Skip to main content

Important Records for Mail Domain Name

When you have a domain, for example yourdomain.com, you can create your email address at that domain name like yourname@yourdomain.com. Several domain name records which I consider to be important for mail domain are:

1. MX Record
Of course, it assigns a domain where the mail exchange server is located. For example:

Name Priority Type Data
yourdomain.com 10 MX mx.yourdomain.com

2. SPF Record
SPF is a spam and phishing scam fighting method which uses DNS SPF-records to define which hosts are permitted to send e-mails for a domain. See http://www.openspf.org. For example:

Name Type Data
yourdomain.com TXT "v=spf1 mx mx:yourdomain.com -all"

This configuration means emails sent from all servers defined in MX record of yourdomain.com are permitted by sender organization

3. DKIM Record
DKIM allows an organization to take responsibility for a message in a way that can be verified by a recipient. DKIM defines a domain-level digital signature authentication framework for email through the use of public-key cryptography and using the domain name service as its key server technology (more info).  There are some steps to sign DKIM signature on mail server using amavisd (in latest Ubuntu its name is amavisd-new).

1) Check existing keys.
$ amavisd-new showkeys

2) Generate new key for new domain.
$ amavisd-new genrsa /var/lib/dkim/yournewdomain.com.pem 1024
$ chown amavis:amavis /var/lib/dkim/yournewdomain.com.pem
$ chmod 0400 /var/lib/dkim/yournewdomain.com.pem

3) Setup amavisd configuration. In Ubuntu, it's located at /etc/amavis/conf.d/50-user.

Find:
dkim_key('yourdomain.com', "dkim", "/var/lib/dkim/yourdomain.com.pem");

Add:
dkim_key('yournewdomain.com', "dkim", "/var/lib/dkim/yournewdomain.com.pem");

Find:
@dkim_signature_options_bysender_maps = ( {
    ...
    "yourdomain.com"  => { d => "yourdomain.com", a => 'rsa-sha256', ttl => 10*24*3600 },
    ...
});

Add:
@dkim_signature_options_bysender_maps = ( {
    ...
    "yourdomain.com"  => { d => "yourdomain.com", a => 'rsa-sha256', ttl => 10*24*3600 },
    "yournewdomain.com"  => { d => "yournewdomain.com", a => 'rsa-sha256', ttl => 10*24*3600 },
    ...
});

Actually, you can also use existing key and don't need to generate new key by mapping the new domain to use existing key.
    "yournewdomain.com"  => { d => "yourdomain.com", a => 'rsa-sha256', ttl => 10*24*3600 },

Or, you can also assign a key for all domains.
dkim_key('*', "dkim", "/var/lib/dkim/yourdomain.com.pem");
Then restart amavisd.

4) Recheck existing keys.
$ amavisd-new showkeys
Copy the value part v=DKIM1; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDYArsr2BKbdhv9efugBy... and remove any quotes and line breaks.

5) Update DNS record for new DKIM information. (Domain providers can take a while for updating its records)

Name Type Data
dkim._domainkey.yourdomain.com TXT v=DKIM1; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBi...

6) Validate DNS record using amavisd. If it returns pass, it works.
$ amavisd-new testkeys

7) Verify using other tools.
$ dig -t txt dkim._domainkey.yourdomain.com
$ nslookup -type=txt dkim._domainkey.yourdomain.com


Comments

Popular posts from this blog

Rangkaian Sensor Infrared dengan Photo Dioda

Keunggulan photodioda dibandingkan LDR adalah photodioda lebih tidak rentan terhadap noise karena hanya menerima sinar infrared, sedangkan LDR menerima seluruh cahaya yang ada termasuk infrared. Rangkaian yang akan kita gunakan adalah seperti gambar di bawah ini. Pada saat intensitas Infrared yang diterima Photodiode besar maka tahanan Photodiode menjadi kecil, sedangkan jika intensitas Infrared yang diterima Photodiode kecil maka tahanan yang dimiliki photodiode besar. Jika  tahanan photodiode kecil  maka tegangan  V- akan kecil . Misal tahanan photodiode mengecil menjadi 10kOhm. Maka dengan teorema pembagi tegangan: V- = Rrx/(Rrx + R2) x Vcc V- = 10 / (10+10) x Vcc V- = (1/2) x 5 Volt V- = 2.5 Volt Sedangkan jika  tahanan photodiode besar  maka tegangan  V- akan besar  (mendekati nilai Vcc). Misal tahanan photodiode menjadi 150kOhm. Maka dengan teorema pembagi tegangan: V- = Rrx/(Rrx + R2) x Vcc V- = 150 / (150+10) x Vcc V- = (150/160) x 5

Kerusakan pada Motherboard

1. Sering terjadi hang memory tidak cocok --- ganti memory ada virus di harddisk --- scan harddisk over clock --- seting kembali clock prosesor ada bad sector di harddisk --- partisi harddisk dengan benar 2. Pembacaan data menjadi lambat memori tidak cukup --- tambah memori harddisk penuh atau ada virus --- kurangi isi harddisk, scan harddisk, atau ganti hardisk 3. CMOS failure baterai habis --- ganti baterai CMOS seting BIOS berubah --- seting kembali BIOS 4. Tidak bisa booting cache memory rusak --- disable eksternal cache memory di BIOS memori tidak cocok --- ganti memori boot sector pada harddisk rusak --- masukkan operating system baru ada bad sector pada trek awal harddisk --- partisi harddisk 5. Suara bip panjang berkali-kali memori rusak --- periksa kedudukan memori memori tidak cocok --- ganti memori memori tidak masuk slot dengan sempurna --- periksa kembali kedudukan memori 6. Suara bip bagus tetapi tidak ada tampilan / bip dua kali VGA card

Raspberry Pi Bluetooth Connection

Raspberry Pi 3 provides built-in bluetooh module. Latest Raspbian has been bundled with tools for enabling bluetooth connection. Bluetooth icon will be showed up on top right corner of the desktop. It's a tool to discover available bluetooth devices and connect Pi with bluetooth devices. It is easy to connect any bluetooth-enabled electronic device with Pi. But, sometimes Pi will fail to make a connection especially for bluetooth device which has no standarized services. From terminal, we can use bluetoothctl tool to scan and connect with a bluetooth device. You should make sure that BlueZ protocol stack has been installed by running $ apt-get install bluez Run bluetoothctl to enter the tool command window Turn the power on by running power on (Optional) You can set AutoEnable=true in /etc/bluetooth/main.conf if you want to make the bluetooth auto power-on after reboot. Run devices to see which devices have been paired Run scan on if your desired device has not pair

Itachi Uchiha

The Real Hero of Konoha

Beli Bahan Tekstil dan Jasa Jahit di Bandung

Acara wisuda akan dilaksanakan pada Juli 2012 dan untuk acara tersebut saya memerlukan jas. Saya langsung googling  untuk mencari tempat yang menjual jas. Sebelumnya saya sempat berpikir untuk menyewa jas saja namun karena tampaknya jas akan cukup penting nantinya dan harga penyewaan yang umumnya tidak murah maka saya memutuskan membeli. Saya mencari tempat yang menjual jas yang murah di Bandung. Hasilnya beberapa artikel menyebutkan Pasar Baru Bandung menjual berbagai bahan tekstil dan pakaian termasuk jas. Saya langsung membuka Google Maps dan mencari lokasi Pasar Baru Bandung. Berikut adalah lokasi Pasar Baru Bandung. View Pasar Baru Bandung in a larger map Setelah mengetahui lokasi tersebut, saya memutuskan pergi sendiri ke Pasar Baru Bandung. Tidak lupa saya menyiapkan GPS berhubung sangat lemah soal arah jalan. Alhasil, setelah sampai di dekat jembatan, sebelum jalan Suniaraja saya sempat mengambil arah yang salah dan akhirnya berputar-putar di daerah sekitar Pasar Baru

How To Use Git in Netbeans

Git is a popular version control application nowadays. Recently I have created a note about its differences with SVN and how to use it in Eclipse . There are many Git client tools. But I just want to show how to use Netbeans built in Git tools. It makes development process easier because it has been integrated with the IDE. Create Remote Git Repository We need remote Git repository so everyone can store or receive any revision or updated files through the networks. We can setup our own Git server or use public Git server like Github . In this note, I use Github. 1. Create an account in Github and create an empty Git repository Create an empty public repository in Github 2. Get the remote repository link Your Github Repository URL Create a New Project in Netbeans and Create Local Git Repository After we have a remote Git repository, we can create a project which will be stored to remote repository. We also need to create local repository before we can push