Thursday, 10 July 2014

DKIM Signing for postfix mail server Ubuntu Server 12.04


85171738-17ee-4b99-8447-a0f3dae6005e.jpg

DomainKeys Identified Mail (DKIM)

  Lets an organization take responsibility for a message that is in transit. The organization is a handler of the message, either as its originator or as an intermediary. Their reputation is the basis for evaluating whether to trust the message for further handling, such as delivery. Technically DKIM provides a method for validating a domain name identity that is associated with a message through cryptographic authentication.
In essence, it will help you to avoid going your mail into spam. Follow each steps remember to change example.com with your domain.
And selector with your selector(ie, any text).

1.Login to root and install opendkim

sudo su
   sudo apt-get install opendkim opendkim-tools

2.Making directory and generating keys

mkdir /etc/opendkim/
   cd /etc/opendkim
-s means selector so change the word after it we have to chose a selector, here selector
-d means domain so change the word after it as our need,here example.com
opendkim-genkey -s selector -d example.com 

thus two files selector.txt selector.private are created

3.Adding user and making appropriate permissions

To check user a user ‘opendkim’ exists or not
grep opendkim /etc/passwd
Now run this also
chmod 700 /var/run/opendkim
If user is not already there we have to add the user
useradd -r -g opendkim -G mail -s /sbin/nologin -d /var/run/opendkim -c "OpenDKIM" opendkim
Change ownership to opendkim
chown opendkim:opendkim selector.private
To check the ownership of any file use also may use
ls -la /etc/opendkim | grep selector

4.Publishing DNS Record

cat selector.txt
On typing above command, you get a result like  this
selector._domainkey IN TXT "v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC5N3lnvvrYgPCRSoqn+awTpE+iGYcKBabe8HHbcFfCIIVty76o4PhCoGZSaKVHOjDm4yefKXhQjM7iKzEPuBatE7O47hAx1CJpNuIdLxhILSbEmbMxJrJAG0HZVn8z6EAoOHZNaPHmK2h4UUrjOG8zA5BHfzJf7tGwI+K619fFUwIDAQAB" ; ----- DKIM key mail for example.com
Add TXT record from your hosting websites (for example, digitalocean’s) control panel.  A
selector._domainkey
. In our case, copy
selector._domainkey
in name field copy the text included in “” (including “) to text field from above result. A selector mail is shown in example given below
image
To check the status of dns // or you can use http://dkimcore.org/tools/
dig selector._domainkey.example.com txt  +short 
Test the key with server
opendkim-testkey -d example.com -s selector -k selector.private -vvv

5.Edit the OpenDKIM configuration file


cp /etc/opendkim.conf /etc/opendkim.conf.bk
nano /etc/opendkim.conf
cat /etc/opendkim.conf
On entering above command you can see my configuratoin of opendkim, # is used to comment
# Log to syslog
Syslog         yes
# Required to use local socket with MTAs that access the socket as a non-
# privileged user (e.g. Postfix)
UMask          022
# Sign for example.com with key in /etc/mail/dkim.key using
# selector '2007' (e.g. 2007._domainkey.example.com)
#Domain     example.com
#KeyFile     /etc/opendkim/key1.private 
#Selector     key1
# Commonly-used options; the commented-out versions show the defaults.
Canonicalization     relaxed/simple
Mode             sv #s sign v verify
SubDomains          yes
#ADSPDiscard          no
# Log to syslog
Syslog              yes
SyslogSuccess          yes
LogWhy              yes
# Required to use local socket with MTAs that access the socket as a non-
# privileged user (e.g. Postfix)
UMask              022
UserID              opendkim:opendkim
#
KeyTable          /etc/opendkim/key
SigningTable          refile:/etc/opendkim/sign
ExternalIgnoreList     refile:/etc/opendkim/TrustedHosts
InternalHosts         refile:/etc/opendkim/TrustedHosts
# Hashing Algorithm
SignatureAlgorithm     rsa-sha256
#
Socket             inet:8891@localhost
# Always oversign From (sign using actual From and a null From to prevent
# malicious signatures header fields (From and/or others) between the signer
# and the verifier. From is oversigned by default in the Debian pacakge
# because it is often the identity key used by reputation systems and thus
# somewhat security sensitive.
OversignHeaders      From
# List domains to use for RFC 6541 DKIM Authorized Third-Party Signatures
# (ATPS) (experimental)
PidFile         /var/run/opendkim/opendkim.pid AutoRestart         Yes AutoRestartRate     10/1h #ATPSDomains         example.com #EOF

5.Working with text files (TrustedHosts,SigningTable,KeyTable)

Edit /etc/default/opendkim: Uncomment this row and use port 8891:

SOCKET="inet:8891@localhost" # listen on loopback on port

To allow connection through firewall
 
sudo iptables -A INPUT -i lo -j ACCEPT

Now create a file
 
nano /etc/opendkim/key

 And add the line
 
selector._domainkey.example.com example.com:selector:/etc/opendkim/selector.private

Create another file
 
nano /etc/opendkim/TrustedHosts

And add the following lines
 
127.0.0.1 
localhost 
example.com
*.example.com 
123.123.123.123 #(IP address of your server, if applicable)

Create another file
 
nano /etc/opendkim/sign

And add the following line at end
 
*@example.com selector._domainkey.example.com

Take a backup of postfix configuration file, which may be useful incase any errors.
 
cp /etc/postfix/main.cf /etc/postfix/main.cf.bk

Edit /etc/postfix/main.cf and add the lines to the end

nano /etc/postfix/main.cf
milter_default_action = accept 
milter_protocol = 2 
smtpd_milters=inet:localhost:8891 
non_smtpd_milters=inet:localhost:8891

6.Restart opendkim and postfix

service opendkim restart
service postfix restar
#also use service postfix status to check the status

Logs

#you can look at logs, THIS HIGHLY USEFUL
vim /var/log/mail.log
vim /var/log/mail.err

Now if we want many domains

Do replace example.com and selector for each domains
What we have to do is to
1. generate one more key
sudo su
cd /etc/opendkim
opendkim-genkey -s [selector] -d example.com 
# replace both [selector] and      example.com with new selector and domain name
2. Change permission of generated key file
chown opendkim:opendkim [selector].private #[selector] we used in above step
3.add the details in TrustedHosts,SigningTable,KeyTable
Create the file
nano /etc/opendkim/key
And add the following line at end
        [selector]._domainkey.example.com example.com:[selector]:/etc/opendkim/[selector].private
Create the file
nano /etc/opendkim/sign
And add the following line
*@example.com
[selector]._domainkey.domain.com
Create the file
nano /etc/TrustedHosts
And add the following line
       *.domain.com
       domain.com
Also remember to restart opendkim and postfix each time.
service opendkim restart
sevice postfix restart
Finally send
or http://www.brandonchecketts.com/emailtest.php
or use http://www.mail-tester.com
to check the status of DKIM Signing by sending mails to these.

Reference

http://askubuntu.com/questions/134725/setup-dkim-domainkeys-for-ubuntu-postfix-and-mailman
(i started with this, then followed his reference )
http://stevejenkins.com/blog/2010/09/how-to-get-dkim-domainkeys-identified-mail-working-on-centos-5-5-and-postfix-using-opendkim/
(I think the best tutorial but on centos)
http://www.cioby.ro/linux/configuring-opendkim-to-sign-postfix-emails.html
http://linuxaria.com/howto/using-opendkim-to-sign-postfix-mails-on-debian

https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-dkim-with-postfix-on-debian-wheezy
(TXT related portion is misleading)

Wednesday, 4 June 2014

Making colorful PDFs from web pages

This article show how to print the web pages into pdf.




Press Ctrl + P after completely loading the page.

Chrome


In Google Chrome select Save as PDF, set Margins: None and tick Background colors and images.


Now press Save button and give the filename. This is gives best pdf on my experience.

Firefox


For Firefox, in windows, you may not get print to pdf options by default. So you have to install either PDFCreator or PrismoPDF.

After pressing Ctrl + P

You get  a window, shown below, from which you have to select Printer Name ( PDFCreator here)
You can make sure it is color by clicking in Properties in the above windows

Now press ok. Then get another windows in which you have to select Save.

 If you like you can also try changing options in the above figure.

Monday, 28 April 2014

Playing Android Games, Running APK in Windows 7,XP etc.

First you need to install Bluestacks


Bluestacks Download

After downloading this file you have to run the file to complete the installation process.

You need Internet connection to complete the above step

After installation is done you can install almost any apps from PlayStore, or 1mobile.


Also if you have apk file then you can install by double clicking it (No internet needed).


You can access apps from Apps shortcut  in the Desktop.

   NB:- You need atleast 2GB to run this app

Sunday, 13 April 2014

GNU/Linux vs BSD Comparison

As i am an avid supporter of open source i am here to suggest this link


GNU/Linux vs BSD

Monday, 31 March 2014

Google Input Tools: Typing many Languages with ease in Windows

This post shows you how to type many languages with ease. If you know how to pronounce, then you can type.

For example, if you know Malayalam, then you can type it in just how it sounds in english(Manglish).


Ente veedu itha എന്‍റെ വീട്‌ ഇതാ



Now let me show how to work with Hindi









 mera nam ajeeb hum मेरा नाम अजीब हुं .






 Installation

 Go to Google Input Tool

Now select from available languages and download it.

After installation you will see some thing like this in Taskbar



Now you select one of your language. I am familiar with only these four. You can have even more.

You can use Ctrl + J to Toggle between two Languages


Select your language and type. That's it. It is supported in almost any applications (except some versions of Adobe Photoshop, as my friend told me).

 If you find it difficult to type some thing you may click on the keyboard symbol show and click on any symbols.





 for example when i typed hum हु  after typing hu i used the keyboard and clicked on symbol.




Use the Input tools online (Also work for Linux)

If you are not using Windows. It may be your choice. It makes you easy.
Go to linke below and type


Then copy and past it to some where you want to do.

How to Type Malayalam in Linux

Visit my friends blog

Ashik Sp's Malayalam Typing





Thursday, 27 March 2014

AndroVMPlayer : Improved Android Virtual Machine

AnrdoVMPlayer


AndroiVMPlayer is built on on VirtualBox it provides a performance increase to our installed Android (AndroVM's built in Android Virtual Machine, see Official Page )

What you want to do is just install Android as i mentioned in the post (AndroVM).

Just extract the zip file into a place where you like. (Zip 32-bit, Zip 64-bit Download appropriate version for your operating System).

Right click on AndroiVMPlayer.exe , then from the menu, Send To > Desktop (Create Shortcut) .

Now on Desktop there will be a icon







 Running the AndroVMPlayer

Now right click on it and Run it as Admin

 

  Now select a Resolution  that you like  and Android you previously installed.
 Press Run.

Some time it says Virtual Machine (VM) is in incompatible state. It is due to the state of VM inside your VirtualBox is Saved.
So you should open the AndroVM using VirtualBox (Start),

 

  then close it and PowerOff the Machine.




Now start your AndroVMPlayer