[PLUG] Has anyone here used DKIM or Domain Key with their mail server?

Chris Roberts linux at chrisroberts.org
Tue Aug 26 18:14:32 UTC 2008


After some webmails started rejecting emails from me I set up citadel to 
use the perl dkimproxy. Took a few minutes to set up and it has been 
running solid for awhile now. Granted, there's not a lot of mail going 
out, but it's been working just fine. You don't need an official cert. 
When the mail is received and they are checking the domain keys, they 
just see if your email matches the key in your DNS entry.

-------- Original Message --------
Subject: [PLUG] Has anyone here used DKIM or Domain Key with their mail 
server?
From: Keith Lofstrom <keithl at kl-ic.com>
To: PLUG <plug at lists.pdxlinux.org>
Date: 08/25/2008 05:28 PM

> Domain Key from Yah-o-o is being absorbed into the IETF's DKIM standard. 
> There is apparently a Perl module that can be added to postfix to
> implement this on outbound email.  This is apparently a scheme to
> sign emails with the OpenSSL private key so that a recipient MTA
> can check it with the site's public key. 
> 
> There is a Perl module ( http://dkimproxy.sourceforge.net/ ) that
> supposedly implements this.
> 
> Questions: (1) Is this worth the effort?  (2) Is it a security risk?
> (3) is the dkimproxy module sound?  (4) can you use a self-signed
> cert for this, or do you need an official ($$$) cert from places
> like Thawte or Verisign?  
> 
> Keith
> 



More information about the PLUG mailing list