Proxmox DKIM

@dietmar What is the current status of this feature? I am onboarding some new customers to PMG weekly. (Should think about reselling). :-D
This feature is missed almost to everybody.
 
Thanks @tom !
I know how to configure it. Makes it just a little harder to sell customers the awesome, easy and simple to maintain Mail Gateway solution. :)
 
it works but keep in mind that you need to put a cron task to restart every minute the pmg-smtp-filter for some odd reason after implementing dkim after few hours it stops.
 
it works but keep in mind that you need to put a cron task to restart every minute the pmg-smtp-filter for some odd reason after implementing dkim after few hours it stops.

I do not see this behavior here.
 
it works but keep in mind that you need to put a cron task to restart every minute the pmg-smtp-filter for some odd reason after implementing dkim after few hours it stops.
Sorry but this is only yours as a problem.
Technicaly speaking pmg-smtp-filter is a content filter and opendkim is a milter which should work together by design. I suggest to analyze in deep your issue,maybe with the help of proxmox support. I've both pmg-smtp-filter and a lot of milters running on the same box without any interference each other.
 
Can't we just configure proxmox mail gateway to relay all email to another mta that does dkim signing?
That way you don't need to manually adjust postfix config files and it would probably be easier to upgrade?
 
Sorry but this is only yours as a problem.
Technicaly speaking pmg-smtp-filter is a content filter and opendkim is a milter which should work together by design. I suggest to analyze in deep your issue,maybe with the help of proxmox support. I've both pmg-smtp-filter and a lot of milters running on the same box without any interference each other.
whats odd is that i have 6 vm of proxmox mail filter after i added the opendkim this happened
 
I still don't understand, why PMG is not supporting DKIM. Isn't relaying a mail through PMG changing header data, won't that break DKIM? Or the SpamAssassin checking and sometimes "rebuilding" the mail content? It looks more safe to have all the security stuff on one point. Same as I would be happy to have archiving and mail signing/encrypting (PGP and/or S/MIME) also (minimum as modules) on PMG.
 
I still don't understand, why PMG is not supporting DKIM. Isn't relaying a mail through PMG changing header data, won't that break DKIM? Or the SpamAssassin checking and sometimes "rebuilding" the mail content? It looks more safe to have all the security stuff on one point. Same as I would be happy to have archiving and mail signing/encrypting (PGP and/or S/MIME) also (minimum as modules) on PMG.
I just setup PMG as a mail gateway for my Zimbra install which uses multiple backend servers for each domain, each handling their own DKIM signing, etc. and have had no issues sending DKIM signed emails out through PMG, or receiving them from outside sources.

All tests I've done have come back with a perfect score.

The best thing I love about PMG is how simple it is to setup. It's great at being a simple SPAM and Virus filter, reducing load off my backend servers, and I'm happy the team has kept it to just that. :)
 
  • Like
Reactions: killmasta93
I just setup PMG as a mail gateway for my Zimbra install which uses multiple backend servers for each domain, each handling their own DKIM signing, etc. and have had no issues sending DKIM signed emails out through PMG, or receiving them from outside sources.

All tests I've done have come back with a perfect score.

The best thing I love about PMG is how simple it is to setup. It's great at being a simple SPAM and Virus filter, reducing load off my backend servers, and I'm happy the team has kept it to just that. :)

For sure, everyone has an own view on topics, however, a Mail Gateway from my point of view is the best position to perform such topics. Also for my company we use different systems behind (Plesk, Exchange, Zammad) would be fine, if I could add DKIM just at one place and with only one system without the requirement to relay anything additional between to add DKIM (if we would like to).
 
I just setup PMG as a mail gateway for my Zimbra install which uses multiple backend servers for each domain, each handling their own DKIM signing, etc. and have had no issues sending DKIM signed emails out through PMG, or receiving them from outside sources.

All tests I've done have come back with a perfect score.

The best thing I love about PMG is how simple it is to setup. It's great at being a simple SPAM and Virus filter, reducing load off my backend servers, and I'm happy the team has kept it to just that. :)

quick question when you say that your zimbra does the dkim how do you pass though PMG? dont you have to relay it?
 
  • Like
Reactions: Jonathan Tyler
quick question when you say that your zimbra does the dkim how do you pass though PMG? dont you have to relay it?

Yes, they are all relaying through PMG. The only thing I've noticed having an issue with are mails coming from PMG itself, like bounce-backs, that aren't signed with the mta's domain dkim. But I'm not overly concerned with those. I wonder if there's a way to pass system emails to Zimbra and have them relay back out through PMG, signed with the mta's domain dkim... hmm.
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!