Hetzner PTR Record Invalid
-
wrote on Dec 30, 2024, 7:02 PM last edited by
The Cloudron status shows everything green in my instance. The DNS records are perfectly fine. The issue is the Haraka SMTP service in Cloudron seems to no longer be signing the messages properly so they are missing DKIM signatures.
-
Records are fine, does the Cloudron status think they're fine?
Does the external test think the records match now?
How are the mail headers?
Let's not miss any testing steps after making changes..
wrote on Dec 30, 2024, 7:16 PM last edited by -
wrote on Dec 30, 2024, 11:02 PM last edited by d19dotca Dec 30, 2024, 11:03 PM
@nebulon / @girish , I think unfortunately this is coming down to a defect in 8.2.x where the DKIM signatures are not being used to sign outgoing messages.
I'm thinking we will need a patch for that as soon as possible, please as it's having a big impact in connecting to certain mail providers (seems to mostly be Google at the moment but I'm sure others are affected to a degree too). In the meantime, I may need to switch to a different SMTP server / relay service temporarily.
If there's anything I can do to help, please let me know. I can offer SSH connection into my server if you require it too.
-
@nebulon / @girish , I think unfortunately this is coming down to a defect in 8.2.x where the DKIM signatures are not being used to sign outgoing messages.
I'm thinking we will need a patch for that as soon as possible, please as it's having a big impact in connecting to certain mail providers (seems to mostly be Google at the moment but I'm sure others are affected to a degree too). In the meantime, I may need to switch to a different SMTP server / relay service temporarily.
If there's anything I can do to help, please let me know. I can offer SSH connection into my server if you require it too.
wrote on Dec 31, 2024, 11:52 AM last edited by@d19dotca said in Hetzner PTR Record Invalid:
@nebulon / @girish , I think unfortunately this is coming down to a defect in 8.2.x where the DKIM signatures are not being used to sign outgoing messages.
I'm thinking we will need a patch for that as soon as possible, please as it's having a big impact in connecting to certain mail providers (seems to mostly be Google at the moment but I'm sure others are affected to a degree too). In the meantime, I may need to switch to a different SMTP server / relay service temporarily.
If there's anything I can do to help, please let me know. I can offer SSH connection into my server if you require it too.
Of THAT could be the case that I'm currently getting lots of failing DKIM reports
-
-
-
There is indeed a regression with DKIM signing. This is fixed now. Will get a patch release out asap.
@girish Great, thanks and happy new year !
-
wrote on Jan 2, 2025, 4:42 PM last edited by
Hi @girish , any chance that the fix could be released today or tomorrow for those of us on 8.2.x?
Also I’m sure you already have this being tracked for the future but I wanted to at least write down my suggestion: I think if possible it may be a great time to add some more automated test cases for the email functionality in order to make sure the DKIM signature exists in messages as an example.
-
@d19dotca 8.2.2 is out now and should fix the crash and the DKIM issue. The crash issue is only mildly tested since upstream has not merged it yet, but maybe you can check if that works fine?
wrote on Jan 2, 2025, 5:56 PM last edited by@girish said in Hetzner PTR Record Invalid:
@d19dotca 8.2.2 is out now and should fix the crash and the DKIM issue. The crash issue is only mildly tested since upstream has not merged it yet, but maybe you can check if that works fine?
It works indeed
thank you for the speedy fix!
-
@d19dotca 8.2.2 is out now and should fix the crash and the DKIM issue. The crash issue is only mildly tested since upstream has not merged it yet, but maybe you can check if that works fine?
App Devwrote on Jan 2, 2025, 6:20 PM last edited by Kubernetes Jan 2, 2025, 6:25 PM@girish Great work, thank you very much for the quick fix and release. I just updated and tested and the crash doesn't show up again and DKIM is also working.
Always glad to post real defects
-
wrote on Jan 3, 2025, 1:37 AM last edited by d19dotca Jan 3, 2025, 1:51 AM
Confirmed, it seems to be much better now. Thank you so much for the quick turnaround on that! Great job!