I have postfix and opendkim working on my server(Ubuntu 16.04), but postfix do not sign all mails with dkim.
If I send a mail from server with:
echo "test email" | sendmail check-auth#verifier.port25.com
I have a response that says DKIM check: pass because the mail has DKIM-Signature. I was trying send mails to my gmail account by this method and the mails has a DKIM-Signature too.
But when I try to send mails using Thunderbird or something similar the mails has no DKIM-Signature.
The server only has one domain and the next configurations:
/etc/postfix/main.cf:
[...]
milter_default_action = accept
milter_protocol = 2
smtpd_milters = inet:localhost:8891
non_smtpd_milters = inet:localhost:8891
/etc/opendkim.conf:
[...]
SOCKET inet:8891#localhost
UserID opendkim
KeyTable /etc/opendkim/key.table
SigningTable refile:/etc/opendkim/signing.table
/etc/opendkim/key.table:
example.com example.com:default:/etc/dkimkeys/dkim.key
/etc/opendkim/signing.table:
*#example.com example.com
I was looking on mail.log, mail.err and syslog but I don't see anything related, neither errors.
I'm checking different configurations, I can send DKIM-signed mails form server with sendmail using different configurations but I still can't send mails signed with DKIM with Thunderbird... :(
Any Idea? Any place to look?
Ok, I found the problem.
In some sites they say that its necesary put the next line in /etc/postfix/master.cf for avoid problems:
-o receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters
But its wrong, that line makes the mails didn't signed.
In /etc/postfix/master.cf we can uncomment the next line to get working the port 587:
submission inet n - y - - smtpd
Related
I've been trying to install a Postfix server for handling mail for my domain. I found some nice tutorial and I was able to create email address and server responds correctly with telnet (imap and pop3 included, I also charge the config in Gmail and works correctly).
To handle POP3 and IMAP I have installed Courier
The problem comes when I try to send e-mails to myself (with external email address), I receive the following error code:
Action: failed
Status: 5.4.6
Diagnostic-Code: X-Postfix; mail for (servername) loops back to
myself
I reviewed my postfix mail.conf config, as in many webs they said that it could be because mydestination was not corectly configured. I have included the domain configuration and I still get the same error. (/etc/postfix/main.cf)
mydestination = mail.mydomain.com, domain.com, localhost
This is in a VPS, so the hostname is different to the domain name, I'm not sure if this can have any influence on the handling mail error.
Could someone help me to find where can the error be?
Thanks for your attention and your answers
You're probably sending mail to a recipient, with an email address in a zone which has an MX record, with its value a hostname, which resolves to the ip address of your mailserver, while this your server hasn't been told in its main.cf config file (behind mydestination), that it is referring to itself.
Therefore, your server is wondering why an attempt to send mail to - as it believes - another server results in finding that the ip address of that another server is its own ip address.
Update mydestination accordingly.
It helps to use the same hostname for MX record, for all zones your mailserver handles incoming mail for, as that keeps your mydestination manageable.
My postfix server is working on a particular domain name through a relay, so it's like that:
Client send to abs#subdomain.domain.com -> domain.com production mail server -> internal mail server on subdomain.
All messages for subdomain.domain.com are being forwarded. But the thing is, the application that I'm supporting uses mailing system for some internal stuff and many addresses that are being CC when client is sending e-mail doesn't exist on subdomain mail server, they serve another purpose. When app on subdomain receives e-mail, it parses headers and uses all CC addresses in it's algorithms.
Here comes the problem. When client sends an e-mail, he'll receive as many error responses as there are fake addresses in CC.
There is only one real address that is listed in /etc/aliases and it's just piping incoming mails to stdin for some script.
Question. How do I prevent sending error responces to the client and just /dev/null all fake addresses? I need only 1 address, that is listed in aliases.
Thanks in advance.
Ok, I figured it out.
This can be achieved through virtual_alias_maps.
Add an virtual alias for domain and for address. Redirect domain to /dev/null and address to local alias.
virtual_alias_maps file:
target_addr#subdomain target#localhost
#subdomain devnull#localhost
/etc/aliases:
target: "| /path/to/script"
devnull: /dev/null
I'm trying to work out how to have postfix only allow emails through to certain email addresses.
I had it working using the following config:
smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/access, reject
and then access contains
example1.com OK
example2.com OK
miles#example3.com OK
This worked - mail to anything that wasn't in the whitelist was rejected by the mailserver.
I then wanted to route all my outgoing mail via gmail, so added
relayhost = [smtp.gmail.com]:587
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_tls_CAfile = /etc/postfix/cacert.pem
smtp_use_tls = yes
It now seems that postfix is ignoring the whitelist, and sending everything through to the gmail servers.
Can anyone explain why this is happening, and what I might need to do to resolve this?
In short - I'd like all my mail sent via a gmail account, but only if the recipient address is in a whitelist.
Show some logs please.
I suspect that you are sending emails via /usr/bin/sendmail or postdrop. Both these commands bypass the smtpd and so the smtpd_recipient_restrictions, as they delivery the locally to the postfix, not via network.
If the sent email arrived via network (and so via smtpd) then show the config too (postconf -n) as you may have other configs that are changing the final result for those emails.
I have 2 domains, let's call them d1.com and d2.com.
I want mails sent to anyone#d1.com to end up in a mailserver at d2.com.
I want to use DNS to accomplish this and first tried the following to get it to work:
On d1.com I set a MX record "# MX 3600 10 mail.d2.com.". On d2.com I set an A record "mail A 3600 10.10.10.1", where 10.10.10.1 is the IP to the mailserver.
It didn't work, emails sent to someone#d1.com disappeared. So then I tried this:
On d1.com I set a MX record "# MX 3600 10 mail" and an A record "mail A 3600 10.10.10.1", where 10.10.10.1 is the IP to the mailserver at d2.com.
This didn't work either, again emails sent to someone#d1.com disappeared.
Something tells me that I somehow have to tell d2.com to accept mails addressed to anyone#d1.com, since d2.com probably expects mails to be on the format someone#d2.com. Is this "accepting" something I can configure using DNS? Or how should I solve this problem?
I think your on the right track with your first DNS changes, however, as you note towards then end of your question, you must configure the Mail Server at d2.com to accept mail from d1.com - this is something to be configured in the mail server and not in DNS.
I have two websites, we'll call them a.com and b.com. I already have a mail server running on b.com. What I would like to do is have any email sent to #a.com to be automatically forwarded to b.com. I edited the only MX record in the a.com DNS settings to be...
Priority: 10
Host: #
Points To: b.com
After setting this up and giving it time to propagate, mail sent to a.com does not go through and I get a "Message not delivered" response from my email client.
Thanks for any help!
The MX-Record does only tell the webserver where to deliver mail for that specific domain. So any mail sent to user#a.com will be sent to the mailserver at b.com, that does not mean that they get forwarded to user#b.com. You will have to configure your mailserver at b.com to accept mails for the a.com domain.