Configuring DKIM for incoming mails.

Questions and answers about how to do stuff
Post Reply
chappy
Posts: 1
Joined: 19 Aug 2019 13:55

Configuring DKIM for incoming mails.

Post by chappy » 19 Aug 2019 14:11

Hi,

i'm pretty new to efa and i would like to configure DKIM and DMARC on my system. I'm currently running on EFA-3.0.2.6.
First of all i wanted to test the DKIM/DMARC functionality for incoming emails only. So i went to the EFA configuration program and used option "17" to enable DKIM and DMARC functionalities. This seemed to work fine.

After this had been completed i started sending "fake" emails to my system. Within the mail log i can see that opendkim and opendmarc checks are failing, but the email has been delivered (see maillog below) and within my email application i can see those fake emails pretending to be send by support@microsoft.com.

Is there anything else i need to configure to tell efa to reject mails if those checks are failing? Again, i do not want to use it for my outgoing emails at this point, i'm just interested in checking incoming emails.

Code: Select all

Aug 19 16:01:12 host02 postfix/smtpd[30803]: connect from my.mailhost.com[x.x.x.x]
Aug 19 16:01:12 host02 postfix/smtpd[30803]: Anonymous TLS connection established from my.mailhost.com[x.x.x.x]: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
Aug 19 16:01:22 host02 postfix/trivial-rewrite[33163]: warning: database /etc/postfix/virtual.db is older than source file /etc/postfix/virtual
Aug 19 16:01:23 host02 sqlgrey: grey: from awl match: updating x.x.x(x.x.x.x), support@microsoft.com(support@microsoft.com)
Aug 19 16:01:23 host02 postfix/cleanup[33164]: warning: database /etc/postfix/virtual.db is older than source file /etc/postfix/virtual
Aug 19 16:01:23 host02 postfix/smtpd[30803]: 75986E06EF: client=my.mailhost.com[x.x.x.x]
Aug 19 16:01:31 host02 postfix/cleanup[33164]: 75986E06EF: hold: header Received: from my.mailhost.com (my.mailhost.com [x.x.x.x])??(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))??(No client certificate requested)??by x.x. from my.mailhost.com[x.x.x.x]; from=<support@microsoft.com> to=<mail@domain.com> proto=ESMTP helo=<my.mailhost.com>
Aug 19 16:01:31 host02 postfix/cleanup[33164]: 75986E06EF: message-id=<>
Aug 19 16:01:31 host02 opendkim[15821]: 75986E06EF: my.mailhost.com [x.x.x.x] not internal
Aug 19 16:01:31 host02 opendkim[15821]: 75986E06EF: not authenticated
Aug 19 16:01:31 host02 opendkim[15821]: 75986E06EF: no signature data
Aug 19 16:01:32 host02 opendmarc[15801]: 75986E06EF: SPF(mailfrom): support@microsoft.com fail
Aug 19 16:01:32 host02 opendmarc[15801]: 75986E06EF: microsoft.com fail
Aug 19 16:01:34 host02 postfix/smtpd[30803]: disconnect from my.mailhost.com[x.x.x.x] ehlo=2 starttls=1 mail=1 rcpt=1 data=1 quit=1 commands=7
Thanks a lot.

Kind Regards,
Stefan

Post Reply