[H2B2]

If there is interest, I'll upload a corrected version of the php-dkim library and the phpmailer class.

Great! Please do. I'm sure there is interest.

[ogrethegreat]

Here you guys go. Hopefully this will save someone the frustration. I've uploaded the entire ./lists/admin/phpmailer directory to make things easy. It should work with any version of phplist that utilizes the phpmailer library since its an independent library that's been unchanged since 05. I installed php-dkim into the phpmailer dir. You'll need to change the php-dkim/dkim-cfg.php file by pasting in your public and private keys and entering you domain name. It should work with just that one simple configuration. I was working on a DomainKeys header as well but I had to put it down due to workload. I may come back to that in the not too distant future. Let me know if you have any issues and I'll try to help.

Oh and I briefly read about adding these mods to mantis but this is as good as I can do for a few days anyhow.

Enjoy!

P.S. - The comment below about the smtp server signing and phplist breaking it isn't really accurate. It would depend on several variables. If you setup a postfix smtp server with dkim milter or similar, then you would simply need to have phplist send the email via that smtp server for the same effect achieved here in PHP. Easy as changing the server info in the config. The SMTP server will take it from there. I was able to enable DomainKeys in cpanel on a shared hosting account and then just had phplist send via my hosted email and it was working great but alas I can't be sending out bulk mail from there. I would, in fact, suggest that if you did have access to some mail hosting on cpanel and the AUP of the provider suits your needs, then install this and send via that account and you'll get both DomainKeys and DKIM working. It VERY easy to activate in cpanel.

However, if you install this AND are using your SMTP server to sign a DKIM signature, it will break because you will end up with two DKIM signatures.

SPF is a no brainer. It requires no signature, simply an entry in you DNS zone file that says what servers are authorized to send mail for your domain. The receiver will check the source of the email and compare vs. your DNS. This one is easy to do anywhere but is right there with DomainKeys activation in a cpanel environment and it'll do the work for you.

[lojong]

Hey ogrethegreat, I just registered for this forum in order to say THANK YOU VERY MUCH!
I haven't tried this implementation of PHPlist + DKIM yet, but I'm looking forward to doing so.

My shared web host is great, but doesn't offer DomainKeys or DKIM besides adding a TXT DNS record, which I think won't cut it. So this is great. If our e-mails aren't going to get through to the big 3 providers without DKIM, there's no point. We can't ask people to whitelist.

So… if this does actually work, I think it should be included as part of the next release.

Cheers for working on this!

[ogrethegreat]

Thanks. If you have issues let me know. Its working for me thus far. Just started my first bulk queue with this enabled. 4k in and bounce rate is looking good. I tell you who is a pain is Barracuda Reputation. Those jokers are always blacklisting and that will sting you on a lot of the smaller hosts. DKIM or not. Very quick to blacklist.

[duffers2010]

DKIM keys should be standard - I have added keys on other apps and deliverability has gone up by over 10% which reflects it use

[h2ojunkie]

Here you guys go. Hopefully this will save someone the frustration. I've uploaded the entire ./lists/admin/phpmailer directory to make things easy. It should work with any version of phplist that utilizes the phpmailer library since its an independent library that's been unchanged since 05. I installed php-dkim into the phpmailer dir. You'll need to change the php-dkim/dkim-cfg.php file by pasting in your public and private keys and entering you domain name. It should work with just that one simple configuration. I was working on a DomainKeys header as well but I had to put it down due to workload. I may come back to that in the not too distant future. Let me know if you have any issues and I'll try to help.

Oh and I briefly read about adding these mods to mantis but this is as good as I can do for a few days anyhow.

Enjoy!

Thanks for the work on this. I was able to get DKIM working pretty eaisly following your instructions.
However, I did come across what appears to be a bug. And I'm a total loss with where to look to fix it.

If I send a message without selecting a template (leave the "use template" drop down on "--select one" it passes DKIM validation.
But, I change it to select a template to use with the message, DKIM fails.
result = fail
Details: body has been altered


If anyone can help with a fix for this, it would be appreciated.

[h2ojunkie]

OK, after a lot of testing, it actually seems to be that HTML message fails, but txt messages pass.

It always says "body has been altered" on HTML messages

[sintsu]

#Note#
I have two FreeBSD server , one is working properly (Apache/2.2.19 (FreeBSD) mod_ssl/2.2.19 OpenSSL/0.9.8q DAV/2 PHP/5.3.7 with Suhosin-Patch configured)
But another have the following problem, I've already check the httpd.conf, php.ini but cannot find the solution ... could anyone give me some hint to modified.
I'll very appreciate! Thank you!

I was trying to utilize DKIM on my phpList, and already follow the above process.
The machine that have problem environment is Apache/2.2.20 (FreeBSD) mod_ssl/2.2.20 OpenSSL/0.9.8q DAV/2 PHP/5.3.8 with Suhosin-Patch configured

It's weird that no matter how I hard try to setup the dkim-cfg.php, dkim.php always told me the following message under phpList document

Code: Select all

DKIM not configured, please run:
openssl genrsa -out key.priv 384
openssl rsa -in key.priv -out key.pub -pubout -outform PEM
Then copy & paste the public and private keys into dkim-cfg.php

Then the httpd-error.log shows

Code: Select all

PHP Notice:  Undefined variable: open_SSL_pub in /usr/local/www/ph
plist/public_html/lists/admin/phpmailer/php-dkim/dkim.php on line 26

I thought it was a apache security issue that blocked the dkim-cfg.php be include in dkim.php,
so I try to copy the dkim-cfg content direct into the dkim.php and I pass the warning.

When I login phpList and send a test message, it shows only "Cannot Sign" ... (screen in attachment)

Then I check the /var/log/httpd-error.log that shows

Code: Select all

PHP Deprecated:  Function ereg() is deprecated in phplist/public_html/lists/admin/index.php on line 275&397, referer: http://ph1.tw-roc.org/edm/admin/?page=messages

I think ... FINE, I'll try to figure it out and found this site about How to fix ‘Function eregi() is deprecated’ in PHP 5.3.0?

After all this work, I think all the bad will pass. It seems so good that all the error is disappear in httpd-error.log. But the fact is NO.

When I trying to send a test message, the screen still shows "Cannot Sign"

[BlueLuke]

I had issues setting up my DKIM & Domainkeys before, these articles were helpful.

http://www.unlocktheinbox.com/resources/domainkeys.aspx
http://www.unlocktheinbox.com/resources/dkim.aspx

You can also send an email to "mailtest@unlocktheinbox.com" it's really detail and provides links to the right articles to guide you in getting them set up correctly.

[nealc]

First, many thanks to ogrethegreat for picking up where I left off & thus reassuring me I wasn't entirely insane. Now I'm about to upgrade my old PHPList 2.10.4 for 2.10.17, so need to do the DKIM thing again - ogrethegreat's bundle makes that much easier...

However, need to warn folks attempting this caper that PHPlist 2.10.17 uses a (slightly) different version of class.phpmailer.php The file header is the same, but the size has changed from 1501 lines to 1513 lines - the extra code adds a timestamp & does something with/about PHP Safe mode. Whatever that's about, it would be wise to modify & use the new version.

Another thing to watch out for is that __DIR__ (as in 'require_once(__DIR__."/php-dkim/dkim.php");' in class.phpmailer.php and also within dkim.php v1.2 itself) only works in PHP >=5.3.0. As my hoster still runs 5.2.17 that broke the whole of my PHPlist (with no error message anywhere - just a blank page with html comment "using ../config/config.php"). To get round this, edit dkim.php line 24 from

Code: Select all

require_once __DIR__ .'/dkim-cfg.php' ;

to

Code: Select all

require_once 'dkim-cfg.php' ;

, edit class.phpmailer.php line 2 from

Code: Select all

require_once(__DIR__."/php-dkim/dkim.php");

to

Code: Select all

require_once("dkim.php");

and move all the php-dkim files into the /lists/admin/phpmailer/ directory. (I hate paths, and especially things with no error messages.)

At this point I'd like to say that I've got it all working, but sadly I have "Result: fail (wrong body hash: expected NpcQwTZRP2lskPy2NQKawPaUJ70=)" and an overwhelming desire to go to the dentist instead.

Good luck.

[conley722]

Just a note for anyone having a similar issue... I sign my e-mails using opendkim on the MTA-side rather than by PHP. I received the incorrect body hash notice consistently for HTML messages (although never for plain text messages). After about a month of googling everything possible I randomly decided to just change the encoding option from 8bit to base64 within class.phpmailer.php. I am using version 2.10.12 of PHPlist which still uses the outdated version of phpmailer (v2-something). I'm not sure of the line number for the encoding variable off the top of my head but it is near the top of the file. var $Encoding = "8bit"; should be changed to var $Encoding = "base64";

Hope this helps someone

[ludo48]

Hello,
Conley722 can you help me please ?
I try to configure PhpList with Dkim on Postfix. I correctly configure DKIM on postfix (when i send a mail with my webmail, i see on an Gmail account, that Dkim work correctly).
I have done few test from PhpList to an Gmail account, but i don't see anywhere the Dkim signature (neither "pass" or "faield". It seems that Postfix send the mail from PhpList without Dkim. Could you explain me, how you have set-up it ?
Thanks in advance,

[conley722]

Hey Ludo,

What do you use to sign your e-mails? OpenDKIM or some other program?

[ludo48]

Thank you for you response. I was signing with Dkim-Filter. I have done the config with opendkim, and now it works fine.

[conley722]

Just an added note, I believe base64 is frowned upon by most email providers as it has been used by spammers to mask the content of the message. I have been having issues with Yahoo! and TS03 blocks lately (even though I receive no complaints from their FBL) and I think it is due to the base64 encoding of my messages. I am switching it to a quoted-printable encoding which will hopefully solve the issue. I will update here when I get it sorted.

On a side note: feel free to mess around with different encodings but I have found that 7bit, 8bit, and binary all corrupt the body hash for HTML emails using DKIM. base64 and quoted-printable seem to be the only viable options.