Any interest in DKIM/Domain Keys

Solutions for other advanced phplisters

Re: Any interest in DKIM/Domain Keys

Postby H2B2 » 3:06am, Wed 19 Jan, 2011

ogrethegreat wrote:If there is interest, I'll upload a corrected version of the php-dkim library and the phpmailer class.

Great! Please do. I'm sure there is interest. 8)
H2B2
Moderator
 
Posts: 7188
Joined: 1:51am, Wed 15 Mar, 2006

Re: Any interest in DKIM/Domain Keys

Postby ogrethegreat » 4:22am, Wed 19 Jan, 2011

Here you guys go. Hopefully this will save someone the frustration. I've uploaded the entire ./lists/admin/phpmailer directory to make things easy. It should work with any version of phplist that utilizes the phpmailer library since its an independent library that's been unchanged since 05. I installed php-dkim into the phpmailer dir. You'll need to change the php-dkim/dkim-cfg.php file by pasting in your public and private keys and entering you domain name. It should work with just that one simple configuration. I was working on a DomainKeys header as well but I had to put it down due to workload. I may come back to that in the not too distant future. Let me know if you have any issues and I'll try to help.

Oh and I briefly read about adding these mods to mantis but this is as good as I can do for a few days anyhow.

Enjoy!

P.S. - The comment below about the smtp server signing and phplist breaking it isn't really accurate. It would depend on several variables. If you setup a postfix smtp server with dkim milter or similar, then you would simply need to have phplist send the email via that smtp server for the same effect achieved here in PHP. Easy as changing the server info in the config. The SMTP server will take it from there. I was able to enable DomainKeys in cpanel on a shared hosting account and then just had phplist send via my hosted email and it was working great but alas I can't be sending out bulk mail from there. I would, in fact, suggest that if you did have access to some mail hosting on cpanel and the AUP of the provider suits your needs, then install this and send via that account and you'll get both DomainKeys and DKIM working. It VERY easy to activate in cpanel.

However, if you install this AND are using your SMTP server to sign a DKIM signature, it will break because you will end up with two DKIM signatures.

SPF is a no brainer. It requires no signature, simply an entry in you DNS zone file that says what servers are authorized to send mail for your domain. The receiver will check the source of the email and compare vs. your DNS. This one is easy to do anywhere but is right there with DomainKeys activation in a cpanel environment and it'll do the work for you.
Attachments
phpmailer.zip
(58.28 KiB) Downloaded 625 times
ogrethegreat
phpList newbie
 
Posts: 3
Joined: 4:11am, Tue 18 Jan, 2011

Re: Any interest in DKIM/Domain Keys

Postby lojong » 5:27am, Thu 20 Jan, 2011

Hey ogrethegreat, I just registered for this forum in order to say THANK YOU VERY MUCH!
I haven't tried this implementation of PHPlist + DKIM yet, but I'm looking forward to doing so.

My shared web host is great, but doesn't offer DomainKeys or DKIM besides adding a TXT DNS record, which I think won't cut it. So this is great. If our e-mails aren't going to get through to the big 3 providers without DKIM, there's no point. We can't ask people to whitelist.

So… if this does actually work, I think it should be included as part of the next release.

Cheers for working on this!
lojong
phpList newbie
 
Posts: 1
Joined: 4:50am, Thu 20 Jan, 2011

Re: Any interest in DKIM/Domain Keys

Postby ogrethegreat » 7:05am, Thu 20 Jan, 2011

Thanks. If you have issues let me know. Its working for me thus far. Just started my first bulk queue with this enabled. 4k in and bounce rate is looking good. I tell you who is a pain is Barracuda Reputation. Those jokers are always blacklisting and that will sting you on a lot of the smaller hosts. DKIM or not. Very quick to blacklist.
ogrethegreat
phpList newbie
 
Posts: 3
Joined: 4:11am, Tue 18 Jan, 2011

Re: Any interest in DKIM/Domain Keys

Postby duffers2010 » 4:18pm, Sat 19 Mar, 2011

DKIM keys should be standard - I have added keys on other apps and deliverability has gone up by over 10% which reflects it use
duffers2010
phpList newbie
 
Posts: 2
Joined: 3:59pm, Sat 19 Mar, 2011

Re: Any interest in DKIM/Domain Keys

Postby h2ojunkie » 2:36am, Fri 01 Apr, 2011

ogrethegreat wrote:Here you guys go. Hopefully this will save someone the frustration. I've uploaded the entire ./lists/admin/phpmailer directory to make things easy. It should work with any version of phplist that utilizes the phpmailer library since its an independent library that's been unchanged since 05. I installed php-dkim into the phpmailer dir. You'll need to change the php-dkim/dkim-cfg.php file by pasting in your public and private keys and entering you domain name. It should work with just that one simple configuration. I was working on a DomainKeys header as well but I had to put it down due to workload. I may come back to that in the not too distant future. Let me know if you have any issues and I'll try to help.

Oh and I briefly read about adding these mods to mantis but this is as good as I can do for a few days anyhow.

Enjoy!



Thanks for the work on this. I was able to get DKIM working pretty eaisly following your instructions.
However, I did come across what appears to be a bug. And I'm a total loss with where to look to fix it.

If I send a message without selecting a template (leave the "use template" drop down on "--select one" it passes DKIM validation.
But, I change it to select a template to use with the message, DKIM fails.
result = fail
Details: body has been altered


If anyone can help with a fix for this, it would be appreciated.
h2ojunkie
phpLister
 
Posts: 6
Joined: 2:30am, Fri 01 Apr, 2011

Re: Any interest in DKIM/Domain Keys

Postby h2ojunkie » 5:00am, Fri 01 Apr, 2011

OK, after a lot of testing, it actually seems to be that HTML message fails, but txt messages pass.

It always says "body has been altered" on HTML messages
h2ojunkie
phpLister
 
Posts: 6
Joined: 2:30am, Fri 01 Apr, 2011

Re: Any interest in DKIM/Domain Keys

Postby sintsu » 4:37pm, Thu 20 Oct, 2011

#Note#
I have two FreeBSD server , one is working properly (Apache/2.2.19 (FreeBSD) mod_ssl/2.2.19 OpenSSL/0.9.8q DAV/2 PHP/5.3.7 with Suhosin-Patch configured)
But another have the following problem, I've already check the httpd.conf, php.ini but cannot find the solution ... could anyone give me some hint to modified.
I'll very appreciate! Thank you!

I was trying to utilize DKIM on my phpList, and already follow the above process.
The machine that have problem environment is Apache/2.2.20 (FreeBSD) mod_ssl/2.2.20 OpenSSL/0.9.8q DAV/2 PHP/5.3.8 with Suhosin-Patch configured

It's weird that no matter how I hard try to setup the dkim-cfg.php, dkim.php always told me the following message under phpList document

Code: Select all
DKIM not configured, please run:
openssl genrsa -out key.priv 384
openssl rsa -in key.priv -out key.pub -pubout -outform PEM
Then copy & paste the public and private keys into dkim-cfg.php


Then the httpd-error.log shows
Code: Select all
PHP Notice:  Undefined variable: open_SSL_pub in /usr/local/www/ph
plist/public_html/lists/admin/phpmailer/php-dkim/dkim.php on line 26


I thought it was a apache security issue that blocked the dkim-cfg.php be include in dkim.php,
so I try to copy the dkim-cfg content direct into the dkim.php and I pass the warning.

When I login phpList and send a test message, it shows only "Cannot Sign" ... (screen in attachment)

Then I check the /var/log/httpd-error.log that shows
Code: Select all
PHP Deprecated:  Function ereg() is deprecated in phplist/public_html/lists/admin/index.php on line 275&397, referer: http://ph1.tw-roc.org/edm/admin/?page=messages


I think ... FINE, I'll try to figure it out and found this site about How to fix ‘Function eregi() is deprecated’ in PHP 5.3.0?

After all this work, I think all the bad will pass. It seems so good that all the error is disappear in httpd-error.log. But the fact is NO.

When I trying to send a test message, the screen still shows "Cannot Sign"
Attachments
1.jpg
Cannot sign
1.jpg (32.29 KiB) Viewed 30378 times
sintsu
PL Nut
 
Posts: 21
Joined: 5:42am, Fri 07 Oct, 2011

Re: Any interest in DKIM/Domain Keys

Postby BlueLuke » 7:29pm, Mon 23 Jan, 2012

I had issues setting up my DKIM & Domainkeys before, these articles were helpful.

http://www.unlocktheinbox.com/resources/domainkeys.aspx
http://www.unlocktheinbox.com/resources/dkim.aspx

You can also send an email to "mailtest@unlocktheinbox.com" it's really detail and provides links to the right articles to guide you in getting them set up correctly.
BlueLuke
phpLister
 
Posts: 9
Joined: 5:13am, Thu 19 Nov, 2009

Re: Any interest in DKIM/Domain Keys

Postby nealc » 3:37pm, Mon 13 Feb, 2012

First, many thanks to ogrethegreat for picking up where I left off & thus reassuring me I wasn't entirely insane. Now I'm about to upgrade my old PHPList 2.10.4 for 2.10.17, so need to do the DKIM thing again - ogrethegreat's bundle makes that much easier...

However, need to warn folks attempting this caper that PHPlist 2.10.17 uses a (slightly) different version of class.phpmailer.php The file header is the same, but the size has changed from 1501 lines to 1513 lines - the extra code adds a timestamp & does something with/about PHP Safe mode. Whatever that's about, it would be wise to modify & use the new version.

Another thing to watch out for is that __DIR__ (as in 'require_once(__DIR__."/php-dkim/dkim.php");' in class.phpmailer.php and also within dkim.php v1.2 itself) only works in PHP >=5.3.0. As my hoster still runs 5.2.17 that broke the whole of my PHPlist (with no error message anywhere - just a blank page with html comment "using ../config/config.php"). To get round this, edit dkim.php line 24 from
Code: Select all
require_once __DIR__ .'/dkim-cfg.php' ;
to
Code: Select all
require_once 'dkim-cfg.php' ;
, edit class.phpmailer.php line 2 from
Code: Select all
require_once(__DIR__."/php-dkim/dkim.php");
to
Code: Select all
require_once("dkim.php");
and move all the php-dkim files into the /lists/admin/phpmailer/ directory. (I hate paths, and especially things with no error messages.)

At this point I'd like to say that I've got it all working, but sadly I have "Result: fail (wrong body hash: expected NpcQwTZRP2lskPy2NQKawPaUJ70=)" and an overwhelming desire to go to the dentist instead.

Good luck.
nealc
phpList newbie
 
Posts: 2
Joined: 2:46pm, Tue 15 Sep, 2009

Re: Any interest in DKIM/Domain Keys

Postby conley722 » 2:37pm, Mon 07 May, 2012

Just a note for anyone having a similar issue... I sign my e-mails using opendkim on the MTA-side rather than by PHP. I received the incorrect body hash notice consistently for HTML messages (although never for plain text messages). After about a month of googling everything possible I randomly decided to just change the encoding option from 8bit to base64 within class.phpmailer.php. I am using version 2.10.12 of PHPlist which still uses the outdated version of phpmailer (v2-something). I'm not sure of the line number for the encoding variable off the top of my head but it is near the top of the file. var $Encoding = "8bit"; should be changed to var $Encoding = "base64";

Hope this helps someone
conley722
phpLister
 
Posts: 5
Joined: 2:31pm, Mon 07 May, 2012

Re: Any interest in DKIM/Domain Keys

Postby ludo48 » 8:38pm, Tue 08 May, 2012

Hello,
Conley722 can you help me please ?
I try to configure PhpList with Dkim on Postfix. I correctly configure DKIM on postfix (when i send a mail with my webmail, i see on an Gmail account, that Dkim work correctly).
I have done few test from PhpList to an Gmail account, but i don't see anywhere the Dkim signature (neither "pass" or "faield". It seems that Postfix send the mail from PhpList without Dkim. Could you explain me, how you have set-up it ?
Thanks in advance,
ludo48
phpLister
 
Posts: 6
Joined: 8:26pm, Tue 08 May, 2012

Re: Any interest in DKIM/Domain Keys

Postby conley722 » 6:30pm, Wed 30 May, 2012

Hey Ludo,

What do you use to sign your e-mails? OpenDKIM or some other program?
conley722
phpLister
 
Posts: 5
Joined: 2:31pm, Mon 07 May, 2012

Re: Any interest in DKIM/Domain Keys

Postby ludo48 » 8:47pm, Wed 06 Jun, 2012

Thank you for you response. I was signing with Dkim-Filter. I have done the config with opendkim, and now it works fine.
ludo48
phpLister
 
Posts: 6
Joined: 8:26pm, Tue 08 May, 2012

Re: Any interest in DKIM/Domain Keys

Postby conley722 » 4:35pm, Mon 09 Jul, 2012

Just an added note, I believe base64 is frowned upon by most email providers as it has been used by spammers to mask the content of the message. I have been having issues with Yahoo! and TS03 blocks lately (even though I receive no complaints from their FBL) and I think it is due to the base64 encoding of my messages. I am switching it to a quoted-printable encoding which will hopefully solve the issue. I will update here when I get it sorted.

On a side note: feel free to mess around with different encodings but I have found that 7bit, 8bit, and binary all corrupt the body hash for HTML emails using DKIM. base64 and quoted-printable seem to be the only viable options.
conley722
phpLister
 
Posts: 5
Joined: 2:31pm, Mon 07 May, 2012

PreviousNext

Return to Advanced Answers, Howtos, Tips & Tricks

Who is online

Users browsing this forum: Exabot [Bot] and 1 guest