Over the summer, having followed the DKIM/DomainKeys discussions and finally
upgraded our
main mail-server and in the face of increasing spam attacks, I decided to go
ahead with
implementation and to slowly start tightening our anti-spam arsenal.
So I installed Postfix with TLS & DKIM on the Centos 5 box.
Not being a full-time sys$admin (far from it, I consider myself more of a
tourist admin
than anything else), it took me a while to go through the motions & work bugs
out,
especially since out CISCO router had also a life of its own in letting only
"normal" SMTP
traffic through (had I been told, I would have saved hours and hours of
tweaking &
frustration).
Most of the installation was pretty straight forward, with TLS being a little
more complex
to install than Mail-DKIM which I installed in a breeze thanks to good
documentation. I
thought it would have been a lot more complex since prior to DIY, I had asked
quantities
of "IT consultants" for a quote & been told this was something that would take
them days
to implement - yeah right...<grin>
But little did I know of one major problem to do with DNS. Let me explain: my
DNS
provider, one of the largest in the world, ran DNS services for my domain on
their "older"
aka "legacy" nameservers. The underscore "_" seemed to introduce all sorts of
problems -
not because the nameserver itself did not like it, but because the ISP's input
system
database & front end did not like it.
To cut a long story short, they spent a considerable amount of time trying to
go around
this and it took them several weeks to figure a way out, which was simply to
migrate my
domain to their brand new nameservers - and I am glad to say that it all works
now.
All to say that whilst we all hope for more DKIM use in email, a barrier to
entry will be
those legacy systems, not necessarily the nameserver's fault, but the front end
database
which so many ISPs make use of, including those who let end-users modify their
DNS through
a Web front end.
Warm regards,
--
Olivier MJ Crepin-Leblond, Ph.D
Global Information Highway Ltd
http://www.gih.com/ocl.html
_______________________________________________
dkim-ops mailing list
dkim-ops(_at_)mipassoc(_dot_)org
http://mipassoc.org/mailman/listinfo/dkim-ops