I'm trying to configure PMG with unbound as local DNS, as explained here. And it seems to work because my firewall logs shows the PMG server is connecting with multiple IP's on port 53 every time I get an incoming email.
But I'm also seeing a lot of false positives with this hit...
I have setup DKIM so that mails from our internal network that are sent over PMG get a signature. Now I wonder what to do with our external servers, e.g. JIRA or Gitlab.
Those currently send mails via a smarthost but could be switched to using the local Postfix on each server. One option...
we've got 2 mailgateways in production and we are happy with them. We recently noticed that DKIM is not working if we add a disclaimer through the mail filter actions. If we switch off the disclaimer, we get a valid/ok message for DKIM. If we enable disclaimer we get the following...
- PMG should also support signing with ed25519 keys.
- It is advisable to sign with rsa AND ed25519 since not all receiving servers are capable of checking ed25519 keys. (Dual Signing)
- This should be configurable
Now, as far as I understood from the UI and docs, it is possible to have only one DKIM selector, that is shared across all domains in the installation.
Is there a way to have uniq selector/key per domain?
I have proxmox mailgw as a relay to more mail servers in my local network and when someone tries to send mail to non-existing address, PMG returns Undelivered Mail Returned to Sender which is marked as spam because the message is not signed with DKIM, how can I have PMG automatically sign those...
I'm just leaving this here so it may help other people. I've been screwing with this for several hours to get it working.
Originally here is what I did to get the keys
create selector (pmg2021)
tick the box to sign outgoing mail.
View the DNS
change DNS records
add a domain to...
We want to be able to selectively have domain signed. Therefore we mantain domains in /etc/pmg/dkim/domains.
Sign all Outgoing Mail
Controls whether all outbound mail should get signed or only mails from domains listed in /etc/pmg/dkim/domains if it exists and /etc/pmg/domains otherwise...
I recently noticed that mails from Gmail that include inline images or attachments are marked as DKIM_INVALID by SpamAssasin.
X-SPAM-LEVEL: Spam detection results: 1
AWL -2.181 Adjusted score from AWL reputation of From: address
We are currenty signing outgoing messages for specific domains with DKIM.
The problem is that all bounce messages are not signed with DKIM.
It is flooding our DMARC reports with PMG hostname as subdomain.
Can we sign bounce messages with DKIM in any way?
Or the only option is to create...
in einigen DMARC-Reports bin ich darauf gestoßen, dass angeblich DKIM-Checks für Mails meiner Domäne fehlschlagen würden:
Ich habe eine Testmail an...
Out-of-box PMG generate DKIM, public part looks good (checked by several services), but outgoing mails doesn't signed properly - DKIM-Result: fail (bad signature)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=somedomain.tld;
I am curious as I look over the my servers for the DKIM section in Dashboard --> Configuration --> Mail Proxmox --> DKIM
In the Settings section, if I have It set to "Sign all Outgoing Mail" that it signs all domains that are hosted regardless of whether they are using the DKIM record on their...
I am looking to see if there is a way to add multiple dkim records on the PMG server. I have one rolled out that I use for customers that is 2048 in length. The problem is a new customers DNS only allows for a maximum of 255 characters which as far as I can tell is a 1024 length key...
In der Dokumentation zur PMG finde ich folgendes:
Proxmox Mail Gateway verifies DKIM Signatures for inbound mail in the Spam Filter by default.
Leider werden bei Inbound E-Mails weder ein "Authentication-Results" Header, noch weitere Informationen zur DMARC Richtlinie o.ä. gesetzt.
Ist das ggf...
Wenn der DKIM Selektor im GUI geändert wird, wird automatisch ein neuer Private Key /etc/pmg/dkim/selector.private generiert.
Macht es nicht mehr Sinn zu prüfen ob /etc/pmg/dkim/selector.private existiert und das bestehende Zertifikat zu verwenden, sofern es existiert?
(Verwendete PMG Version...
Hi there. Here's a how-to for adding authenticated SMTP (smtps and submission against AD, or LDAP), DKIM (both verifier for inbound and signer for outbound) and DMARC support to PMG
(This is a "translation" from what I do using ansible...
we are considering Proxmox Mail Gateway as our all-in-one solution for most of the E-mail problems we have in our company. That being said, it is still unclear why there are two datasheets of the same product on the Proxmox website and why 4.1a is neither being offered to test, nor...