You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@spamassassin.apache.org by Kai Schaetzl <ma...@conactive.com> on 2005/07/02 17:16:24 UTC

Problems with DomainKeys installation

I want to try it out, but it won't install correctly. One of the 
prerequisites, OpenSSL, fails some tests. So I forced a cpan install for 
OpenSSL. It may be working now or not, I don't know. But there's obviously 
another prerequisite I'm missing (or it's the wrong one, anyway):
[19734] warn: plugin: failed to parse plugin (from @INC): Can't locate 
Crypt/OpenSSL/RSA.pm in @INC

n8:~ # locate RSA.pm
/root/.cpan/build/Crypt-OpenSSL-RSA-0.21/blib/lib/Crypt/OpenSSL/RSA.pm
/root/.cpan/build/Crypt-OpenSSL-RSA-0.21/RSA.pm
/root/.cpan/build/OpenSSL-0.09/blib/lib/OpenSSL/RSA.pm
/root/.cpan/build/OpenSSL-0.09/OpenSSL/RSA.pm
/usr/lib/perl5/site_perl/5.8.1/i586-linux-thread-multi/OpenSSL/RSA.pm

So, OpenSSL::RSA is installed, but "Crypt" isn't. Ahm, what package does 
it belong to? "m Crypt" or "m Crypt::OpenSSL" just tells me it doesn't 
exist.

Kai

-- 
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com
IE-Center: http://ie5.de & http://msie.winware.org

Re: Problems with DomainKeys installation

Posted by Kai Schaetzl <ma...@conactive.com>.

Nick Leverton wrote on Sat, 2 Jul 2005 16:55:09 +0100:

> OpenSSL::RSA != Crypt::OpenSSL::RSA. 

I figured that, but I didn't come up with the correct module name. It 
appears I didn't try Crypt::OpenSSL::RSA, but only Crypt::OpenSSL or 
something. It built ok now and there are no DomainKeys errors anymore.

 I found that I needed the latter. 
> Have you got Crypt::OpenSSL::Random installed too ? 

Got installed as a prerequisite now.



Kai

-- 
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com
IE-Center: http://ie5.de & http://msie.winware.org

Re: Problems with DomainKeys installation

Posted by Nick Leverton <nj...@leverton.org>.

On Sat, Jul 02, 2005 at 05:16:24PM +0200, Kai Schaetzl wrote:

> So, OpenSSL::RSA is installed, but "Crypt" isn't. Ahm, what package does 
> it belong to? "m Crypt" or "m Crypt::OpenSSL" just tells me it doesn't 
> exist.

OpenSSL::RSA != Crypt::OpenSSL::RSA.  I found that I needed the latter.
Have you got Crypt::OpenSSL::Random installed too ?  Crypt::OpenSSL::RSA
wouldn't work until I added that.

If you're on Debian, I have home-made Sarge .debs of them both you're
welcome to use (they're not in the main distro).

Nick

Re: Problems with DomainKeys installation

Posted by Kai Schaetzl <ma...@conactive.com>.

Thanks for the additional info, Jason!

Kai

-- 
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com
IE-Center: http://ie5.de & http://msie.winware.org

Re: Problems with DomainKeys installation

Posted by Jason Haar <Ja...@trimble.co.nz>.

Kai Schaetzl wrote:

>
>Well, I don't expect much from it anyway, but wanted to see if there's any 
>advantage from using it/if it works (basically). It's only Yahoo using 
>DomainKeys, aren't they?
>
>  
>
I wouldn't even say Yahoo is using it:

dig _domainkey.yahoo.com txt
_domainkey.yahoo.com.   5852    IN      TXT     "t=y\; o=~\; 
n=http://antispam.yahoo.com/domainkeys"

That means it's only in test mode, and it is only implemented for some 
mail. Not exactly "live" :-(

Similarly, gmail.com is DK signing all their outgoing mail - but don't 
even declare they are using DomainKey via DNS!

(I'm not slagging them off - actually declaring such a thing to be fully 
implemented is no small task. It's just that us real people probably 
won't implement such a thing until some big names actually commit)

-- 
Cheers

Jason Haar
Information Security Manager, Trimble Navigation Ltd.
Phone: +64 3 9635 377 Fax: +64 3 9635 417
PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1

Re: Problems with DomainKeys installation

Posted by Kai Schaetzl <ma...@conactive.com>.

Michael Parker wrote on Sat, 02 Jul 2005 13:10:05 -0500:

> The domain keys plugin is experimental. One of the primary reasons it is 
> experimental is because the Mail::DomainKeys modules are very immature.

Well, I don't expect much from it anyway, but wanted to see if there's any 
advantage from using it/if it works (basically). It's only Yahoo using 
DomainKeys, aren't they?

Kai

-- 
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com
IE-Center: http://ie5.de & http://msie.winware.org

Re: Problems with DomainKeys installation

Posted by Nick Leverton <nj...@leverton.org>.

On Sat, Jul 02, 2005 at 01:10:05PM -0500, Michael Parker wrote:
> Howdy,
> 
> For those of your that are installing Mail::DomainKeys.  Please keep the
> following in mind.
> 
> The domain keys plugin is experimental. One of the primary reasons it is
> experimental is because the Mail::DomainKeys modules are very immature. 

I realise the whole DK thing is still under development.  I wanted to see
how they perform, as we use SA at work, so I'm trying it out here at home.

I don't expect I will score a positive DK result very high even when live,
because Yahoo mail is signed by DK and yet it can still contain spam very
often.  It is (as you know of course) a sender-authentication mechanism,
we don't want authentic spam getting in :-)  SA 3.1.0-pre is proving very
good at catching spam on otherwise good Yahoo lists without any FP's,
with both Domainkeys and SPF scored at the current 0.001 (pre Perceptron,
of course).

> I encourage anyone who wishes to work with the DomainKeys code to feel
> free to contact the author, see what they can offer in terms of a more
> robust module and documentation.  I don't see that module getting much
> better without some community support.

But ... aren't M$ going to put effort into getting this important
verification method accepted on non-M$ systems ?  Tch tch :-)

Nick
-- 
http://www.leverton.org/                      ... So express yourself

Re: Problems with DomainKeys installation

Posted by Michael Parker <pa...@pobox.com>.

Howdy,

For those of your that are installing Mail::DomainKeys.  Please keep the
following in mind.

The domain keys plugin is experimental. One of the primary reasons it is
experimental is because the Mail::DomainKeys modules are very immature. 
I encourage anyone who wishes to work with the DomainKeys code to feel
free to contact the author, see what they can offer in terms of a more
robust module and documentation.  I don't see that module getting much
better without some community support.

Michael