Hello Erik,
I dont know exactly where is the problem now
when i try to instal dkim-milter i got this error
Loaded plugins: fastestmirror, security
Setting up Install Process
Loading mirror speeds from cached hostfile
* base: mirrors.advancedhosters.com
* extras: mirrors.advancedhosters.com
* updates: mirrors.advancedhosters.com
No package dkim-milter available.
Error: Nothing to do
i tried to disable all the files in /etc/yum.repos.d
CentOS-Base.repo CentOS-Vault.repo webmin.repo
CentOS-Debuginfo.repo epel.repo webtatic-archive.repo
CentOS-fasttrack.repo epel-testing.repo webtatic.repo
CentOS-Media.repo remi.repo webtatic-testing.repo
i made it so in enabled=0 in all the files above
but nothing changed
i installed Virtualmin using install.sh
have u any idea thanks
Howdy,
Hmm, it looks like there's quite a few non-default things that are going on there... that may be the cause of some of the issues you're seeing.
I would recommend disabling any third party repositories, as you've done.
However, you wouldn't want to disable any of the repositories with the name "CentOS" in the file name.
Another thing that's causing a problem is that your server appears to be missing the virtualmin.repo file.
Do you see anything in /etc/yum.repos.d that looks like it may have been that file? Could that file have been renamed to something else?
Also, what is in the webmin.repo file?
-Eric
i dont think so .. i think its missed
in the webmin.repo file ist
[Webmin]name=Webmin Distribution Neutral
baseurl=http://download.webmin.com/download/yum
enabled=1
but do u mean i musst enable the setting in the files name "CentOS" again ?
Howdy,
Yes, the ones with the name "CentOS" in them aren't third party repositories, those are standard repositories.
Also, you won't need that Webmin repository, as everything in there is also contained in the Virtualmin repository.
So what you're missing at the moment is just the standard Virtualmin repository.
That's created when the install.sh script runs, so it's odd that it's not there! But it's simple to re-create -- to do that, make a file named
/etc/yum.repos.d/virtualmin.repo, and for it's contents, use the following:[virtualmin]
name=RHEL/CentOS/Scientific $releasever - $basearch - Virtualmin
baseurl=http://software.virtualmin.com/gpl/rhel/$releasever/$basearch/
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-virtualmin
gpgcheck=1
[virtualmin-universal]
name=Virtualmin Distribution Neutral Packages
baseurl=http://software.virtualmin.com/gpl/universal/
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-virtualmin
gpgcheck=1
Once you create the above file, are you then able to setup dkim?
-Eric
yes its work !! !! agian u r genius ;)
wow :D
but can u please tell me what should i enable in the centos files i cant remember anymore what i disabled
thaaanks Erik
Hello Erik
i testet if the DKIM was right installed on allaboutspam.com but i got this Error messege
Email contains invalid DKIM/Domain Keys Signature. Published Domain Keys policy does not specify whether to accept/reject such emails. Signing your Outbound emails and clearly specifying a policy to accept signed emails will minimize chances of your Email being considered as SPAM.
and i testet it again in http://dkimcore.org/
i got this error This is not a good DKIM key record. You should fix the errors shown in red.
DNS query failed for 'dkim232._domainkey.domain.com':NOERROR A public-key (p=) is required
what thats mean ?
and the SPF i enabled it from DNS options but i wont be work and in test site appears als not workin ..
Virtualmin - Email Messages - DomainKeys Identified Mail:
Signing of outgoing mail enabled? - YesSelector for DKIM record name - "put here whatever you want, e.g. myawesomedkim"
Reject incoming email with invalid DKIM signature? - Yes
Force generation of new private key? - up to you
Size of new DKIM key - 2048
Additional domains to sign for - list all domains you want to use DKIM
DNS records for additional domains - check if you have this option and filled with a code
Virtualmin - select virtual server, e.g. mygreatdomain.tld - Server Configuration - DNS Options:
SPF record enabled? - YesAllowed sender hostnames - mygreatdomain.tld (optional)
Allowed sender mail domains - mygreatdomain.tld (better to fill up the domain here but you can use both options)
Allowed sender IPv4 addresses - it should be automatically filled if not put your server IP
Allowed sender IPv6 addresses - if you have any
Included domains to allow - usually you dont need this
Action for other senders - Disallow (my default) or Discourage
DMARC record enabled? - Yes
DMARC policy for emails that fail SPF or DKIM - Reject (my default)
Percentage of messages to apply policy - 100%
Virtualmin - select virtual server, e.g. mygreatdomain.tld - Server Configuration - DNS Records:
- check if you have SPF record- check if you have DKIM record, "myawesomedkim._domainkey"
Optional:
- add:_dmarc.mygreatdomain.tld. IN TXT "v=DMARC1; pct=100; ruf=mailto:postmaster@mygreatdomain.tld; rua=mailto:postmaster@mygreatdomain.tld; p=reject"
- add:
_adsp._domainkey.mygreatdomain.tld. IN TXT dkim=all
If you lower your TTL before all changes you should get fast result if not wait until DNS will propagate.
- I often come to the conclusion that my brain has too many tabs open. -
Failing at desktop publishing & graphic design since 1994.
Hey Erik thank you verymuch
YES i did all this but still by testing says that spf and dkim are not avalible in my vps
szer0p how did you test your emails? If you check all details i posted in my previous post then i would like to suggest you to go here: "https://www.unlocktheinbox.com/resources/emailauthentication/", then log to usermin and send a email to "mailtest@unlocktheinbox.com", wait few minutes and see what result you will get. For something faster but with less details go here: "http://www.mail-tester.com/", copy random generated email and send empty email. Then click on "check" and see what you get.
P.S. If you use first option be sure to enable html in your emails (usermin) so you will have better overview of the result.
- I often come to the conclusion that my brain has too many tabs open. -
Failing at desktop publishing & graphic design since 1994.
Hello Erik
yes i checked all the details above
i send a email to mailtest@unlocktheinbox.com i didnt get any email back but i used the other website
i got also negative 5/10 score
Ihre DKIM Signatur ist not right , the spf also and dmarc .. Your DKIM signature is not valid v=1; a=rsa-sha256; c=relaxed/simple; d=domain.com; s=default; t=1428063302; bh=Mc9oiGjr1ytBGKVZJo2JPdf/rUeD1EWN/kZhlsP/1pw=; h=From:Subject:To:Date; b=Mn8Yku+XfTRMZUYBMz2B6BoJByov2TCl3zRh1Ie0Ns9bVpIyh/rYUSdBnRMz/9SNJ63/bM4OYYXRoq9zpMS6osthC7WtcahFNZ4bZfUEA74D/tHyoIb/js2r23MeekvlLXCDAd8O5Tij0jsYvGtvmNojtVPYu0QQP2iI8gpuTHQ=
but this is not the dkim recorde in my dns record and i have another sector not default .. can is the problem with my dns in the server ? i dont know i did all things as u told me
what can i do now
thanks
i think i have resolved the problem the SPF is now active but thie dkim is still invailed
DKIM Information:
DKIM Signature
Message contains this DKIM Signature: DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=domain.com; s=default; t=1428074501; bh=g3zLYH4xKxcPrHOD18z9YfpQcnk/GaJedfustWU5uGs=; h=Date:From:To:Subject; b=QQgR83rUeGB5zCTdDNWoWyVKJkXO9hZzpq3u45PsBtM6Se/v9NuR8ZI1g4kffS72+ eSFI211gpMQWAiTrn4lX/iklO3JVYcwYATKA25yILk4Vrga/NOCD75o4CT0s9xm/eE 3Dda+OZCdNbFniS2D8bP7Ir+IdJGnKJeffw64UJE= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=domain.com; s=default; t=1428074501; bh=g3zLYH4xKxcPrHOD18z9YfpQcnk/GaJedfustWU5uGs=; h=Date:From:To:Subject; b=QQgR83rUeGB5zCTdDNWoWyVKJkXO9hZzpq3u45PsBtM6Se/v9NuR8ZI1g4kffS72+ eSFI211gpMQWAiTrn4lX/iklO3JVYcwYATKA25yILk4Vrga/NOCD75o4CT0s9xm/eE 3Dda+OZCdNbFniS2D8bP7Ir+IdJGnKJeffw64UJE=
Signature Information: v= Version: 1 a= Algorithm: rsa-sha256 c= Method: relaxed/simple d= Domain: domain.com s= Selector: default q= Protocol:
bh= g3zLYH4xKxcPrHOD18z9YfpQcnk/GaJedfustWU5uGs= h= Signed Headers: Date:From:To:Subject b= Data: QQgR83rUeGB5zCTdDNWoWyVKJkXO9hZzpq3u45PsBtM6Se/v9NuR8ZI1g4kffS72+ eSFI211gpMQWAiTrn4lX/iklO3JVYcwYATKA25yILk4Vrga/NOCD75o4CT0s9xm/eE 3Dda+OZCdNbFniS2D8bP7Ir+IdJGnKJeffw64UJE= Public Key DNS Lookup
Building DNS Query for default._domainkey.domain.com Retrieved this publickey from DNS: Validating Signature
result = invalid Details: public key: not available
Did you try to generate new key? Maybe something went wrong with one you have now? Another thing if you didnt get any result from mailtest@unlocktheinbox.com it could be two things, you are blacklisted with them (easy to remove, check their page how) or you have problem with your email server. This could be another thing to consider. This is why Virtualmin is best to install on clean OS, while i had several problems with Centos 7 (probably they sort it until now) on 6.6 it works good.
- I often come to the conclusion that my brain has too many tabs open. -
Failing at desktop publishing & graphic design since 1994.
Ooh this is crazy .. anyway i have centos 6.6
when i check the DKIM from http://dkimcore.org/c/keycheck i write the sector name and my domain name then i get this " This is a valid DKIM key record"
how could is here valid and other test method not valid ?
now another problem that i sloved it befor 7 days .. not reciving emails i tried to send from hotmail i didnt get the email but i get email from the same server ..
:(
when i try to generate a new key i got this Error
Finding virtual servers to enable DKIM for ..
.. found 2 servers
Extracting public key from private key in /etc/dkim.key ..
.. done
Setting domain and selector in DKIM filter configuration ..
.. done
Adding DKIM records to DNS domain domain.com ..
.. records already exist
Adding DKIM records to DNS domain domain.de ..
.. records already exist
Enabling DKIM filter at boot time ..
.. done
Starting DKIM filter ..
.. start failed : Starting DomainKeys Identified Mail Milter (dkim-filter): dkim-filter: smfi_opensocket() failed [FAILED]
DKIM setup failed!
Error in the mail log
Apr 3 23:41:17 server dkim-filter[8014]: Sendmail DKIM Filter: Unable to bind to port inet:8891@localhost: Address already in useApr 3 23:41:17 server dkim-filter[8014]: Sendmail DKIM Filter: Unable to create listening socket on conn inet:8891@localhost
Apr 3 23:41:17 server dkim-filter[8014]: smfi_opensocket() failed
i checked for the port 8891 netstat -nlp | grep 8891
i got this tcp 0 0 127.0.0.1:8891 0.0.0.0:* LISTEN 8042/opendkim
but i removed opendkim !! how can remove it from this port and make the dkim-filter insted of it?
i solved the problem i fotget to delete this from main.cf milter_protocol = 2 smtpd_milters = , inet:127.0.0.1:8891, inet:127.0.0.1:12768,inet:localhost:8891 non_smtpd_milters = , inet:127.0.0.1:8891, inet:127.0.0.1:12768,inet:localhost:8891 milter_default_action = accept
i will then wait till tomorrow and check it again
thanks
the DKIM RECORD is this:
dkimpal._domainkey.domain.com. IN TXT ( "v=DKIM1; k=rsa; t=s; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4DEwZ6uo3Px3c""zUuxpdPtIBqzc4IVHeZURfF9XSrXoBScB6SN5KmXUponrPIsM/WjuAeoa+s3RqxHtU3eKnuZK1pcMgl2"
"csf/oMdJLJ38PZU4T5yNQpmRf2w/J25p1M8sxX+FawCS1aAhZaQ72GOj/GTlhJarqDjiSpS8cyOSPNvb"
"5rrPdaZWZ+msz5q/hfaxUqtFgu13oiD8Fsw6jxF2a05/lKKB6Az2PI0i6cZ/ajCH5Mgdo34+ODOsNodC"
"PEv+fqe7sgQ2cZusKyVkIVJ981B6OAFzIS7GjoV0t/o9qS7YqxukMUtPu9NACa6oWNoxPLwT6DW9Cw+E"
"aueN+QcswIDAQAB" )
the TEST for the DKIM is this
The DKIM signature of your message is:
v=1;
a=rsa-sha256;
c=simple/simple;
d=domain.com;
s=dkimpal;
t=1428273719;
bh=g3zLYH4xKxcPrHOD18z9YfpQcnk/GaJedfustWU5uGs=;
h=Date:To:Subject:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-Id:From;
b=WubnCeofbVDFcShMZ+7zK6HZlicSnowxNQC6SolrSmJ3MH4QPS9zzNiLo0eax+1kPZhOb84qB8/eN//R7iCPt2aTxEpkUDc6XacTdYJsiiG7sSp3zSbCm99d6XGmtYssYrBemQtHPhgpCrRd4hT8HHRQUo1DeVCzlXTwRgaCkw4orb8QL9kxg8TFHSjZacHgmQanbSWqEeVATE6hTcM3dgYUJt/kdKtHLswghiYBAHKdIkcmfOwuuo7BztVfePPlIBFpBTPxtwzJqfz/jDg7qS3uKqqK5Etc9h+Ztf1YO471+GH8TumXDXYofONcTOcX7LXZNwwcoMKEFnTAytmdxA==
Your public key is:
"v=DKIM1;
k=rsa;
t=s;
p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuZAimH4VzznW3lDiXTOqq0Rzb17RC1oO+fFCd9dldX4wR0jY7iFcOD5OSoN+kzYYibUckhcZJ/kP8W98KGegE2njGkDngVQjHLPCq3tacR+2iQ5RR/LMbAJn4J2+CpViOmq9cQWwC/zGH+SGcIQo872h0kDxm6kKJ0y4WM6JxZ433K2CKfxRMyG9off6""e2VqeAt1AgE3Ky3Mc2jy1zR0Gb1s5aHL38uIg9jYOjIwHlY+BHWgqQBI65fdCx1iNwplbVyul5fCQUShcorB6AzDdBtjg2+JQX99niiBjKxBkkWLxl5mgaMnigvzJYslWWYW25p2QECn6EUBwHB5N6fYvwIDAQAB"
key length: 2048bits
DKIM Signatur is not valid
What is the Problem now ? :( why is the invalied .. when i check http://dkimcore.org/c/keycheck i get This is a valid DKIM key record..
can u please help me ??
Hello,
I had the same error message about invalid dkim record on my servers main account. I have entered the Master DNS information before turning it into a web/email account. So I think my problem was it didn't get updated because when I made the virtual server for the Master DNS I didn't tick create the DNS record because it was already created.
I had to enter the keys manually by copy and paste from another account. If you don't have another account and you are only using one, you can still copy and paste from "DNS records for additional domains" that's in the "DomainKeys Identified Mail"
Hello berndtnetwork,
Thanks for reply but i didnt get it what do u mean exactly i have only one website with 2 domains and till now i get the same error ..
i dont know how can i fix it
any idea?