Differenze tra le versioni 6 e 9 (in 3 versioni)
|
Dimensione: 652
Commento:
|
Dimensione: 2237
Commento:
|
| Le cancellazioni sono segnalate in questo modo. | Le aggiunte sono segnalate in questo modo. |
| Linea 33: | Linea 33: |
| OpenDKIM 2048 bit key |
We use OpenDKIM |
| Linea 36: | Linea 35: |
| Generate a 2048 bits key {{ opendkim-genkey -b 2048 -d ml.ninux.org -D /etc/mail/dkim-keys/ml.ninux.org -s mail -v }}} /etc/opendkim.conf |
|
| Linea 37: | Linea 42: |
| dig +short @1.1.1.1 mail._domainkey.ml.ninux.org TXT | Syslog yes UMask 002 Domain ml.ninux.org KeyFile /etc/mail/dkim-keys/ml.ninux.org/mail.private Selector mail Socket inet:8892@localhost OversignHeaders From |
| Linea 41: | Linea 52: |
| == SPF == | == DNS entries in bind for SPF, DMARC and DKIM == Please note that key sections are here shortened with "...", but you should use the integral version of your keys. These might need to be split due to length constraints. {{{ $ORIGIN ninux.org. _dmarc TXT "v=DMARC1\; p=none\; sp=none\; adkim=r\; aspf=r\; rua=mailto:nino@ninux.org\; ruf=mailto:nino@ninux.org\; fo=1\;" mail._domainkey TXT "v=DKIM1\; h=sha256\; k=rsa\; " "p=MIIBI...NeyP" "a...B" ml A 176.111.173.140 MX 10 ml TXT "v=spf1 ip4:176.111.173.140 -all" SPF "v=spf1 ip4:176.111.173.140 -all" $ORIGIN ml.ninux.org. _dmarc TXT "v=DMARC1\; p=none\; sp=none\; adkim=r\; aspf=r\; rua=mailto:nino@ninux.org\; ruf=mailto:nino@ninux.org\; fo=1\;" mail._domainkey TXT "v=DKIM1\; h=sha256\; k=rsa\; " "p=MIIBI...NeyP" "a...B" }}} Verify with dig, e.g. {{{ $ dig +short @1.1.1.1 mail._domainkey.ml.ninux.org TXT "v=DKIM1; h=sha256; k=rsa; " "p=MIIBI...NeyP" "a...B" $ dig +short @1.1.1.1 mail._domainkey.ninux.org TXT "v=DKIM1; h=sha256; k=rsa; " "p=MIIBI...NeyP" "a...B" }}} |
Mailman Configuration
Mailman
Download the mailman-2.1.39 tarball, uncompress it, then compile it and install it:
./configure --prefix=/usr/local/mailman --with-python=/usr/bin/python2.7 --with-mail-gid=nogroup make make install
Fix permissions with:
usr/local/mailman/bin/check_perms -f
/usr/local/mailman/bin/mailmanctl restart
Apache
Postfix
pipe to opendkim letsencrypt
Postfix to mailman py
Postfix antispam
DKIM
We use OpenDKIM
Generate a 2048 bits key {{ opendkim-genkey -b 2048 -d ml.ninux.org -D /etc/mail/dkim-keys/ml.ninux.org -s mail -v }}}
/etc/opendkim.conf
Syslog yes UMask 002 Domain ml.ninux.org KeyFile /etc/mail/dkim-keys/ml.ninux.org/mail.private Selector mail Socket inet:8892@localhost OversignHeaders From
DNS entries in bind for SPF, DMARC and DKIM
Please note that key sections are here shortened with "...", but you should use the integral version of your keys. These might need to be split due to length constraints.
$ORIGIN ninux.org.
_dmarc TXT "v=DMARC1\; p=none\; sp=none\; adkim=r\; aspf=r\; rua=mailto:nino@ninux.org\; ruf=mailto:nino@ninux.org\; fo=1\;"
mail._domainkey TXT "v=DKIM1\; h=sha256\; k=rsa\; " "p=MIIBI...NeyP" "a...B"
ml A 176.111.173.140
MX 10 ml
TXT "v=spf1 ip4:176.111.173.140 -all"
SPF "v=spf1 ip4:176.111.173.140 -all"
$ORIGIN ml.ninux.org.
_dmarc TXT "v=DMARC1\; p=none\; sp=none\; adkim=r\; aspf=r\; rua=mailto:nino@ninux.org\; ruf=mailto:nino@ninux.org\; fo=1\;"
mail._domainkey TXT "v=DKIM1\; h=sha256\; k=rsa\; " "p=MIIBI...NeyP" "a...B"Verify with dig, e.g.
$ dig +short @1.1.1.1 mail._domainkey.ml.ninux.org TXT "v=DKIM1; h=sha256; k=rsa; " "p=MIIBI...NeyP" "a...B" $ dig +short @1.1.1.1 mail._domainkey.ninux.org TXT "v=DKIM1; h=sha256; k=rsa; " "p=MIIBI...NeyP" "a...B"