Profile

Cover photo
Paul Howard
Works at JBS Technologies
Attends Open University
Lives in Copthorne, UK
179 followers|155,721 views
AboutPostsPhotosYouTube+1'sReviews

Stream

Paul Howard

Shared publicly  - 
 
Fantastic trip to the Weald and Download museum today.
1
Add a comment...

Paul Howard

Shared publicly  - 
 
Finally fixed the PHP errors so http://ispauldeadyet.com is working again.
2
Allison Updike's profile photo
2 comments
 
Say hello to Mrs. Howard & kisses to both ur missus!! ^.^
Add a comment...
Charlotte Howard was tagged in Paul Howard's photo.

Paul Howard

Shared publicly  - 
1

Paul Howard

Shared publicly  - 
 
Charlotte is looking more like me all the time.
3
Oliver Marshall's profile photo
 
It really is quite scary. 
Add a comment...

Paul Howard

Shared publicly  - 
 
Another job I now don't have to do :)
1
Add a comment...
Have him in circles
179 people
Huw Selley's profile photo
Rumy Scholes's profile photo
Natalie Caseley's profile photo
Julian Heathcote's profile photo
Jody Mason's profile photo

Paul Howard

Shared publicly  - 
 
Looking for interesting bars/pubs to visit in the west end this weekend.
Been ages since I went out in London.
1
Add a comment...

Paul Howard

Shared publicly  - 
2
Zarafasia Equinox's profile photo
 
Merry Christmas to you and your family, by the power of greyskull!
Add a comment...

Paul Howard

Shared publicly  - 
 
 
We recently worked with a client to set up SPF (http://en.wikipedia.org/wiki/Sender_Policy_Framework) and DKIM (http://en.wikipedia.org/wiki/Dkim) records for several domains that they send emails from, on behalf of third parties.

Although not a difficult task, while searching the Internet for issues people may  have faced, there did not appear to be a single website that gave clear, concise and most importantly full instructions on how to go about setting up a Linux (in this case Ubuntu) server running postfix to sign outgoing emails with DKIM signatures.

So below you will find the configuration that we used and tested successfully across a number of domains. (all command are running as root so add sudo if necessary in your environment)



1. Make sure all software is up to date

apt-get update
apt-get upgrade

2. Install opendkim

apt-get install opendkim opendkim-tools

3. Set up a directory for the storage of private keys. You can have as many domains as you wish. Change owner and permissions to the opendkim user.

mkdir -pv /etc/opendkim/example.com/
chown -Rv opendkim:opendkim /etc/opendkim
chmod go-rwx /etc/opendkim/*

4. Every single domain should have a key pair and appropriate security. Navigate to the appropriate folder and generate a key pair. Change the owner to the opendkim user.

cd /etc/opendkim/example.com/ opendkim-genkey -r -h rsa-sha256 -d example.com -s yourtag
chown opendkim:opendkim *
chmod u=rw,go-rwx *

5. Publish the public key using a DNS  TXT record for the domain in question. (key shortened here for space)

yourtag._domainkey.example.com IN TXT "v=DKIM1;p=AySFjB......xorQAB"

Once set up check it is showing in DNS. From the command line of the email server:

dig yourtag._domainkey.example.com TXT




6. Set up the key table.

Open up your text editor of choice and open or create /etc/opendkim/KeyTable file with the following text

example.com example.com:yourtag:/etc/opendkim/example.com/yourtag.private


7. Set up the signing table. Again, open or create /etc/opendkim/SigningTable in your favorite text editor and enter the following text.

*@example.com example.com


8.  Set up the TrustedHosts file. Open or create /etc/opendkim/TrustedHosts  This will need to contain all the IP ranges that you will allow to use this MTA to sign emails with DKIM in the following format.

127.0.0.1
192.168.0.0/24


9. Next, set up the ownership of files we created to the opendkim user.

chown opendkim:opendkim /etc/opendkim/KeyTable
chown opendkim:opendkim /etc/opendkim/SigningTable
chown opendkim:opendkim /etc/opendkim/TrustedHosts


10. Open /etc/opendkim.conf using your text editor. Make sure the following settings are changed/added. Some ay be present already.

# Enable Logging
Syslog yes
SyslogSuccess yes
LogWhy yes

# User mask
UMask 002

# Always oversign From (sign using actual From and a null From to prevent malicious signatures header fields (From and/or others) between the signer and the verifier)

OversignHeaders From

# Our KeyTable and SigningTable
KeyTable refile:/etc/opendkim/KeyTable
SigningTable refile:/etc/opendkim/SigningTable

# Trusted Hosts
ExternalIgnoreList /etc/opendkim/TrustedHosts
InternalHosts /etc/opendkim/TrustedHosts

# Hashing Algorithm
SignatureAlgorithm rsa-sha256

# Auto restart when the failure occurs. CAUTION: This may cause a tight fork loops
AutoRestart Yes

# Set the user and group to opendkim user
UserID opendkim:opendkim

# Specify the working socket
Socket inet:8891@localhost

11. Configure the OpenDKIM filter on Postfix.

Open /etc/postfix/main.cf and add/uncomment these lines:

# OpenDKIM
milter_default_action = accept
milter_protocol = 2
smtpd_milters = inet:localhost:8891
non_smtpd_milters = $smtpd_milters

12. Restart opendkim and postfix

service opendkim start

service postfix restart



And that is it. Any emails being passed through this MTA with a sending domain that matches those listed in the SigningTable will have a DKIM signature attached.

The easiest way to test everything is working as it should be is to send an email to a Gmail account and look at the original version of the email. It will show you if the DKIM policy has passed and if not hopefully give you some information on what went wrong.
1
Allison Updike's profile photo
 
You guys are enticing me back into code...>.<
Add a comment...

Paul Howard

Black and White  - 
 
One of my favourite  black and white "selfies"
12
Add a comment...

Paul Howard

Shared publicly  - 
 
Back from a fantastic day out in Brighton. Not sure how Charlotte sat in the sea. It was freezing.
1
Carol Harding's profile photo
 
That appears to be a look of horror on her face.
Add a comment...
People
Have him in circles
179 people
Huw Selley's profile photo
Rumy Scholes's profile photo
Natalie Caseley's profile photo
Julian Heathcote's profile photo
Jody Mason's profile photo
Work
Occupation
Technology consultant and photographer.
Employment
  • JBS Technologies
    Owner/Director, 2010 - present
  • Custom iTV
    Head of Group IT, 2001 - 2010
  • Titan Analysis
    Owner/Director, 1997 - 2001
  • Vodafone Group Plc
    IT Support Manager, 1996 - 1997
  • Aztec Rentals
    Technical Manager, 1995 - 1996
  • First Point
    Senior Support Engineer, 1993 - 1995
  • Royal and Sun Alliance
    IT Support, 1988 - 1993
Places
Map of the places this user has livedMap of the places this user has livedMap of the places this user has lived
Currently
Copthorne, UK
Previously
Maidenbower, Crawley, UK - Mobile, AL, 36609 - Tilgate, Crawley, UK - Broadfield, Crawley, UK - Furnace Green, Crawley, UK - Southgate, Crawley, UK - Horsham, UK - Langley Green, Crawley, UK - Billingshurst, UK - Ifield, Crawley, UK - Bewbush, Crawley, UK - Gossops Green, Crawley, UK
Contact Information
Work
Phone
+44 (0)845 805 9232
Email
Apps with Google+ Sign-in
Story
Tagline
standard nerd
Introduction

Paul is a writer, photographer, content producer and small business owner.

Paul lives in a small village in Sussex with his wife, Laura, and their daughter. He spends as much time as he can not doing housework and pretending his small garden really does require a large, gas powered BBQ.

For employment, he runs an IT consulting and support companytakes interesting photographs and is in the process of starting up a small media company to produce audio and video podcasts.

 

Work:

Having been in the IT industry since mid 1988, Paul founded JBS Technologies in 2010 to provide SMEs with technical support and IT strategy advice.

 

Other things to know:

Paul does not own cats for a variety of reasons.

Paul is a Liberal Conservative with far left leanings.

Education
  • Open University
    present
  • Holy Trinity CofE School
Basic Information
Gender
Male
Looking for
Friends, Networking
Relationship
Married
Paul Howard's +1's are the things they like, agree with, or want to recommend.
The Countdown to Christmas 2011 - showing you how many days until Christ...
thecountdowntochristmas.com

The Countdown to. Christmas 2011. 24 days, 12 hours, 2 minutes, 47 seconds.

an example of the usefulness of bittorrent for entirely legal purposes -...
feedproxy.google.com

So yesterday, I decided that I'd download Ubuntu and put it in a Virtualbox on my iMac, just to see how the distro is doing these days. As y

My Food Photography Book Goes International! | Nicolesy
nicolesyblog.com

I just got these in the mail today from Peachpit! One of the coolest things next to getting the first printed copy of any of my books is get

Indyanimation
www.youtube.com

Indyanimation is a stop motion animated, shot for shot remake of the most exciting six minutes in film history - the opening scene of Raider

The Hobbit Official Movie Trailer (An Unexpected Journey) HD
www.youtube.com

Feast upon it Hobbit fans. Here is the first official Hobbit Trailer released! It has been a long wait, but finally we can see a taste of th

Two-Letter and Three-Letter Scrabble Words
phrontistery.info

Acceptable two and three letter words in Scrabble

All my + data for Paul Howard
www.allmyplus.com

A quick overview and statistics of the g+ activities of Paul Howard.

Physical assault by McDonald's for wearing Digital Eye Glass
eyetap.blogspot.com

Physical assault by McDonald's for wearing Digital Eye Glass. Digital Eye Glass. I believe that Digital Eye Glass will ultimately replace gl

Entropy - Wikipedia, the free encyclopedia
en.wikipedia.org

Entropy is the thermodynamic property toward equilibrium/average/homogenization/dissipation: hotter, more dynamic areas of a system lose hea

Cards Against Humanity, a nasty, funny, CC-licensed card-game
feedproxy.google.com

Cards Against Humanity is the perennially sold out, CC-licensed card-game that turns madlibs into an anti-social exercise. They're sold out,

The Hobbit Movie
plus.google.com

The Largest Hobbit Movie Fan Site on the Web

TechCrunch | Linux For The Real World
techcrunch.com

The recent Linux Foundation report about the Linux jobs market highlighted a need for experienced professionals, but the traditional Linux t

Star Wars Uncut: Director's Cut
www.youtube.com

Finally, the crowd-sourced project has been stitched together and put online for your streaming pleasure. The "Director's Cut" is a feature-

Charlotte sings Adele
www.youtube.com

Welcome to YouTube! Suggested Language (we have set your preference to this): English (UK). Suggested Location Filter (we have set your pref

Bearded Dragon playing Ant Crusher
www.youtube.com

My Bearded Dragon showing her mad skills :) Song: Super Mario theme

YouTube - My Drunk Kitchen, Ep. 12: Pizza
www.youtube.com

Create AccountSign In. Home. BrowseFilmsUpload. Hey there, this is not a commercial interruption. You&#39;re using an outdated browser, whic

xkcd: Wisdom of the Ancients
xkcd.com

Permanent link to this comic: http://xkcd.com/979/. Image URL (for hotlinking/embedding): http://imgs.xkcd.com/comics/wisdom_of_the_ancients

Now +1 Gets Interesting: Button To Launch On YouTube, Android Market, Be...
techcrunch.com

We broke the news yesterday that Google was planning to announce today that the +1 button is going to be added to partner websites. The ne

A nice change from the usual type of eatery in Crawley. The food is excellent, especially the steak burger. The staff are friendly and helpful and the prices are lower than you would expect. One of my favorite places to grab a quick breakfast or lunch.
Food: ExcellentDecor: ExcellentService: Excellent
Public - a year ago
reviewed a year ago
Very friendly service, and the food was amazing. The portions are huge though so beware of what you order. I doubt I could finish most of the meals on the menu, especially as they all came with a large banana muffin as well. No waiting for coffee refills as they give you a thermal carafe for the table. Being given a free local paper when you are seated is also a nice touch. If you are staying in Vegas you have to try this place at least once.
Food: ExcellentDecor: ExcellentService: Excellent
Public - a year ago
reviewed a year ago
32 reviews
Map
Map
Map
Great value food and good service.
Public - 2 years ago
reviewed 2 years ago
Public - 3 years ago
reviewed 3 years ago