yes we have finish with SPF, It's ok your english is good :)
Please try :
sudo apt-get install opendkim opendkim-tools
can you try : sudo apt-get install opendkim opendkim-tools
That's Awsome! all you need now is to follow the step by step instructions to configure your server.
please open /etc/opendkim.conf and replace ubuntu.ro by your domain
For the IP address you can keep localhost.
In you situation it is domain.com, please delete the # from the line you want to edit.
Now open /etc/default/opendkim and delete all # from this file, once you finish close and save it
You can replace localhost by your internal IP address if you want.
Once you finish type : opendkim-genkey -t -s mail -d (your domain)
This will generate two files: mail.private which is your private key, and mail.txt which is your DNS record containing your public key. The -s argument supplies the selector (in our case "mail"), the -d argument supplies the domain, and the -t argument says that we are running DKIM in test mode
Now Copy your private key in place: cp mail.private /etc/mail/dkim.key
can you type pwd and send me a screenshot
ok type : cd /etc/mail/ or cd /etc/mail/
Let me know if you can access to this directory
can you try with cd etc/mail/ or etc/mail
can you tell me what is the location of your mail.txt ?
First type : mkdir -p /etc/mail/
then cp mail.private /etc/mail/dkim.key
now type : sudo service opendkim start and test
For the test, please use one of those solutions: http://www.appmaildev.com/en/dkim/
Your satisfaction is my top goal. If you have a moment please rate my service by clicking on one of the faces below, positive ratings are appreciated.
ok good your service is running good, all you need to do now is to test it
JustAnswer has a 100% satisfaction guarantee. We value you as a customer and very much want you to be satisfied.
yes you can.
can you restart dkim and try again please sudo service opendkim restart
any changes ?
Hi, I'm sorry to hear that you still have problem with dkim
Please start over with this configuration : https://rtcamp.com/tutorials/mail/dkim-postfix-ubuntu/
Hope this help
type tail -f /var/log/mail.log or less /var/log/mail.log
Check your mail logs. The Python server logs mail that is rejected or deferred due to SPF. If there is a problem with the policy server or its integration with Postfix, it will be logged.
Is the last line says it's finished. ?
I don't see what the problem is. It looks like everything's working. The logs say there's some outgoing email, it tries to connect to gmail.smtp.in.l.google.com via IPv6, it fails so it tries to connect via 22.214.171.124 and is successful, and the last line says it's finished.
so SPF is working fine, you need just to reconfigure the DKIM
Ok good, Hope it works, If not let me open your uestion to another expert.
Please Only rate if you"re satisfied with my help/asnwers, do not rate an answer as poor/bad service if you're not satisfied
sudo service opendkim start or sudo service opendkim restart
can you type : ps aux | grep opendkim and send me the resuts
Try running the following command
semanage port -a -t milter_port_t -p tcp 8891
sudo service opendkim start
''Or''sudo service opendkim restart
it seems that the network socket is already occupied, try restarting ubuntu and check
Yes it could be, I fear I am not making progress with this case, and cannot necessarily deliver what you are seeking,so I must Opt Out, with sincere regrets.
If and when another Expert takes up the case, you ought to receive a notification email.
please do not rate my answer negativelly this way another can take over
From the web site:
As of July 2015, all supported Postfix releases no longer enable export-grade ciphers, and no longer enable the SSLv2 and SSLv3 protocols. These ciphers and protocols have little if any legitimate use today, and have instead become a vehicle for downgrade attacks. See the announcement for more.
Logjam Attack: this has mostly the same countermeasure as FREAK: disable EXPORT ciphers on the SMTP server side, as described under the next bullet.
FREAK Attack: To protect vulnerable clients execute as root "postconf smtpd_tls_exclude_ciphers=EXPORT; postfix reload". This command removes EXPORT ciphers with opportunistic as well as mandatory TLS. The impact of this attack was already low because each Postfix SMTP server process computes its own own "ephemeral" RSA key and terminates after a limited time.
GHOST Attack: Postfix does not call gethostbyname() since 2005. There is no Postfix code that invokes this function unless Postfix is specifically built for operating systems from more than 10 years ago (this requires the compile-time option "-DNO_IPV6").
If you found this helpful please rate my answer. Thanks'