DKIM and DMARC for built-in outgoing mail
-
And I just noticed:
Feb 14 01:02:24 [INFO] [-] [core] [outbound] Sending email as a transaction Feb 14 01:02:24 [NOTICE] [-] [dkim_sign] skipped: no private key for lily.dmnw.net Feb 14 01:02:24 [INFO] [-] [core] [outbound] Processing delivery for domain: cloudron.io Feb 14 01:02:24 EACCES: permission denied, open '/app/haraka-config/config/dkim/lily.dmnw.net/private'
-
@clouddaz That does indeed seem like the problem.
On the server: Go to the directory
/home/yellowtent/boxdata/mail/dkim/<domain>
. It should have the public/private DKIM keys. Are they present? If they are present, thenchown -R yellowtent:yellowtent /home/yellowtent/boxdata/mail/dkim
and then go toservices
->mail
and restart it.If they are not present, let me know, we have to see why they are not present (they are created at domain addition time).
-
I have the same issue on my cloudron (standard plan). All checkmarks at SMTP Status are green. I use Mailjet (free account) at the moment to get around this issue.
2019-02-26T21:12:32.000Z EACCES: permission denied, open '/app/haraka-config/config/dkim/*****.******/private' 2019-02-26T21:12:32.000Z [NOTICE] [-] [dkim_sign] skipped: no private key for *****.******
cloudron@h2812623:/home/yellowtent/boxdata/mail/dkim/*****.******$ ll total 20 drwxr-xr-x 2 yellowtent yellowtent 4096 Jan 9 07:29 ./ drwxr-xr-x 3 yellowtent yellowtent 4096 Dez 8 23:13 ../ -rw------- 1 yellowtent yellowtent 891 Dez 8 23:13 private -rw-r--r-- 1 yellowtent yellowtent 272 Dez 8 23:13 public -rw-r--r-- 1 yellowtent yellowtent 8 Dez 8 23:13 selector
@girish please let us know if you figure out what causes this behavior.
-
I noticed that some folders maybe have wrong permissions. "cloudron" is the user I used to install Cloudron (with sudo) on the server.
Most of the folders/files under /home/yellowtent are owned by yellowtent, some by root and a small percentage is owned by cloudron. Could this result in the error we see? -
I experienced the same issue today on a fresh new installation v4.0.0:
2019-05-10T11:54:20.000Z [INFO] [-] [core] [outbound] Sending email as a transaction 2019-05-10T11:54:20.000Z EACCES: permission denied, open '/app/haraka-config/config/dkim/mydomain.net/private' 2019-05-10T11:54:20.000Z [NOTICE] [-] [dkim_sign] skipped: no private key for mydomain.net 2019-05-10T11:54:20.000Z [INFO] [-] [core] [outbound] Processing delivery for domain: mail-tester.com
so it seems that this bug is still out there...
-
@ruben did you checked if the file exists? What are the file permissions/owner/group? Does the file contains a certificate? With cloudron 4.X.X you have the ability to re-setup DNS (maybe this fixes the issue?). What about renewing all certs (--> Domain)?
@murgero cloudron is at v4.0.3 at the moment. Do you use a custom hoster image? I'm on a netcup image and the message popped up today. You're off topic by the way...
-
@subven yes, the file exists. These are the permissions:
drwxr-xr-x 2 yellowtent yellowtent 4096 May 10 10:33 ./ drwxr-xr-x 4 yellowtent yellowtent 4096 May 10 11:27 ../ -rw------- 1 yellowtent yellowtent 887 May 10 10:33 private -rw-r--r-- 1 yellowtent yellowtent 272 May 10 10:33 public -rw-r--r-- 1 yellowtent yellowtent 8 May 10 10:33 selector
The DKIM-signing works after a
chmod 777 private
but I don't think that 's a sustainable solution.The 'renew all certs'-button does not seem te renew my certificates.
My DNS-setup is 'wildcard', so I don't think it 's possible to re-setup dns?I just added an extra domain (with cloudron 4.0.3) and it results in the same permissions:
drwxr-xr-x 2 yellowtent yellowtent 4096 May 17 06:54 ./ drwxr-xr-x 5 yellowtent yellowtent 4096 May 17 06:54 ../ -rw------- 1 yellowtent yellowtent 887 May 17 06:54 private -rw-r--r-- 1 yellowtent yellowtent 272 May 17 06:54 public -rw-r--r-- 1 yellowtent yellowtent 8 May 17 06:54 selector
-
@girish Hi, I can confirm that this issue is still there with 2 domains.
Unfortunately I didn't check after a fresh install and just 1 domain.