Service/smtp: Difference between revisions

(4 intermediate revisions by one other user not shown)

Line 41:

_spf.hostname TXT "v=spf1 ip4:IPv4_of_hostname/mask ip6:IPv6_of_hostname/mask a:hostname.sugarlabs.org mx:hostname.sugarlabs.org ~all"

The a and mx values are authorized mail server by domain name and authorized server by domain MX record, the MX record should also be defined

The '''a''' and '''mx''' values are authorized mail server by domain name and authorized server by domain MX record, the MX record should also be defined

for hostname.

Line 67:

Your entry would look like this

~~default~~._domainkey.hostname TXT "v=DKIM1; g=*; k=ed25519; p=VGhpcyBpcyBqc3V0ZSBhc29ka2ZvYXNrZWpkZmtsc2pkZgo="

selector1._domainkey.hostname TXT "v=DKIM1; g=*; k=ed25519; p=VGhpcyBpcyBqc3V0ZSBhc29ka2ZvYXNrZWpkZmtsc2pkZgo="

_adsp._domainkey.hostname TXT "dkim=unknown"

~~Ensure your~~ private key ~~is on hostname~~ and ~~specify the path~~ to ~~it when using a tool like~~ opendkim - /etc/opendkim.~~conf~~ -~~, with~~

When using an ed25519 key, you'll need to add a fallback RSA key for backward compatibility.

the ~~user and group~~ of the key ~~being opendkim~~.

# Generate rsa key

$ openssl genrsa -out rsa_private.key 2048

# Generate public key from private key

$ openssl rsa -in rsa_private.key -pubout -outform der 2>/dev/null | openssl base64 -A

You can then add a KeyTable and SigningTable to your opendkim.conf

KeyTable refile:/etc/opendkim/KeyTable

SigningTable refile:/etc/opendkim/SigningTable

# Contents of KeyTable with both keys

selector1._domainkey.hostname.sugarlabs.org hostname.domain-name:selector1:/path/to/selector1/private/*.key

selector2._domainkey.hostname.sugarlabs.org hostname.domain-name:selector2:/path/to/selector2/private/*.key

# Contents of SigningTable

*@hostname.domain-name selector1._domainkey.hostname.sugarlabs.org

*@hostname.domain-name selector2._domainkey.hostname.sugarlabs.org

Then add a DKIM record for the second selector

w-mail._domainkey.weblate IN TXT ("v=DKIM1; h=sha256; k=rsa; p="*")

The value of p is the public key of the generated RSA key above.

Ensure your private keys are on hostname.

== Set up ==

=== Thunderbird ===

These are the settings for setting up SMTP with Thunderbird. Note that you use your LDAP username and password, and that the username __'''does not'''__ have "@sugarlabs.org" at the end.

{|class=wikitable

! Server name !! Port !! Connection security !! Authentication method !! User name

|-

| smtp.sugarlabs.org || 587 || STARTTLS || Normal Password || your LDAP username -- AND WITHOUT @SUGARLABS.ORG AT THE END!

|}

Example:

[[File:Screenshot from 2024-06-13 22-45-20.png|thumb|left|example of smtp set up in thunderbird ]]

== See also ==

@@ Line 41: / Line 41: @@
    _spf.hostname    TXT     "v=spf1 ip4:IPv4_of_hostname/mask ip6:IPv6_of_hostname/mask a:hostname.sugarlabs.org mx:hostname.sugarlabs.org ~all"
-The a and mx values are authorized mail server by domain name and authorized server by domain MX record, the MX record should also be defined
+The '''a''' and '''mx''' values are authorized mail server by domain name and authorized server by domain MX record, the MX record should also be defined
 for hostname.
@@ Line 67: / Line 67: @@
 Your entry would look like this
-   default._domainkey.hostname      TXT     "v=DKIM1; g=*; k=ed25519; p=VGhpcyBpcyBqc3V0ZSBhc29ka2ZvYXNrZWpkZmtsc2pkZgo="
+   selector1._domainkey.hostname      TXT     "v=DKIM1; g=*; k=ed25519; p=VGhpcyBpcyBqc3V0ZSBhc29ka2ZvYXNrZWpkZmtsc2pkZgo="
-   _adsp._domainkey.hostname        TXT     "dkim=unknown"
+   _adsp._domainkey.hostname          TXT     "dkim=unknown"
-Ensure your private key is on hostname and specify the path to it when using a tool like opendkim - /etc/opendkim.conf -, with
+When using an ed25519 key, you'll need to add a fallback RSA key for backward compatibility.
-the user and group of the key being opendkim.
+  # Generate rsa key
+  $ openssl genrsa -out rsa_private.key 2048
+  # Generate public key from private key
+  $ openssl rsa -in rsa_private.key -pubout -outform der 2>/dev/null | openssl base64 -A
+You can then add a KeyTable and SigningTable to your opendkim.conf
+  KeyTable                refile:/etc/opendkim/KeyTable
+  SigningTable            refile:/etc/opendkim/SigningTable
+  # Contents of KeyTable with both keys
+  selector1._domainkey.hostname.sugarlabs.org hostname.domain-name:selector1:/path/to/selector1/private/*.key
+  selector2._domainkey.hostname.sugarlabs.org hostname.domain-name:selector2:/path/to/selector2/private/*.key
+  # Contents of SigningTable
+  *@hostname.domain-name selector1._domainkey.hostname.sugarlabs.org
+  *@hostname.domain-name selector2._domainkey.hostname.sugarlabs.org
+Then add a DKIM record for the second selector
+  w-mail._domainkey.weblate       IN      TXT     ("v=DKIM1; h=sha256; k=rsa; p="*")
+The value of p is the public key of the generated RSA key above.
+Ensure your private keys are on hostname.
+== Set up ==
+=== Thunderbird ===
+These are the settings for setting up SMTP with Thunderbird. Note that you use your LDAP username and password, and that the username __'''does not'''__ have "@sugarlabs.org" at the end.
+{|class=wikitable
+! Server name        !! Port       !! Connection security !! Authentication method !! User name
+|-
+| smtp.sugarlabs.org || 587       || STARTTLS   || Normal Password || your LDAP username -- AND WITHOUT @SUGARLABS.ORG AT THE END!
+|}
+Example:
+[[File:Screenshot from 2024-06-13 22-45-20.png|thumb|left|example of smtp set up in thunderbird ]]
 == See also ==