@d19dotca Sadly, they do match. I'm guessing it's something with my current setup that's acting funny. I'll ignore it for now since I plan on migrating either to the new Contabo server that I got or upgrading my current one at DO to Ubuntu 20.04. I just thought it was a wrong setting on my part.

Thank you for looking into this and for sharing the custom spam rules! I know you've put a lot of time into that 👍

2443c4d7-ec13-4149-add3-28e1e7ad48ed-image.png

@d19dotca Perhaps even a per-app option, as in "Check for spam sent from this app."

@girish said in Email into apps - DNS/MX/CNAME/TXT:

You have to setup the CNAME/TXT for the root domain and not for my.example.com. You don't have to set it up for each app individually

Thank you. That was my main issue.

@nebulon got it, thank you!

Thanks, I have put a note in https://docs.cloudron.io/email/#autoconfigxml

@d19dotca since we had some recent timeout issue with the services view (and mail being a service here) it could be that also here the mail container or the server overall is busy during that time and thus the search queries timeout. If you see this happening again, a look into the system/box logs as well as mail service logs should reveal this then.

Yes, this needs to be a setting! Even if manual via console.

I just realized part of this is a duplicate of one that @marcusquinn filed earlier for Add a setting for sendmail limits per mailbox per day

For reference, Haraka has a greylisting function built in: http://haraka.github.io/plugins/greylist/ - and it works with the DNSWL / whitelist which we should enable too. That way if an IP is on the DNSWL, it automatically skips any greylisting attributes.

@girish said in Change to the DKIM record hostname in recent version, caused by new feature or from using NO-IP domain provider?:

If it was random, I was afraid there is still a possibility that they can conflict across servers

Great point - that makes sense. Thanks Girish.

Side note: I think it'd still be great for the OCD in some of us to be able to regenerate the DKIM record on demand so it not only follows the new hostname pattern in Cloudron but also generates a new key if desired too.

@nebulon thank you! worked perfectly fine and is very helpful 😄

@mdreira said in Lightmeter - Mail server delivery monitoring:

What mail server does Cloudron use? Exim?

This is what Cloudron uses for smpt: https://haraka.github.io/

@nebulon Will do, thanks!

You can set flags on the email with sieve filters. I think this is only available in roundcube UI though.

bf4f52b4-5648-41a9-aca2-f799daadb640-image.png

Then, in thunderbird, you can highlight them accordingly - https://support.mozilla.org/en-US/kb/message-tags

@privsec said in Let’s encrypt certificates expiring?:

Like can there be a memory within cloudron of all subdomains used and when it comes time to renew, just renew it on all of those subdomains?

That's the current behavior. It only renews domains that are in use in Cloudron. AFAIK, there is no way to tell Let's Encrypt to "forget a subdomain" that we had gotten a certificate before. This is the reason why you get the reminder emails from Let's Encrypt about old domains.

@marcusquinn It's a more general tool as an attempt to fix and replace the issues with Email in general. It does that well.

It just needs adoption.

https://hacker10.com/computer-security/send-email-with-tor-i2p-and-gpg-using-confidant-mail/

https://privacytools.io has other options too

@paenzy I read somewhere that adding terms and disclaimers to emails made then "contractual", so in some cases and places it is better not to have them.

I'm always interested in what's supposed to be law and what becomes hearsay law because lots of people do it and tell each other it should be done.

I don't have experience either way but tend not to use email signatures from both habit and to be personable.

@masonbee Re: Email authentication failure

Solved. Duh, I changed my password and never realised the emails weren't on independent passwords.

I really like the blackllist checking being built-in. Frankly, I'd also be a fan of getting notifications about it. I suppose UX-wise, perhaps this is the appropriate sort of thing to trigger a yellow status on email.

The root cause for this was the Cloudron server had the hostname as "box.domain.com" (same as the relay). Debian/Ubuntu has a quirk that it will put the hostname in /etc/hosts to resolve as 127.0.1.1. This meant that when we try to set it as relay, it resolves to 127.0.1.1 instead of the actual IP.

To add to the confusion, I suggested using the host command which does not use /etc/hosts (i.e the nsswitch mechanisms) and uses only the DNS. If I had suggested using ping then we would have narrowed down the issue more quickly...

Anyway, the fix is simply to hostnamectl set-hostname somethingelse.domain.com and also edit /etc/hosts (for some reason, hostnamectl doesn't change hosts file even after reboot, 🤷 ).

@imc67 currently, there is no manual way to do it since it will get overwritten after restart.

@drpaneas said in gmail blocks my server?:

@jdaviescoates I have cloudron installed at home.

Ah, right.

@girish Yes, I guess the email from my Cloudron domain is getting flagged as spam on their side, and then they reply to me without removing it from the Subject line. Ok, I'll get in touch with them and figure things out. As far as I know, I've done all I should to legitimize my cloudron domain - they use a provincial ISP for the email so I suspect they are picky.
Thanks!

@girish Ok

@girish perfect, it works !

@girish Ok thanks, will try that

I love this conversation, this is gold.

We have to strengthen the mail server as a safe, it is a very valuable asset.

If we add to these limits/fuses the ability for the server to do certain actions if it detects that a domain has a higher percentage of X% of bounces and X% of complaints.

This would also be a must have to shield the mail server.

We have to be able to monitor all this well and automate actions in mail server.

@girish
Thanks - it is green now and everything is okay 🙂

@freetommy If I understand you correctly, what you are saying is that when email forwarding is enabled in rainloop, then the forwarding is done directly to the destination domain via port 25 instead of using Cloudron's email relay. Did I get that right?