:24
Location: Padova, Italy
Contact:

Post by westdam » 2006-10-27 18:10

yes.l
also sender id will be interesting..

brashquido
Normal user
Normal user
Posts: 249
Joined: 2006-06-26 07:14
Location: Melbourne, Australia
Contact:

Post by brashquido » 2007-03-14 14:55

Voted yes ;)

ulas
New user
New user
Posts: 26
Joined: 2006-06-23 14:31

Post by ulas » 2007-04-09 12:59

now , hotmail and yahoo generally dont accept mails if you dont have domainkeys or SPF records. If you have necessary records , reverse DNS and domainkey , they accept your mail to inboxs. If martin implements the function, it will give more freedom to send e-mails to hotmail,yahoo and etc.

User avatar
martin
Developer
Developer
Posts: 6834
Joined: 2003-11-21 01:09
Location: Sweden
Contact:

Post by martin » 2007-04-09 13:12

> hotmail and yahoo generally dont accept mails if you dont
> have domainkeys

Where can I read more about that? I don't have domainkeys for my domain, but have no problems sending email to Hotmail or Yahoo.

iprat
Normal user
Normal user
Posts: 247
Joined: 2005-05-20 16:50
Location: Barcelona, EU
Contact:

Post by iprat » 2007-04-10 10:47

Hi Martin, are you asking for more info about DKIM ? Weren't the links supplied at the beginning of this thread enough ? maybe you are asking for more info about Hotmail incompatibility problems (which I don't know anything about) ?
My perfect combination:
hMailServer 5.6.1 (B2208), ASSP 1.3.3.8 (antispam), Clamav 0.98.6 (antivirus)

User avatar
martin
Developer
Developer
Posts: 6834
Joined: 2003-11-21 01:09
Location: Sweden
Contact:

Post by martin » 2007-04-10 12:15

I was wondering about the Hotmail incompatibility problems since I've never had problems with it myself which I've been able to safely relate to DKIM.

iprat
Normal user
Normal user
Posts: 247
Joined: 2005-05-20 16:50
Location: Barcelona, EU
Contact:

Post by iprat » 2007-04-10 12:29

I don't use SPF (still have no control over my DNS's, to be changed in the next weeks) nor DKIM, and I'm able to send to hotmail, so there must be something else for hotmail to block your emails.

brashquido
Normal user
Normal user
Posts: 249
Joined: 2006-06-26 07:14
Location: Melbourne, Australia
Contact:

Post by brashquido » 2007-04-12 14:00

DKIM won't help you for sending to Hotmail. They use SenderID and their own SmartScreen technology. Funny thing is that SenderID was canned by ITEF, yet Microsoft pushed on even though the PRA element of SenderID (which was developed by Microsoft themselves as I understand it) was fundamentally flawed as it is incompatible with SPF. If you have an SPF policy in place, then it is very likely that this could be the very cause of why you can't send to Hotmail. Your SPF policy might well be ok, but what you'll need to do is set up a specific PRA policy in addition to your SPF policy. Confused yet?

I did this a month or so ago and email from my domain are now starting to filter through to Hotmail accounts, although it is still hit and miss.

Pieter
Normal user
Normal user
Posts: 55
Joined: 2005-07-27 19:20

Post by Pieter » 2007-05-23 15:50

DomainKeys is now officially a proposed standard by the IETF (SenderID still is not!):
http://news.com.com/Promising%20antispa ... l?part=rss

iprat
Normal user
Normal user
Posts: 247
Joined: 2005-05-20 16:50
Location: Barcelona, EU
Contact:

Post by iprat » 2007-05-23 16:47

Good to know ! :D

Although I think there's no plans to include it in V5, seems there's a look of work with Unicode and the former feature requests:

Shared folders when using IMAP (93 votes) Under development
SSL server support (92 votes) Under development
SpamAssasin Integration (66 votes) No info at this moment
Implementing domainlkeys signature (46 votes) No info at this moment but we can expect at least that the previous one must be done before this.

Anyway I'm sure sooner or later this will be implemented in hMailServer.
My perfect combination:
hMailServer 5.6.1 (B2208), ASSP 1.3.3.8 (antispam), Clamav 0.98.6 (antivirus)

atifdarr
New user
New user
Posts: 26
Joined: 2005-12-22 20:39
Contact:

Please implement DK and DKIM

Post by atifdarr » 2007-06-06 17:10

Any clues on how you are feeling about adding this feature?

User avatar
Frater
New user
New user
Posts: 7
Joined: 2007-09-01 01:26
Location: New Zealand
Contact:

Post by Frater » 2007-12-18 12:10

I have voted yes for this would like this feature as well

krellkraver
New user
New user
Posts: 1
Joined: 2008-01-15 03:29

Post by krellkraver » 2008-01-15 03:34

This would be a great feature in an open-source Windows MTA.

richardhardatwork
New user
New user
Posts: 2
Joined: 2008-02-18 17:30

Implementing domainlkeys signature

Post by richardhardatwork » 2008-02-18 18:48

I voted yes to this feature, I have hmail as my email software and the only thing missing for my email validation is Implementing domainlkeys signature

Does anybody know how long it will be untill this feature is added?

brunnels
New user
New user
Posts: 1
Joined: 2008-02-19 17:14

Vote for DKM

Post by brunnels » 2008-02-19 17:31

A lot of push on this subject. Anyone see this?

http://www.networkworld.com/news/2008/0 ... ising.html

I vote yes to implement RFC 4871 DKIM

GravitySpec
New user
New user
Posts: 1
Joined: 2008-05-20 02:29

Re: Implementing domainlkeys signature

Post by GravitySpec » 2008-05-20 02:56

Is this going to be implemented soon? I'm running a Drupal site on my own dedicated server running hMailServer but a lot of my mails from Drupal are getting rejected as spam (namely new registration e-mails). In the message headers in Yahoo it says neutral DomainKeys (no sig). I'm also seeing my messages being blocked by MSN and Google, even though SPF is fine and shows that it is authenticating correctly. Seems DKIM is becoming the new measuring stick.

mdwait
Normal user
Normal user
Posts: 57
Joined: 2007-03-15 21:48
Location: NRH,TX
Contact:

Re: Implementing domainlkeys signature

Post by mdwait » 2008-06-11 19:39

Is this in the 5.0 Ver?..... We need it to handle Yahoo
They move a great deal of email to the "SPAM" bucket - because we don't have the domain keys.
hmailsvr 4.4/5.1 ~MS-SQL 2000/2008 ~VB6,VB.NET 2005~ASP.NET

User avatar
martin
Developer
Developer
Posts: 6834
Joined: 2003-11-21 01:09
Location: Sweden
Contact:

Re: Implementing domainlkeys signature

Post by martin » 2008-06-11 21:36

No, probably in 5.1. I think it's already possible to set up a script to accomplish it though:
http://www.hmailserver.com/forum/viewto ... f=7&t=3797

birendersinghbudhwar
New user
New user
Posts: 7
Joined: 2007-08-07 07:36

Re: Implementing domainlkeys signature

Post by birendersinghbudhwar » 2008-08-06 09:28

Its all about the smtp host name and Ip address, then you can send and recive emails from any were no one can block your emails.

How...?

first think is that you have to give your smtp a valid host name, whose ip address is same as your smtp server, and your IP shount not be listed in any SPAM blacklisted.

If the above given condition is matched then no one can block your emails from your mail server. one more think is that you need to set your Ip address reverse lookup to your domain name some of the IP address have this format....

xx.xx.xx.xx.xyz.net.nz so all ip series have this xyz.net.nz is attached if one of that IP is listed then all the series which contains this domain xyz.net.nz attached all are got blacklisted.

so this is the mails problem now days ISP's are doing they add their domain name in their Ip ranges so a end users cant use that IP for commercial use like hosting etc.... you need a IP address which dont have domain name format in your Ip range you can check your IP address name format in http://www.ip-adress.com/ipaddresstolocation/

Birender

JohnnyW
New user
New user
Posts: 1
Joined: 2008-09-17 17:40

Re: Implementing domainlkeys signature

Post by JohnnyW » 2008-09-17 17:43

Hotmail doesn't use DKIM or Domain Keys... but Yahoo does! Unfortunately Yahoo uses Domain Keys but NOT DKIM - so you need to implement both.

User avatar
martin
Developer
Developer
Posts: 6834
Joined: 2003-11-21 01:09
Location: Sweden
Contact:

Re: Implementing domainlkeys signature

Post by martin » 2008-12-13 00:12

JohnnyW wrote:Hotmail doesn't use DKIM or Domain Keys... but Yahoo does! Unfortunately Yahoo uses Domain Keys but NOT DKIM - so you need to implement both.
Why would I implement an obsolete technology just because Yahoo use it? Yahoo has participated in creating the new standard and also participated in marking the old standard, Domain Keys, as obsolete. DomainKeys Identified Mail will be implemented, Domain Keys will not.

User avatar
martin
Developer
Developer
Posts: 6834
Joined: 2003-11-21 01:09
Location: Sweden
Contact:

Re: Implementing domainlkeys signature

Post by martin » 2008-12-16 15:53

Anyone here who has used Domain keys before?

I'm thinking of which options to make configurable, so if anyone has any opinions.... :)

Signing

In every domain
  • Enable DKIM
  • Private key file (location)
  • Selector string
Verification

Server-wide setting
  • Enable DKIM
  • Score
The remaining settings will be hard-coded. For example, hMailServer will use rsa-sha256 signing, and always the relaxed canonicalization algorithm.

The tagging will be made just before hMailServer starts to deliver the messages (after the global rules have been run but before the actual delivery is made).

User avatar
martin
Developer
Developer
Posts: 6834
Joined: 2003-11-21 01:09
Location: Sweden
Contact:

Re: Implementing domainlkeys signature

Post by martin » 2009-02-03 13:58

Moving to archive since it's included in 5.1.

Post Reply