DKeyEvent - DomainKeys and DKIM for MailEnable [v 0.4.8]

Discussion, support and announcements for third party applications that work with MailEnable.
Post Reply
someone_else
Posts: 302
Joined: Tue Jul 19, 2005 1:12 pm
Location: 404

verifiers

Post by someone_else » Sun Sep 02, 2007 2:46 pm

Fred wrote:Is there a good list of places you recommend for testing?
Some up to date verifiers you can try are: check-auth @ verifier.port25.com, sa-test @ sendmail.net, dkim-test @ altn.com or dktest @ exhalus.net.
MailEnable plugins:
DKeyEvent - DomainKeys/DKIM
MESpamC - SpamAssassin integration

Fred
Posts: 132
Joined: Sat Mar 20, 2004 10:23 am

Post by Fred » Mon Sep 03, 2007 10:40 am

Have you seen the thread over at MEfilter about linking MEfilter with Dkey?

http://mefilter.com/cs/forums/p/1431/9074.aspx#9074

The author of MEfilter reckons that all that is needed is a .DLL file that can be called as one of the standard filters before MEFilter actually does anything with the original email and all will work.

Don't suppose you and Martyn would link forces in the fight of spam?

someone_else
Posts: 302
Joined: Tue Jul 19, 2005 1:12 pm
Location: 404

...

Post by someone_else » Mon Sep 03, 2007 11:55 am

Well, as I have previously mentioned, DKeyEvent was never designed to be a DomainKeys library; it was designed to be a pickup event. Due to its design, changing from one to the other would actually involve a lot of work and in all honesty, that simply does not appear to be justified given the number of people who would actually use this. Of course, I'm not saying that this will never happen; I understand that MEFilter is a good program, and if there was sufficient demand, I would certainly consider the plugin option, but there are, at present, no plans for this.
MailEnable plugins:
DKeyEvent - DomainKeys/DKIM
MESpamC - SpamAssassin integration

Fred
Posts: 132
Joined: Sat Mar 20, 2004 10:23 am

Post by Fred » Mon Sep 03, 2007 1:11 pm

what do you use for your mail filtering if you are not using ME Filter?

someone_else
Posts: 302
Joined: Tue Jul 19, 2005 1:12 pm
Location: 404

...

Post by someone_else » Mon Sep 03, 2007 2:14 pm

Fred wrote:what do you use for your mail filtering if you are not using ME Filter?
Notice that MESpamC link in my signature?...

On a related note, I am currently in the process of putting together a small container utility which runs as a pickup event and allows you to define different command files for incoming/outgoing/local messages. This should help people who wish to use DKeyEvent in conjunction with an application which alters messages.
MailEnable plugins:
DKeyEvent - DomainKeys/DKIM
MESpamC - SpamAssassin integration

someone_else
Posts: 302
Joined: Tue Jul 19, 2005 1:12 pm
Location: 404

EventEnvelope

Post by someone_else » Mon Sep 03, 2007 4:54 pm

The EventEnvelope utility is now available.

EventEnvelope is a pickup event container for MailEnable, which allows you to run different command files depending on whether the message it was called on is incoming, outgoing or local.


Installation:

Extract the contents of the archive to your server, and read the included readme.txt file for instructions and details.
MailEnable plugins:
DKeyEvent - DomainKeys/DKIM
MESpamC - SpamAssassin integration

Fred
Posts: 132
Joined: Sat Mar 20, 2004 10:23 am

Post by Fred » Wed Sep 12, 2007 12:07 pm

Shall give this a try this weekend ;)

Have you had any other feedback?

someone_else
Posts: 302
Joined: Tue Jul 19, 2005 1:12 pm
Location: 404

EventEnvelope

Post by someone_else » Wed Sep 12, 2007 12:59 pm

Fred wrote:Have you had any other feedback?
No feedback, no, but it worked ok in my test environment. I expect that there are very few users who would need something like this, though. DKeyEvent can run just fine alongside other filtering applications, as long as these do not alter the original message. It is perfectly acceptable, for example, for another application to add some headers to a message; this will not break DomainKeys signatures. But modifying existing headers (like the subject - always a bad idea IMHO) will invalidate DomainKeys signatures (and any other hash-based cryptografic mechanisms).

My main mail server runs MailEnable + DKeyEvent + MESpamC, and this setup does not require an EventEnvelope.
MailEnable plugins:
DKeyEvent - DomainKeys/DKIM
MESpamC - SpamAssassin integration

Fred
Posts: 132
Joined: Sat Mar 20, 2004 10:23 am

Post by Fred » Fri Sep 14, 2007 8:45 am

So you are saying that as long as the subject and the message body remain as they were then adding any other headers will not invalidate the message?

someone_else
Posts: 302
Joined: Tue Jul 19, 2005 1:12 pm
Location: 404

...

Post by someone_else » Fri Sep 14, 2007 9:00 am

Fred wrote:So you are saying that as long as the subject and the message body remain as they were then adding any other headers will not invalidate the message?
Yes and no; as long as the signed message is intact, then it will pass validation. A DomainKeys signature will normally include most original headers and the message body; anything not signed (like 'variable headers' such as 'Received' or 'Return-Path', or newly added headers) is not taken into account when validating. So it is safe to add new headers, yes, but it is not safe to modify original ones.
MailEnable plugins:
DKeyEvent - DomainKeys/DKIM
MESpamC - SpamAssassin integration

crnunez
Posts: 213
Joined: Sun Jan 25, 2004 8:26 pm

Suggest

Post by crnunez » Wed Jan 02, 2008 8:42 pm

I find in this webpage this data:

http://www.agitos.de/news/dkim-filter-criteria.html

Filter Rules and Trust Levels

Good points!!
Regards,
Robert N.
Zona Hosting - Hosting y Servicios Profesionales en Internet.

someone_else
Posts: 302
Joined: Tue Jul 19, 2005 1:12 pm
Location: 404

Re: Suggest

Post by someone_else » Wed Jan 02, 2008 9:10 pm

crnunez wrote:Filter Rules and Trust Levels - Good points!!
I don't really agree with the author's 0/+ differentiation. His choice might be valid from a theoretical point of view, but the difference between SHA1 and SHA256 or simple and relaxed canonicalization is not a real-life issue (as the chances for the abuse of the former algorithms are very slim, and therefore safe enough to disconsider), in my opinion.
MailEnable plugins:
DKeyEvent - DomainKeys/DKIM
MESpamC - SpamAssassin integration

someone_else
Posts: 302
Joined: Tue Jul 19, 2005 1:12 pm
Location: 404

DKeyEvent 0.4.8

Post by someone_else » Tue Feb 12, 2008 3:30 pm

DKeyEvent 0.4.8 has been released.

Changes in this version:
- option to SignOnlyForTheseRecipients


This option can be used to restrict signing to certain explicitly specified recipient domains. If any domains are specified using this option, then outgoing messages to other domains (i.e. domains not explicitly specified here) will not get signed. The option is defined separately for DomainKeys and DKIM.
MailEnable plugins:
DKeyEvent - DomainKeys/DKIM
MESpamC - SpamAssassin integration

phillife
Posts: 3
Joined: Fri Apr 11, 2008 4:24 am

Post by phillife » Fri Apr 11, 2008 5:36 am

Hi,

can you guys advice me on this? I am running Mailenable and i had install Dkeyevent. But i dun have a internal DNS i am running dydns to host my domain. How do i add my txt record consisting of the key generated from Dkeyevent?

Thanks

someone_else
Posts: 302
Joined: Tue Jul 19, 2005 1:12 pm
Location: 404

...

Post by someone_else » Fri Apr 11, 2008 7:03 am

phillife wrote:i dun have a internal DNS i am running dydns to host my domain. How do i add my txt record consisting of the key generated from Dkeyevent?
If you are not running your own DNS server, you will need to ask your DNS host for assistance with publishing your public keys. Most DNS hosts allow you to create TXT records, but some do not.
MailEnable plugins:
DKeyEvent - DomainKeys/DKIM
MESpamC - SpamAssassin integration

Post Reply