no way to compare when less than two revisions
Differences
This shows you the differences between two versions of the page.
— | mail_servers [2018/10/29 01:57] (current) – created - external edit 127.0.0.1 | ||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ====== Mail Servers ====== | ||
+ | * [[SendGrid]] | ||
+ | * [[mailx]] | ||
+ | * [[opendkim]] | ||
+ | * [[postfix]] | ||
+ | * [[sendmail]] | ||
+ | * [[ssmtp]] | ||
+ | |||
+ | * [[http:// | ||
+ | * [[http:// | ||
+ | * [[http:// | ||
+ | * [[http:// | ||
+ | * [[http:// | ||
+ | * [[http:// | ||
+ | * [[http:// | ||
+ | * [[https:// | ||
+ | * [[https:// | ||
+ | |||
+ | === SPF Records === | ||
+ | |||
+ | SPF records are DNS '' | ||
+ | |||
+ | Here's a basic example where any email sent out from the domain' | ||
+ | |||
+ | Using as an example, '' | ||
+ | |||
+ | < | ||
+ | v=spf1 a -all | ||
+ | </ | ||
+ | |||
+ | Authorize only servers that have MX entries in DNS (such as mail.beandog.org), | ||
+ | |||
+ | < | ||
+ | v=spf1 mx -all | ||
+ | </ | ||
+ | |||
+ | Find the current MX servers using dig: | ||
+ | |||
+ | < | ||
+ | dig +short mx beandog.org | ||
+ | 0 mail.beandog.org. | ||
+ | </ | ||
+ | |||
+ | Allow a specific IP address to send mail: | ||
+ | |||
+ | < | ||
+ | v=spf1 ip4: | ||
+ | </ | ||
+ | |||
+ | === MX Records === | ||
+ | |||
+ | To create DNS entries for an MX server, there are two parts: the A entry for the mail server, and the MX entry for the name assigned to the A entry. | ||
+ | |||
+ | This example uses a subdomain to set to the mail server. Even though it's not needed, it make using the exampler simpler. | ||
+ | |||
+ | First add an A address for '' | ||
+ | |||
+ | Next, add an MX entry for entry '' | ||
+ | |||
+ | This approach allows an external server that may or may not have '' | ||
+ | |||
+ | === DKIM === | ||
+ | |||
+ | Use [[openssl]] to generate a private/ | ||
+ | |||
+ | < | ||
+ | openssl genrsa -out dkim_rsa 1024 | ||
+ | openssl rsa -in dkim_rsa -pubout -out dkim_rsa.pub | ||
+ | </ | ||
+ | |||
+ | Here's **an example** of a private and public key pair: | ||
+ | |||
+ | < | ||
+ | -----BEGIN RSA PRIVATE KEY----- | ||
+ | MIICXAIBAAKBgQCt5N5njq8VngIYr9S6KbIcfqkVAUdo2Bi7JoAa0G6TuOzCg73/ | ||
+ | ByfJzOZFaKlOLdihVfJy2LqaciMtseBJoXhMgH/ | ||
+ | SqzFdberGaiRTDbavdTIDfpYmX8jyyP1Rg5j1S3rppeHeBixA2fcdrWSRQIDAQAB | ||
+ | AoGActPKuP9TRicMo1iYVEXsQzywUhqCGQ15ZzvJI+u22P0n+locQCdtcqhG9lZi | ||
+ | VimX/ | ||
+ | PAgy05DJkXHSZhhlWZvCffC385DuIIaqYnW3DUZOyGvLdBECQQDcHJzUBjvFrI6j | ||
+ | 8I+tvk4vIy5hcKgimnr+kYmTo2wBr54KWtTKX+Vq2zbXNCz+yJ/ | ||
+ | ONqRgsbjAkEAyj8kxUwyd4AUuItCCLbqydSQ7pMOWmFjkt2v0H9+Do05moejK+sj | ||
+ | Wn1MF23eE2rv3wtQ18/ | ||
+ | x1ojd4lzJPgA1BzfL0UNGtBfXAb6ZdxewIHSz2S2Ti71pa8d1Xra/ | ||
+ | EYfuF7KbyrpLsRGZHEeiLOaRh1// | ||
+ | gwOW5FvZPN4yFNxn4h0CQBfaCVymFJM+hkwlCLwHxg0PUZChlHgSa/ | ||
+ | kibarRT1Lfl8FY4XWeXMi+8pt3Nma2FuHFPY8+M5Y78= | ||
+ | -----END RSA PRIVATE KEY----- | ||
+ | </ | ||
+ | |||
+ | < | ||
+ | -----BEGIN PUBLIC KEY----- | ||
+ | MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCt5N5njq8VngIYr9S6KbIcfqkV | ||
+ | AUdo2Bi7JoAa0G6TuOzCg73/ | ||
+ | E2tLEXM3Sw4ub4PSXsXsYysSSqzFdberGaiRTDbavdTIDfpYmX8jyyP1Rg5j1S3r | ||
+ | ppeHeBixA2fcdrWSRQIDAQAB | ||
+ | -----END PUBLIC KEY----- | ||
+ | </ | ||
+ | |||
+ | You'll need the pubkey string to add to a DNS TXT record: | ||
+ | |||
+ | < | ||
+ | grep -v " | ||
+ | </ | ||
+ | |||
+ | < | ||
+ | MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCt5N5njq8VngIYr9S6KbIcfqkVAUdo2Bi7JoAa0G6TuOzCg73/ | ||
+ | </ | ||
+ | |||
+ | Choose a name selector to use in the DNS text record which will prefix the name '' | ||
+ | |||
+ | < | ||
+ | nx._domainkey.beandog.org | ||
+ | </ | ||
+ | |||
+ | For the value of the TXT record, use DKIM version, the key type, and the public key string: | ||
+ | |||
+ | < | ||
+ | v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCt5N5njq8VngIYr9S6KbIcfqkVAUdo2Bi7JoAa0G6TuOzCg73/ | ||
+ | </ | ||
+ | |||
+ | === Mail Tester === | ||
+ | |||
+ | [[http:// | ||
+ | |||
+ | You can use '' | ||
+ | |||
+ | < | ||
+ | echo testing email | mail -r [email protected] -s testing [mail-checker address] | ||
+ | </ |