Page 1 of 1
DKIM OUTBOUND
Posted: 09 Nov 2018 14:42
by scl402a
I am trying to enable DKIM for inbound email. I assume, this would get EFA to verify all incoming mail against the DMARC/DKIM system.
I noticed the following,
1) servers that I used my EFA for, might send me back a 'message not delivered'
2) this will cause EFA to send a 'return email', that is from my domain, and thus, it will fail, as EFA don't do outbound DKIM signing?
3) Is there a way for me to direct all EFA return email to another smtp outbound host?
or
Can I make EFA not to send any return to sender type of message?
Re: DKIM OUTBOUND
Posted: 07 Mar 2019 01:39
by Alleyviper
Hi there,
EFA changes the body of the email, for this dkim hash gets tampered with. No solution yet, but it is being addressed on EFA4.
Re: DKIM OUTBOUND
Posted: 07 Mar 2019 16:06
by kris240376
I remember reporting this issue and was told that v4 doesn't exhibit this issue. I'm keeping my fingers crossed that this is still the case when v4 is released.
Re: DKIM OUTBOUND
Posted: 18 Mar 2019 07:04
by Alleyviper
Hi there,
For Inbound Dkim/Dmarc is already checked by opendkim I think.
For OUTBOUND:
I was able to setup Dkim Signing properly:
a) On Efa Menu select 9) Spam Settings > 1) Non Spam Settings | I have Store non spam and enable Signing
- settings.PNG (14.68 KiB) Viewed 20857 times
b) At /etc/Mailscanner/Mailscanner.conf (Change Sign Clean Messages from yes/no to a file ruleset)
Code: Select all
# Add the "Inline HTML Signature" or "Inline Text Signature" to the end
# of uninfected messages?
# If you add your own signature in your email application, and include the
# magic token "_SIGNATURE_" in your email message, the signature will be
# inserted just there, rather than at the end of the message.
# This can also be the filename of a ruleset.
# EFA Note: CustomAction.pm will Sign Clean Messages instead using the custom(nonspam) action.
Sign Clean Messages = %rules-dir%/sig.clean.messages.rules
c) Create a file sig.clean.messages.rules at /etc/Mailscanner/rules/ [You can copy from an existing file rule to keep permissions]
Code: Select all
-rwxr-xr-x 1 root apache 53 Mar 15 23:28 sig.clean.messages.rules
c) On the webgui choose the from domain.tld not to sign clean message
- tld.PNG (15.84 KiB) Viewed 20858 times
Now INBOUND messages have the signature and Outbound from the domain.tld EFA complets the DKIM Signing without body hash of email beeing Tempered with.
I have a new problem now. the Inbound Signature does not show the link for users to report message as Spam.