[TUTORIAL] Authenticated SMTP, DKIM and DMARC

Discussion in 'Mail Gateway: Installation and configuration' started by danielb, Oct 17, 2018.

Tags:
  1. danielb

    danielb Member

    Joined:
    Jun 1, 2018
    Messages:
    37
    Likes Received:
    11
    Hi there. Here's a how-to for adding authenticated SMTP (smtps and submission against AD, or LDAP), DKIM (both verifier for inbound and signer for outbound) and DMARC support to PMG

    https://wiki.fws.fr/tuto/linux_divers/dkim_dmarc_onpmg

    (This is a "translation" from what I do using ansible, so, I hope I haven't missed anything, please let me know)
     
    DerDanilo, killmasta93, horde and 2 others like this.
  2. killmasta93

    killmasta93 Member

    Joined:
    Aug 13, 2017
    Messages:
    255
    Likes Received:
    8
    really great guide, this would apply for the outbound? even if postfix (email server behind proxmox) has its own DKIM and DMARC?
     
  3. danielb

    danielb Member

    Joined:
    Jun 1, 2018
    Messages:
    37
    Likes Received:
    11
    There's no point in doing the checks twice. The goal is to have Proxmox Mail Gateway handling all the verifications and filtering, and then pass the good email to a "dumb" SMTP server, which won't filter anything.
     
  4. killmasta93

    killmasta93 Member

    Joined:
    Aug 13, 2017
    Messages:
    255
    Likes Received:
    8
    very good point, by any chance you have a tutorial on configuring postfix (email server) to use the smarthost (proxmox) to send mails? i have tried but have not been able to configure it as on proxmox logs keeps saying user not found.
     
  5. danielb

    danielb Member

    Joined:
    Jun 1, 2018
    Messages:
    37
    Likes Received:
    11
    You need to add something like in main.cf

    Code:
    relayhost = [pmg.domain.tld]:26
    Port 26 of your Proxmox Mail Gateway should be reachable
     
  6. tom

    tom Proxmox Staff Member
    Staff Member

    Joined:
    Aug 29, 2006
    Messages:
    13,160
    Likes Received:
    352
    See GUI.

    Configuration/Mail Proxy/Relaying: Smarthost
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. danielb

    danielb Member

    Joined:
    Jun 1, 2018
    Messages:
    37
    Likes Received:
    11
    In this case, @killmasta93 wants to use PMG as a smarthost from another postfix (at least that's how I understand it), so, PMG's GUI cannot help here ;-)
     
  8. DerDanilo

    DerDanilo Member

    Joined:
    Jan 21, 2017
    Messages:
    223
    Likes Received:
    17
    Where can we access the Ansible playbooks you used? Way better than to do everything manually.

    Thanks!
     
  9. danielb

    danielb Member

    Joined:
    Jun 1, 2018
    Messages:
    37
    Likes Received:
    11
    It's too tightly integrated with tons of other things I setup (IMAP proxying, AD auth etc...) to be usable as is. That's why I don't share them publicly. I'll send you a PM with a link if you're interested
     
  10. DerDanilo

    DerDanilo Member

    Joined:
    Jan 21, 2017
    Messages:
    223
    Likes Received:
    17
    @tom Can Proxmox please integrate DKIM ? This is needed very much and actually a bummer in many occasions so that I cannot recommend PMG to customers who absolutely require DKIM. Customization is not an option for everybody, especially when a consultant sets up the system and a firm doesn't have IT personal who can take care of the system immediately if something goes wrong.

    Thanks!
     
  11. killmasta93

    killmasta93 Member

    Joined:
    Aug 13, 2017
    Messages:
    255
    Likes Received:
    8
  12. killmasta93

    killmasta93 Member

    Joined:
    Aug 13, 2017
    Messages:
    255
    Likes Received:
    8
    well the fix was removing the smart host and it started to work if anyone else gets the same issue
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice