sekoon
asked on
Seting up Domain Key for IIS 6.0 Smtp
I need some guidance on how to create and setup a domain key for our IIS 6.0 SMTP server. We send out confirmation emails to user when they book aa service online with us and we have been getting complaints that users with Yahoo email address are not get emails delivered to them. After so research it appears that I have to configure a Domain Key so that Yahoo can confirm the authenicity. I understand that part of the Domain Key gets installed in our DNS and the other part gets attached somehow to the out bound emails. In all this I am lost as to how to create the Domain Key, and how to setup the public part with IIS 6.0 SMTP. In understand that the Private part of the Domain Key gets setup in the DNS records which I think I understand fairly well, course once I have figured out how to create the Domain Key.
Any help would be greatly appreciated.
Steve
Any help would be greatly appreciated.
Steve
ASKER
Meverest,
This link will explain what I am saying that Yahoo requires. BTW we have what you are talking about above in place already.
http://help.yahoo.com/l/aa/yahoo/mail/postmaster/postmaster-28.html
Thanks,
Steve
This link will explain what I am saying that Yahoo requires. BTW we have what you are talking about above in place already.
http://help.yahoo.com/l/aa/yahoo/mail/postmaster/postmaster-28.html
Thanks,
Steve
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Yep, the from address had the domain portion mis-spelled. Thanks!
I do think there is a way out to add DKIM/Domainkey to all the emails using IIS SMTP Event Sinks. I have been personally working on it for sometime.
I have so far collected functions that reads the emails sent to the SMTP and adds custom header. Have the rsa-sha256 hash signing.
However I am a bit stuck with PKCS#1 RSA Public private key signing and once I am done with that I will surely share it with the developer community.
Cheers,
Vijay Bhatter
I have so far collected functions that reads the emails sent to the SMTP and adds custom header. Have the rsa-sha256 hash signing.
However I am a bit stuck with PKCS#1 RSA Public private key signing and once I am done with that I will surely share it with the developer community.
Cheers,
Vijay Bhatter
What most mailsystems do, is to check the sender IP address and resolve it back to a hostname. If the hostname does not match what the server identifies himself as, then a mismatch like that will cause their server to reject the email.
1. First, check the server IP address. log on to the IIS smtp server console, (either using it's keyboard and monitor or by a remote console connection) then open a web browser and go to 'http://whatismyip.com' - note the IP address returned.
2. Now check what your server calls itself: right click smtp server in IIS manager, choose properties -> 'delivery' tab, 'advanced' button.
3. In 'fully qualified domain', you need to put the full hostname of the server, like 'mail.yourdomain.com.xy'.
4. Next, check that the IP address resolves correctly to the server hostname. From a dos shell, enter "ping -a a.b.c.d" where 'a.b.c.d' is the IP address from step 1. The result should look something like:
C:\Documents and Settings\mike>ping -a 124.108.97.193
Pinging l1.login.vip.aue.yahoo.com
See how the address is resolved on the second line to a fully qualified hostname? That is what the '-a' option in the ping command does. This hostname MUST be identical to what is set at step 3 above. If it is different, then you have 2 choices: Change what is shown at step 3 to what you find at step 4, or Change the DNS PTR record for that IP address to what you WANT to see in step 3.
6. Lastly, check that the hostname resolves to the right address. from a dos shell, enter "ping mail.yourdomain.com.xy" and check that the IP address displayed is the same as what you discovered in step 1.
Once all these things match, then Yahoo should accept your mail unless you have also got yourself onto some email blacklist - but that's /another/ story altogether... ;-)
Cheers!