I'm looking into enabling DKIM on my PMG and am wondering what I am supposed to add to the Selector windows when creating the selector. As currently the selector list is blank (see image).
Can someone please point me in the right direction?
Regards,
Aaron
Hi all,
I'm wondering if anyone has had any luck whitelisting trusted domains conditional on having an aligned and passing DKIM signature for in the message?
The goal is to only skip filtering for messages from that trusted domain that are authenticated. This way it's a whitelist that is not...
Hello Proxmox-Forum,
we do have a storage error. We are running a 2-node cluster of the latest mail gateway version in HA mode. One of the nodes started to make trouble delivering mail to external domains (Microsoft-based and others). The error is reproducible. The error message on the node1 is...
Hi,
we receive spoofed phishing emails that appear to be coming from our own domain. In order to filter or quarantine those spoofed emails I activated DKIM signatures for our own emails. Now that all "legitimate" e-mails from our domain are digitally signed via DKIM I was hoping I could filter...
Guten Tag
Bekommen im DNS, die im PMG unter 'Configuration: Mail Proxy > Relay Domains' angegeben Domaenen, alle den gleichen DKIM-Record, so wie er im PMG unter 'Configuration: Mail Proxy > DKIM > View DNS Record' steht?
Liebe Gruesse!
In the current PMG 8.0.7 version postfix internal mails (bounce & notify) will not be DKIM signed - even if the source domain is part of the signing domains.
If the bounce sender domain have a strict DKIM / DMARC alignment, some providers are rejecting these important mails.
e.G. Incoming mail...
Hello
now that we have gotten DKIM signing to work im sitting here thinking what if worst case senario came to pass..
all devices gets encrypted.
handing out the TXT record that the users need to enter into there dns servers what if it changes so you have to start from scratch.
this got me...
Hallo zusammen,
ich habe momentan das Proxmox Mail Gateway in der Version 7.3-6 im Einsatz.
Zudem habe ich opendkim und opendmarc installiert und an Postfix angeschlossen.
Soweit funktioniert auch alles.
Jedoch habe ich im opendmarc Daemon eingestellt, dass die DMARC-Policy ausgewertet werden...
Hallo zusammen,
besteht die Möglichkeit E-Mails abzulehnen wenn der SPF verletzt wird. Bspw. wenn die Domain einen Hardfail eingetragen hat? Ich würde gerne E-Mails nur bei einem hardfail nicht bei einem softfail ablehnen. Habe ich im Standard eine Möglichkeit dazu?
Die gleiche Frage auch auf...
Hello
How to make a DKIM signature with two domains in PMG?
When we release a letter from quarantine, heder is added there postmaster@mydomain1.com and the receiving server defines the email as spam
attach a piece of the log where the check fails
X-Mailru-Dmarc-Auth: dmarc=fail...
To quarantine the flood of marketing junkmail, using a backstop rule at the very bottom of the priority that matches header fields for all the various marketing automation systems has been very successful. Basically, a large set of "</> Match Field" entries like so:
X-Mailgun-Sid=.+
X-SG-EID=.+...
I have an Exchange server behind a Proxmox Mail Gateway 7.0-6
On the other end I have a Postfix server behind another Proxmox Mail Gateway 6.4-4
EXCHANGE <---> PROXMOX MG 7.0-6 <-----> WAN <-----> PROXMOX MG 6.4-4 <----> POSTFIX
If I send a test mail from the postfix side to my exchange...
I'm trying to configure PMG with unbound as local DNS, as explained here. And it seems to work because my firewall logs shows the PMG server is connecting with multiple IP's on port 53 every time I get an incoming email.
But I'm also seeing a lot of false positives with this hit...
I have setup DKIM so that mails from our internal network that are sent over PMG get a signature. Now I wonder what to do with our external servers, e.g. JIRA or Gitlab.
Those currently send mails via a smarthost but could be switched to using the local Postfix on each server. One option...
Hello,
we've got 2 mailgateways in production and we are happy with them. We recently noticed that DKIM is not working if we add a disclaimer through the mail filter actions. If we switch off the disclaimer, we get a valid/ok message for DKIM. If we enable disclaimer we get the following...
- PMG should also support signing with ed25519 keys.
- It is advisable to sign with rsa AND ed25519 since not all receiving servers are capable of checking ed25519 keys. (Dual Signing)
- This should be configurable
RFC 8301
https://datatracker.ietf.org/doc/html/rfc8301#section-3.2
RFC 8463...
Hello!
Now, as far as I understood from the UI and docs, it is possible to have only one DKIM selector, that is shared across all domains in the installation.
Is there a way to have uniq selector/key per domain?
I have proxmox mailgw as a relay to more mail servers in my local network and when someone tries to send mail to non-existing address, PMG returns Undelivered Mail Returned to Sender which is marked as spam because the message is not signed with DKIM, how can I have PMG automatically sign those...
I'm just leaving this here so it may help other people. I've been screwing with this for several hours to get it working.
Originally here is what I did to get the keys
enable DKIM
create selector (pmg2021)
tick the box to sign outgoing mail.
View the DNS
change DNS records
add a domain to...
We want to be able to selectively have domain signed. Therefore we mantain domains in /etc/pmg/dkim/domains.
Sign all Outgoing Mail
Controls whether all outbound mail should get signed or only mails from domains listed in /etc/pmg/dkim/domains if it exists and /etc/pmg/domains otherwise...
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.