Proxmox DKIM

killmasta93

Active Member
Aug 13, 2017
612
33
33
26
it works but keep in mind that you need to put a cron task to restart every minute the pmg-smtp-filter for some odd reason after implementing dkim after few hours it stops.
 

tom

Proxmox Staff Member
Staff member
Aug 29, 2006
14,284
535
133
it works but keep in mind that you need to put a cron task to restart every minute the pmg-smtp-filter for some odd reason after implementing dkim after few hours it stops.
I do not see this behavior here.
 
Feb 6, 2018
79
6
13
47
it works but keep in mind that you need to put a cron task to restart every minute the pmg-smtp-filter for some odd reason after implementing dkim after few hours it stops.
Sorry but this is only yours as a problem.
Technicaly speaking pmg-smtp-filter is a content filter and opendkim is a milter which should work together by design. I suggest to analyze in deep your issue,maybe with the help of proxmox support. I've both pmg-smtp-filter and a lot of milters running on the same box without any interference each other.
 

Miktash

Active Member
Mar 6, 2015
56
1
28
Can't we just configure proxmox mail gateway to relay all email to another mta that does dkim signing?
That way you don't need to manually adjust postfix config files and it would probably be easier to upgrade?
 

killmasta93

Active Member
Aug 13, 2017
612
33
33
26
Sorry but this is only yours as a problem.
Technicaly speaking pmg-smtp-filter is a content filter and opendkim is a milter which should work together by design. I suggest to analyze in deep your issue,maybe with the help of proxmox support. I've both pmg-smtp-filter and a lot of milters running on the same box without any interference each other.
whats odd is that i have 6 vm of proxmox mail filter after i added the opendkim this happened
 

heutger

Well-Known Member
Apr 25, 2018
784
211
48
Fulda, Hessen, Germany
www.heutger.net
I still don't understand, why PMG is not supporting DKIM. Isn't relaying a mail through PMG changing header data, won't that break DKIM? Or the SpamAssassin checking and sometimes "rebuilding" the mail content? It looks more safe to have all the security stuff on one point. Same as I would be happy to have archiving and mail signing/encrypting (PGP and/or S/MIME) also (minimum as modules) on PMG.
 

Jonathan Tyler

New Member
May 15, 2019
4
2
3
37
I still don't understand, why PMG is not supporting DKIM. Isn't relaying a mail through PMG changing header data, won't that break DKIM? Or the SpamAssassin checking and sometimes "rebuilding" the mail content? It looks more safe to have all the security stuff on one point. Same as I would be happy to have archiving and mail signing/encrypting (PGP and/or S/MIME) also (minimum as modules) on PMG.
I just setup PMG as a mail gateway for my Zimbra install which uses multiple backend servers for each domain, each handling their own DKIM signing, etc. and have had no issues sending DKIM signed emails out through PMG, or receiving them from outside sources.

All tests I've done have come back with a perfect score.

The best thing I love about PMG is how simple it is to setup. It's great at being a simple SPAM and Virus filter, reducing load off my backend servers, and I'm happy the team has kept it to just that. :)
 
  • Like
Reactions: killmasta93

heutger

Well-Known Member
Apr 25, 2018
784
211
48
Fulda, Hessen, Germany
www.heutger.net
I just setup PMG as a mail gateway for my Zimbra install which uses multiple backend servers for each domain, each handling their own DKIM signing, etc. and have had no issues sending DKIM signed emails out through PMG, or receiving them from outside sources.

All tests I've done have come back with a perfect score.

The best thing I love about PMG is how simple it is to setup. It's great at being a simple SPAM and Virus filter, reducing load off my backend servers, and I'm happy the team has kept it to just that. :)
For sure, everyone has an own view on topics, however, a Mail Gateway from my point of view is the best position to perform such topics. Also for my company we use different systems behind (Plesk, Exchange, Zammad) would be fine, if I could add DKIM just at one place and with only one system without the requirement to relay anything additional between to add DKIM (if we would like to).
 

killmasta93

Active Member
Aug 13, 2017
612
33
33
26
I just setup PMG as a mail gateway for my Zimbra install which uses multiple backend servers for each domain, each handling their own DKIM signing, etc. and have had no issues sending DKIM signed emails out through PMG, or receiving them from outside sources.

All tests I've done have come back with a perfect score.

The best thing I love about PMG is how simple it is to setup. It's great at being a simple SPAM and Virus filter, reducing load off my backend servers, and I'm happy the team has kept it to just that. :)
quick question when you say that your zimbra does the dkim how do you pass though PMG? dont you have to relay it?
 
  • Like
Reactions: Jonathan Tyler

Jonathan Tyler

New Member
May 15, 2019
4
2
3
37
quick question when you say that your zimbra does the dkim how do you pass though PMG? dont you have to relay it?
Yes, they are all relaying through PMG. The only thing I've noticed having an issue with are mails coming from PMG itself, like bounce-backs, that aren't signed with the mta's domain dkim. But I'm not overly concerned with those. I wonder if there's a way to pass system emails to Zimbra and have them relay back out through PMG, signed with the mta's domain dkim... hmm.
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE and Proxmox Mail Gateway. We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get your own in 60 seconds.

Buy now!