DomainKeys Identified Mail is an alternative to strong authentication systems that are PGP and S/MIME. Unlike those, DKIM furnishes an authentication not of the author, but of the domain it belongs to. DKIM is the legitimate son of DomainKeys, from Yahoo!, and Identified Internet Mail, from Cisco.
1. Identity and Email
Email Authentication is quite a recurrent topic to sysadmins. Since SMTP exists, we saw all sorts of good and bads, from the excellent PGP to the almost successful SenderID (that died because of some patent story.. again). We saw funky formats, and others more reasonnable but incredibly complex to set up (S/MIME).
Yet, in the end, what the user wants is simply to send an email. Except in a few specific cases, the authenticity of its communications, he doesn’t really care about and trusts the “system”. Then again, it’s quite frustrating to be unable to determine who is behind the keyboard. Especially when we do not know the person, and we can’t rely on the content of the message to evaluate its authenticity. And considering the importance of email communications today, and what we do with simple emails, it’s understandable that most of the big email companies have, at some point, proposed or integrated an authentication solution. Tiếp tục đọc
In this tutorial you will learn about Installing SSL Certificate (Secure Server Certificate) to secure communication between PostfixSMTP server and mail client such as Outlook or Thunderbird.
You need to generate a CSR certificate for CA, to use with your Postfix mail server. This tutorial instuctions are tested under:
- Redhat enterprise Linux 5
- CentOS 5 Server
- FreeBSD 7 server
Procedure for creating a CSR on postfix MTA is just like web server. You need to use OpenSSL which is a cryptography toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) network protocols and related cryptography standards under Linux / UNIX. To configure postfix SSL SMTP you need 3 files
- The private key generated using step #1
- Your .crt certificate file (it will be send by CA)
- CA certificate (also known as
Let us see how to create certificate for Postfix smtp server called smtp.theos.in. Tiếp tục đọc
Despite having been around for a long time,
telnet is an invaluable tool for testing a mail server. It allows one to pinpoint errors in the process – some which are not logged – and to quickly validate that things are working.
Moreover, it enables one to get a better understanding of what their mail server expects, which in turn allows for better code to be written for sending emails. Granted, excellent libraries (such as PHPMailer) exist for this sole purpose, but learning something new never hurts.
Since it seems that the general populace has little use for telnet, many modern operating systems do not have it installed by default.
In the case of linux, telnet can be installed by running:
yum install telnet
In the case of Windows 7, the telnet client is a Windows feature that can be added by going to: Control Panel > Programs and Features > Turn Windows features on or off, and checking ‘Telnet Client’ from the list of Windows Features that appears. Note that on Windows’ telnet, if you make a typographical error, backspace will not be able to correct it – the command sent to the server will be invalid. Tiếp tục đọc