This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
internet:mail:sender_auth [2019/05/07 10:13] gcooper |
internet:mail:sender_auth [2019/05/08 08:48] (current) gcooper |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== DKIM and DMARC ====== | + | ====== |
- | ===== DKIM ===== | + | FIXME Incomplete |
- | DomainKeys Identified Mail or **DKIM** is a standard for signing email messages so that the recipient can verify the sender's email address. This allows recipient mail servers to detect sender address forgery, which is often used by spammers to avoid sender | + | SPF (sender |
- | + | ||
- | Signing is done with a **private key on the sender's server**, which matches a **public key added to in the sender' | + | |
===== Testing ===== | ===== Testing ===== | ||
+ | |||
+ | **Various Tools**: https:// | ||
**DKIM Test Tool**: https:// | **DKIM Test Tool**: https:// | ||
Line 13: | Line 13: | ||
**DMARC Test Tool**: https:// | **DMARC Test Tool**: https:// | ||
- | A very useful test is to send a message from the domain under test to a Gmail address. | + | A very useful test is to **send a message from the domain under test to a Gmail address**. Once the message is received in Gmail, perform a '' |
+ | ===== SPF ===== | ||
- | ===== Virtualmin ===== | + | SPF is the most widely used sender authentication mechanism. |
+ | A DNS SPF (TXT) record just tells the recipient server which sender servers are authorized to send e-mail for a particular domain. | ||
+ | ==== Virtualmin ==== | ||
- | ===== Zimbra ===== | + | **Virtualmin -> < |
- | https:// | + | {{ : |
+ | |||
+ | ===== DKIM ===== | ||
+ | |||
+ | **DKIM** is a standard for signing email messages so that the recipient can verify the sender' | ||
+ | |||
+ | Signing is done with a **private key on the sender' | ||
+ | |||
+ | ==== Virtualmin ==== | ||
+ | |||
+ | <note warning> | ||
+ | |||
+ | https:// | ||
+ | |||
+ | Virtualmin uses a **milter** (daemon) to implement DKIM signing and verification. | ||
+ | |||
+ | **Virtualmin -> E-Mail Settings -> DomainKeys Identified Mail** | ||
+ | |||
+ | {{ : | ||
+ | |||
+ | ==== Zimbra ==== | ||
+ | |||
+ | <note tip> | ||
+ | |||
+ | **Important**: | ||
https:// | https:// | ||
+ | |||
+ | ===== DMARC ===== | ||
+ | |||
+ | < | ||
+ | |||
+ | DMARC is a mechanism to tell receiving mail servers exactly how to treat failures of SPF and DKIM checks. | ||
+ | |||
+ | DMARC also includes a mechanism to report failures back to administrators of sender domains. |