| View previous topic :: View next topic |
| Author |
Message |
r00t440
Tux's lil' helper
Joined: 14 Sep 2005
Posts: 93
|
 Posted: Mon Apr 07, 2008 4:00 pm Post subject: BIND to TINYDNS (help) |
 |
|
Hello Experts,
I use tinydns(djbdns) instead of BIND, unfortunately most examples on the web uses BIND. I'm now on the process of making DKIM work with postfix. I need to convert the following BIND TXT entry to TinyDNS:
| Code: | | default._domainkey IN TXT "v=DKIM1; g=*; k=rsa; p=XXXXXXXXXX(encrypted string)XXXXXXXXXX" ; ----- DKIM default for mydomain.com |
I've tried:
| Code: | | default._domainkey:v=DKIM1; g=*; k=rsa; p=XXXXXXXXXX(encrypted string)XXXXXXXXXX ; ----- DKIM default for mydomain.com:3600 |
and
| Code: | | default._domainkey:v=DKIM1; g=*; k=rsa; p=XXXXXXXXXX(encrypted string)XXXXXXXXXX:3600 |
without any luck.
TIA |
|
| Back to top |
|
 |
jtrooney
Tux's lil' helper
Joined: 10 Nov 2004
Posts: 82
|
| Posted: Mon Apr 07, 2008 5:20 pm Post subject: |
|
|
Haven't used this myself but txt records are pretty easy just need to make sure you escape properly, give something like this a try:
'example.com:v=DKIM1;\040g=*;\040k=rsa;\040p=XXXXXXXXXXXXXXXXXXXX:3600 |
|
| Back to top |
|
|
r00t440
Tux's lil' helper
Joined: 14 Sep 2005
Posts: 93
|
| Posted: Tue Apr 08, 2008 1:32 am Post subject: |
|
|
hi thanks a lot, but still it doesn't work. I'll try to look for other clues. By the way, is it possible to verify the TXT entry, like "dig mydomain.com txt"? i've tried it, but it only replies with a TXT entry corresponding to my SPF records.
sorry for my poor english. |
|
| Back to top |
|
|
r00t440
Tux's lil' helper
Joined: 14 Sep 2005
Posts: 93
|
| Posted: Tue Apr 08, 2008 4:25 am Post subject: |
|
|
Perhaps I should rephrase my question:
I've "emerge dkim-milter" then "emerge --config dkim-milter". I am now required to do the following:
| Code: | * Make sure you have the following settings in your dkim-filter.conf:
* Keyfile /etc/mail/dkim-filter/default.private
* Selector default
* If you are using Postfix, add following lines to your main.cf:
* smtpd_milters = unix:/var/run/dkim-filter/dkim-filter.sock
* non_smtpd_milters = unix:/var/run/dkim-filter/dkim-filter.sock
* After you configured your MTA, publish your key by adding this TXT record to your domain:
default._domainkey IN TXT "v=DKIM1; g=*; k=rsa; p=MIGfMA0GC4qGfgb3DQEbA5UrA1GNA1CBiQKBgQC3Xwkwhize7e4Z6yZSxpRnGGdwH1iiBJJChlss+0W6V+RM1XPg4CxalkkTgkZULK83cRNycB9yK8j/7DDuRU22yYjYjmxKljQd20E+pD7wLdixyMheYM3IYLn0IKq9QYB9kcwIW4oc3VxFsCk4+vHkve983gMpTLPXEP/mBXy6lQIDAQAB" ; ----- DKIM default for example.com
* t=y signifies you only test the DKIM on your domain. See following page for the complete list of tags:
* http://www.dkim.org/specs/rfc4871-dkimbase.html#key-text
*
* Also look at the draft SSP http://www.dkim.org/specs/draft-ietf-dkim-ssp-01.html |
The way I see it, the TXT entry appears to be BINDish. How do I convert it to TinyDNS? Also, How do I query my DNS server to check if indeed the TXT entry was properly added?
TIA |
|
| Back to top |
|
|
DarKRaveR
Guru
Joined: 11 Oct 2003
Posts: 500
Location: Old Europe/G-Many
|
| Posted: Tue Apr 08, 2008 9:56 am Post subject: |
|
|
You can check it by looking up the TXT resource for your domain/zone: dig TXT example.com (you can use whatever lookuptool you want)
Concerning your problem: What does the tinydns manual say bout TXT records? |
|
| Back to top |
|
|
m.b.j.
Guru
Joined: 12 Sep 2003
Posts: 407
Location: Germany (Essen)
|
| Posted: Tue Apr 08, 2008 12:00 pm Post subject: |
|
|
http://www.anders.com/projects/sysadmin/djbdnsRecordBuilder/
You can use this record builder to compile your domainKey records.
_________________
root@mbj # echo "sys-pizza/calzone -tunfish" >> /etc/paludis/use.conf
root@mbj # paludis -i calzone --dl-blocks discard |
|
| Back to top |
|
|
|
Networking & Security
