1 (edited by reshadfar 2014-09-11 16:31:16)

Topic: dkim signing

==== Required information ====
- iRedMail version: 0.8.7
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Linux/BSD distribution name and version: Ubuntu 14.04
- Related log if you're reporting an issue:
====

Hello guys I have got my iredmail up and running. The only thing is when I get to send emails they go to spam in gmail and don't arrive at all in hotmail or outlook.

After testing it says that the dkim is not signed. How can I solve this? I have more than 1 virtual domain. Do I need to copy the dkim key to all dns settings from my hosting?

Thanks in advance.

*edit*
I tried to generate a new RSA key for my second domain. But in /etc/amavis/
there is no amavisd.conf or anything like that.. But there is the following:

/etc/amavis/conf.d# ls
01-debian       15-content_filter_mode  30-template_localization
05-domain_id    20-debian_defaults      40-policy_banks
05-node_id      21-ubuntu_defaults      50-user
15-av_scanners  25-amavis_helpers       50-user.2014.09.08.16.08.53

Can someone guide me through this to add the next domain?

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: dkim signing

reshadfar wrote:

After testing it says that the dkim is not signed.

Did you check mail headers of sent email? For example, the one arrived in Gmail.

On Debian/Ubuntu, you can add custom settings in /etc/amavis/conf.d/50-user.

3 (edited by reshadfar 2014-09-11 17:20:41)

Re: dkim signing

ZhangHuangbin wrote:
reshadfar wrote:

After testing it says that the dkim is not signed.

Did you check mail headers of sent email? For example, the one arrived in Gmail.

On Debian/Ubuntu, you can add custom settings in /etc/amavis/conf.d/50-user.

Thanks for your reply,

I think the mail headers are ok since I am using the mail client in Laravel php framework. Here is how they look like

 Delivered-To: email@gmail.com
Received: by 10.112.181.97 with SMTP id dv1csp550274lbc;
        Thu, 11 Sep 2014 00:00:40 -0700 (PDT)
X-Received: by 10.180.187.76 with SMTP id fq12mr15922wic.4.1410418840431;
        Thu, 11 Sep 2014 00:00:40 -0700 (PDT)
Return-Path: <no-reply@domain.nl>
Received: from hostname.nl (hostname.nl. [188.226.xxx.xxx])
        by mx.google.com with ESMTPS id yw4si15174wjc.94.2014.09.11.00.00.40
        for <email@gmail.com>
        (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Thu, 11 Sep 2014 00:00:40 -0700 (PDT)
Received-SPF: pass (google.com: domain of no-reply@domain.nl designates 188.226.xxx.xxx as permitted sender) client-ip=188.226.xxx.xxx;
Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of no-reply@domain.nl designates 188.226.xxx.xxx as permitted sender) smtp.mail=no-reply@domain.nl
Received: by hostname.nl (Postfix, from userid 33)
    id 9A72F20A2F; Thu, 11 Sep 2014 03:00:39 -0400 (EDT)
To: User Name <info@domain.nl>
Subject: Subscription
X-PHP-Originating-Script: 0:SimpleMailInvoker.php
Message-ID: <44a09f0df9f24b02680e7c180a874ea4@domain.nl>
Date: Thu, 11 Sep 2014 07:00:39 +0000
From: Tcr <no-reply@domain.nl>
Cc: User Name <email@gmail.com>
MIME-Version: 1.0
Content-Type: text/html; charset=utf-8
Content-Transfer-Encoding: quoted-printable

Thanks in advance smile

*Edit* see my email test
https://www.mail-tester.com/web-9aA7Ti

4

Re: dkim signing

No DKIM key at all. You have to enable debug mode in Amavisd to figure it out.
Also, please show us DKIM related settings in /etc/amavis/conf.d/50-user.

5 (edited by reshadfar 2014-09-12 15:24:38)

Re: dkim signing

I got the keys and I have put them in the dns records as TXT with dkim._domainkey Even with amavisd-new testkeys it says pass

How do I turn on debug mode and how do I debug?
here u have the config file:

Thanks for your help btw smile

6

Re: dkim signing

*) Please remove you config file from paste.ubuntu.com immediately, it contains SQL username/password.
*) Your Amavisd config looks just fine.

To enable debug mode in Amavisd, please set/update below parameters in 50-user:

$log_level = 5;              # verbosity 0..5, -d
$sa_debug = 1;

7

Re: dkim signing

OK I have updated the debug mode should be enabled now. What should I do to test why the outgoing emails are not signed? Is it possible that the email headers are wrong, or is it really the server not signing?

8

Re: dkim signing

With debug mode enabled, you can send a testing email, then check Amavisd log to figure it out.

9 (edited by reshadfar 2014-09-12 21:53:22)

Re: dkim signing

Ok I have enabled it and restarted amavis. Next I checked the mail.log I have tested it with a gmail account and a live(hotmail) account.

This were the results.

Sep 12 06:37:06 hostname postfix/pickup[6898]: F1AAF20A33: uid=33 from=<no-reply@xxx.nl>
Sep 12 06:37:07 hostname postfix/cleanup[7675]: F1AAF20A33: message-id=<6db801ac1c294fef82e906de887e874c@www.xxx.nl>
Sep 12 06:37:07 hostname postfix/qmgr[1742]: F1AAF20A33: from=<no-reply@xxx.nl>, size=116574, nrcpt=2 (queue active)
Sep 12 06:37:07 hostname postfix/pipe[7684]: F1AAF20A33: to=<info@xxx.nl>, relay=dovecot, delay=0.1, delays=0.04/0.01/0/0.05, dsn=2.0.0, status=sent (delivered via dovecot service)
Sep 12 06:37:08 hostname postfix/smtp[7683]: F1AAF20A33: to=<xxx@gmail.com>, relay=gmail-smtp-in.l.google.com[74.125.136.26]:25, delay=1.2, delays=0.04/0.02/0.35/0.82, dsn=2.0.0, status=sent (250 2.0.0 OK 1410518228 ei9si2177318wid.26 - gsmtp)
Sep 12 06:37:08 hostname postfix/qmgr[1742]: F1AAF20A33: removed
Sep 12 06:44:04 hostname postfix/pickup[6898]: D470A20A33: uid=33 from=<no-reply@xxx.nl>
Sep 12 06:44:04 hostname postfix/cleanup[7726]: D470A20A33: message-id=<b9675fd8a00d2818eec6def2bf718a3d@www.xxx.nl>
Sep 12 06:44:04 hostname postfix/qmgr[1742]: D470A20A33: from=<no-reply@xxx.nl>, size=116546, nrcpt=2 (queue active)
Sep 12 06:44:04 hostname postfix/pipe[7735]: D470A20A33: to=<info@xxx.nl>, relay=dovecot, delay=0.11, delays=0.04/0.01/0/0.05, dsn=2.0.0, status=sent (delivered via dovecot service)
Sep 12 06:44:07 hostname postfix/smtp[7734]: D470A20A33: to=<xxx@live.nl>, relay=mx2.hotmail.com[65.54.188.110]:25, delay=2.4, delays=0.04/0.02/1.3/1.1, dsn=2.0.0, status=sent (250  <b9675fd8a00d2818eec6def2bf718a3d@www.xxx.nl> Queued mail for delivery)
Sep 12 06:44:07 hostname postfix/qmgr[1742]: D470A20A33: removed

If you want I could give you access to my droplet so you can check it out for yourself smile

10

Re: dkim signing

No amavisd log at all. Do you have Amavisd enabled in Postfix? Show us output of command "postconf content_filter" please.

11 (edited by reshadfar 2014-09-12 23:35:15)

Re: dkim signing

This is the output:

content_filter =

*Edit*

I have added the signing with content_filter = smtp-amavis:[127.0.0.1]:10024 and now the emails are signed! thanks smile But still no emails received in hotmail... Gmail is just fine though.. it goes to spam folder but at least it is being send.

*Edit*

I rebooted everything and when sending an email to a hotmail account this is what it says.

http://paste.ubuntu.com/8327891/

12

Re: dkim signing

Mail sending looks fine, no error in log file.

13

Re: dkim signing

ZhangHuangbin wrote:

Mail sending looks fine, no error in log file.

Yes they are sent without errors unfortunately microsoft blocks all the emails I think because I have multiple domains maybe

14

Re: dkim signing

reshadfar wrote:

microsoft blocks all the emails I think because I have multiple domains maybe

Multiple domains doesn't impact this.
If you cannot find any related log on your server, it's better to contact Hotmail support to figure it out.