To quarantine the flood of marketing junkmail, using a backstop rule at the very bottom of the priority that matches header fields for all the various marketing automation systems has been very successful. Basically, a large set of "</> Match Field" entries like so:
I have an Exchange server behind a Proxmox Mail Gateway 7.0-6
On the other end I have a Postfix server behind another Proxmox Mail Gateway 6.4-4
EXCHANGE <---> PROXMOX MG 7.0-6 <-----> WAN <-----> PROXMOX MG 6.4-4 <----> POSTFIX
If I send a test mail from the postfix side to my exchange...
I'm trying to configure PMG with unbound as local DNS, as explained here. And it seems to work because my firewall logs shows the PMG server is connecting with multiple IP's on port 53 every time I get an incoming email.
But I'm also seeing a lot of false positives with this hit...
I have setup DKIM so that mails from our internal network that are sent over PMG get a signature. Now I wonder what to do with our external servers, e.g. JIRA or Gitlab.
Those currently send mails via a smarthost but could be switched to using the local Postfix on each server. One option...
we've got 2 mailgateways in production and we are happy with them. We recently noticed that DKIM is not working if we add a disclaimer through the mail filter actions. If we switch off the disclaimer, we get a valid/ok message for DKIM. If we enable disclaimer we get the following...
- PMG should also support signing with ed25519 keys.
- It is advisable to sign with rsa AND ed25519 since not all receiving servers are capable of checking ed25519 keys. (Dual Signing)
- This should be configurable
Now, as far as I understood from the UI and docs, it is possible to have only one DKIM selector, that is shared across all domains in the installation.
Is there a way to have uniq selector/key per domain?
I have proxmox mailgw as a relay to more mail servers in my local network and when someone tries to send mail to non-existing address, PMG returns Undelivered Mail Returned to Sender which is marked as spam because the message is not signed with DKIM, how can I have PMG automatically sign those...
I'm just leaving this here so it may help other people. I've been screwing with this for several hours to get it working.
Originally here is what I did to get the keys
create selector (pmg2021)
tick the box to sign outgoing mail.
View the DNS
change DNS records
add a domain to...
We want to be able to selectively have domain signed. Therefore we mantain domains in /etc/pmg/dkim/domains.
Sign all Outgoing Mail
Controls whether all outbound mail should get signed or only mails from domains listed in /etc/pmg/dkim/domains if it exists and /etc/pmg/domains otherwise...
I recently noticed that mails from Gmail that include inline images or attachments are marked as DKIM_INVALID by SpamAssasin.
X-SPAM-LEVEL: Spam detection results: 1
AWL -2.181 Adjusted score from AWL reputation of From: address
We are currenty signing outgoing messages for specific domains with DKIM.
The problem is that all bounce messages are not signed with DKIM.
It is flooding our DMARC reports with PMG hostname as subdomain.
Can we sign bounce messages with DKIM in any way?
Or the only option is to create...
in einigen DMARC-Reports bin ich darauf gestoßen, dass angeblich DKIM-Checks für Mails meiner Domäne fehlschlagen würden:
Ich habe eine Testmail an...
Out-of-box PMG generate DKIM, public part looks good (checked by several services), but outgoing mails doesn't signed properly - DKIM-Result: fail (bad signature)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=somedomain.tld;
I am curious as I look over the my servers for the DKIM section in Dashboard --> Configuration --> Mail Proxmox --> DKIM
In the Settings section, if I have It set to "Sign all Outgoing Mail" that it signs all domains that are hosted regardless of whether they are using the DKIM record on their...
I am looking to see if there is a way to add multiple dkim records on the PMG server. I have one rolled out that I use for customers that is 2048 in length. The problem is a new customers DNS only allows for a maximum of 255 characters which as far as I can tell is a 1024 length key...
In der Dokumentation zur PMG finde ich folgendes:
Proxmox Mail Gateway verifies DKIM Signatures for inbound mail in the Spam Filter by default.
Leider werden bei Inbound E-Mails weder ein "Authentication-Results" Header, noch weitere Informationen zur DMARC Richtlinie o.ä. gesetzt.
Ist das ggf...
Wenn der DKIM Selektor im GUI geändert wird, wird automatisch ein neuer Private Key /etc/pmg/dkim/selector.private generiert.
Macht es nicht mehr Sinn zu prüfen ob /etc/pmg/dkim/selector.private existiert und das bestehende Zertifikat zu verwenden, sofern es existiert?
(Verwendete PMG Version...
Hi there. Here's a how-to for adding authenticated SMTP (smtps and submission against AD, or LDAP), DKIM (both verifier for inbound and signer for outbound) and DMARC support to PMG
(This is a "translation" from what I do using ansible...