[Lugstuff] new stuff learned rebuilding Annapolislinux
Annapolis Linux Users Group
lugstuff at annapolislinux.org
Mon Jan 18 00:05:41 EST 2021
I learned a few new things rebuilding the site.
I am starting to feel really thankful my previous provider booted me.
Rebuilding the Annapolis Linux host was really good for refreshing my
skills.
I could probably do a mini presentation on one or two of the following:
* Increasing your mailservers reputation using SFP, DKIM and TLS.
It seems mailservers get rated by the suplements they run. Maybe I
have this wrong. But, I added the following protocols to the server.
- TLS setup using the EFF Let's Encrypt
- SFP setup google and many mail servers require this to prevent your
email from going in the Junk box.
Here is my spf record from dig.
dig annapolislinux.org txt
annapolislinux.org. 1800 IN TXT "v=spf1 ip4:96.126.117.237 ip6:2600:3c00::f03c:92ff:fe09:31dd ~all"
- OpenDKIM setup - this creates a digital signiture in the header.
A private RSA key is stored in a DNS text record. Lots of big servers require this for mail to go through.
When a mail is received on a server with DKIM setup, it will check
the DKIM header with the entry stored on the DNS to see if it is
valid. If it is not valid, it may get rejected or marked as SPAM.
http://www.opendkim.org/
Here is a cool web tool to check your setup.
https://dkimvalidator.com/
- Todo Setup DMARC
* Setting up Let's Encrypt. Free SSL Certificates.
EFF sponsors Let's Encrypt.
Let's Encrypt provides free SSL certificates with a short life.
These certificiates can be used be renewed automatically via a script.
Certbot is the mechanism to install the packages.
https://letsencrypt.org/
* Troubleshooting Apache and Mailman
Mainly, running Apache in debug mode will prety much tell you why
apache is not working.
* Setting up Dovecot IMAP with Postfix.
Is anyone interested ?
-tjk
Annapolis Linux Users Group
More information about the Lugstuff
mailing list