Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
|
mail_servers [2018/10/18 02:07] steve |
mail_servers [2018/10/19 23:28] steve |
||
|---|---|---|---|
| Line 29: | Line 29: | ||
| </code> | </code> | ||
| - | Authorize only servers that have MX entries in DNS (such as mail1.beandog.org, mail2.beandog.org): | + | Authorize only servers that have MX entries in DNS (such as mail.beandog.org), or in other words, for mail servers that receive incoming mail for that domain: |
| <code> | <code> | ||
| Line 42: | Line 42: | ||
| </code> | </code> | ||
| + | Allow a specific IP address to send mail: | ||
| + | |||
| + | <code> | ||
| + | v=spf1 ip4:208.111.40.179 -all | ||
| + | </code> | ||
| + | |||
| + | === DKIM === | ||
| + | |||
| + | Use [[openssl]] to generate a private/public key pair (using here similar naming scheme to SSH so it makes more sense): | ||
| + | |||
| + | <code> | ||
| + | openssl genrsa -out dkim_rsa 1024 | ||
| + | openssl rsa -in dkim_rsa -pubout -out dkim_rsa.pub | ||
| + | </code> | ||
| + | |||
| + | Here's **an example** of a private and public key pair: | ||
| + | |||
| + | <code> | ||
| + | -----BEGIN RSA PRIVATE KEY----- | ||
| + | MIICXAIBAAKBgQCt5N5njq8VngIYr9S6KbIcfqkVAUdo2Bi7JoAa0G6TuOzCg73/ | ||
| + | ByfJzOZFaKlOLdihVfJy2LqaciMtseBJoXhMgH/eE2tLEXM3Sw4ub4PSXsXsYysS | ||
| + | SqzFdberGaiRTDbavdTIDfpYmX8jyyP1Rg5j1S3rppeHeBixA2fcdrWSRQIDAQAB | ||
| + | AoGActPKuP9TRicMo1iYVEXsQzywUhqCGQ15ZzvJI+u22P0n+locQCdtcqhG9lZi | ||
| + | VimX/xFOA+BxeEMeT7JBtN1XHbZmWheWC1xxLoY/R9M7fLfpKYKYXtq4kf70h4Gi | ||
| + | PAgy05DJkXHSZhhlWZvCffC385DuIIaqYnW3DUZOyGvLdBECQQDcHJzUBjvFrI6j | ||
| + | 8I+tvk4vIy5hcKgimnr+kYmTo2wBr54KWtTKX+Vq2zbXNCz+yJ/Zclxn+XDreLe6 | ||
| + | ONqRgsbjAkEAyj8kxUwyd4AUuItCCLbqydSQ7pMOWmFjkt2v0H9+Do05moejK+sj | ||
| + | Wn1MF23eE2rv3wtQ18/v+sNOpo3IEtfitwJAVoptYrNcttikcHJ5mx8SkFftuWPY | ||
| + | x1ojd4lzJPgA1BzfL0UNGtBfXAb6ZdxewIHSz2S2Ti71pa8d1Xra/JEFbwJBALL4 | ||
| + | EYfuF7KbyrpLsRGZHEeiLOaRh1//UmgCeLRePaSO4GyYnpIcr9pBinYpKR2xwbZ0 | ||
| + | gwOW5FvZPN4yFNxn4h0CQBfaCVymFJM+hkwlCLwHxg0PUZChlHgSa/9AqPV1j3UU | ||
| + | kibarRT1Lfl8FY4XWeXMi+8pt3Nma2FuHFPY8+M5Y78= | ||
| + | -----END RSA PRIVATE KEY----- | ||
| + | </code> | ||
| + | |||
| + | <code> | ||
| + | -----BEGIN PUBLIC KEY----- | ||
| + | MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCt5N5njq8VngIYr9S6KbIcfqkV | ||
| + | AUdo2Bi7JoAa0G6TuOzCg73/ByfJzOZFaKlOLdihVfJy2LqaciMtseBJoXhMgH/e | ||
| + | E2tLEXM3Sw4ub4PSXsXsYysSSqzFdberGaiRTDbavdTIDfpYmX8jyyP1Rg5j1S3r | ||
| + | ppeHeBixA2fcdrWSRQIDAQAB | ||
| + | -----END PUBLIC KEY----- | ||
| + | </code> | ||
| + | |||
| + | You'll need the pubkey string to add to a DNS TXT record: | ||
| + | |||
| + | <code> | ||
| + | grep -v "^-" dkim_rsa.pub | awk 1 ORS='' | ||
| + | </code> | ||
| + | |||
| + | <code> | ||
| + | MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCt5N5njq8VngIYr9S6KbIcfqkVAUdo2Bi7JoAa0G6TuOzCg73/ByfJzOZFaKlOLdihVfJy2LqaciMtseBJoXhMgH/eE2tLEXM3Sw4ub4PSXsXsYysSSqzFdberGaiRTDbavdTIDfpYmX8jyyP1Rg5j1S3rppeHeBixA2fcdrWSRQIDAQAB | ||
| + | </code> | ||
| === Mail Tester === | === Mail Tester === | ||
