Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor

  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum

Apps | Demo | Docs | Install
  1. Cloudron Forum
  2. Support
  3. DKIM and DMARC for built-in outgoing mail

DKIM and DMARC for built-in outgoing mail

Scheduled Pinned Locked Moved Solved Support
email
29 Posts 8 Posters 4.5k Views 9 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C Offline
      C Offline
      clouddaz
      wrote on last edited by girish
      #1

      Outgoing mail from the built in email solution does not have a DKIM signature or a DMARC signature.
      Is this possible to enable or configure?

      1 Reply Last reply
      0
      • girishG Do not disturb
        girishG Do not disturb
        girish
        Staff
        wrote on last edited by
        #2

        @clouddaz Outbound mails should already have DKIM signature. Can you send a test mail to https://www.mail-tester.com/ and send us the report?

        1 Reply Last reply
        0
        • girishG Do not disturb
          girishG Do not disturb
          girish
          Staff
          wrote on last edited by
          #3

          Also, Email -> Status. Are all the check marks green?

          C 1 Reply Last reply
          0
          • girishG girish

            Also, Email -> Status. Are all the check marks green?

            C Offline
            C Offline
            clouddaz
            wrote on last edited by
            #4

            @girish, yes they are all green.

            1 Reply Last reply
            0
            • girishG Do not disturb
              girishG Do not disturb
              girish
              Staff
              wrote on last edited by
              #5

              @clouddaz If you can send a test mail to test@cloudron.io (you can do this from email -> status -> send test mail), I can inspect the headers.

              1 Reply Last reply
              0
              • C Offline
                C Offline
                clouddaz
                wrote on last edited by
                #6

                I've just sent it, but don't be surprised if it turns up in your spam folder. Thanks in advance for checking.

                1 Reply Last reply
                0
                • C Offline
                  C Offline
                  clouddaz
                  wrote on last edited by
                  #7

                  And I just noticed:

                  Feb 14 01:02:24 [INFO] [-] [core] [outbound] Sending email as a transaction
                  Feb 14 01:02:24 [NOTICE] [-] [dkim_sign] skipped: no private key for lily.dmnw.net
                  Feb 14 01:02:24 [INFO] [-] [core] [outbound] Processing delivery for domain: cloudron.io
                  Feb 14 01:02:24 EACCES: permission denied, open '/app/haraka-config/config/dkim/lily.dmnw.net/private'
                  
                  1 Reply Last reply
                  0
                  • girishG Do not disturb
                    girishG Do not disturb
                    girish
                    Staff
                    wrote on last edited by
                    #8

                    @clouddaz That does indeed seem like the problem.

                    On the server: Go to the directory /home/yellowtent/boxdata/mail/dkim/<domain>. It should have the public/private DKIM keys. Are they present? If they are present, then chown -R yellowtent:yellowtent /home/yellowtent/boxdata/mail/dkim and then go to services -> mail and restart it.

                    If they are not present, let me know, we have to see why they are not present (they are created at domain addition time).

                    1 Reply Last reply
                    1
                    • C Offline
                      C Offline
                      clouddaz
                      wrote on last edited by
                      #9

                      Yes both DKIM keys are present. chown and mail restart were completed but still no DKIM or DMARC signing. This is the first domain (hostname) not a subsequent added domain, if that helps.

                      1 Reply Last reply
                      0
                      • girishG Do not disturb
                        girishG Do not disturb
                        girish
                        Staff
                        wrote on last edited by
                        #10

                        @clouddaz Can you give us SSH access so I can debug the issue? Support -> Enable Remote support. Thanks!

                        1 Reply Last reply
                        0
                        • subvenS Offline
                          subvenS Offline
                          subven
                          wrote on last edited by
                          #11

                          I have the same issue on my cloudron (standard plan). All checkmarks at SMTP Status are green. I use Mailjet (free account) at the moment to get around this issue.

                          2019-02-26T21:12:32.000Z EACCES: permission denied, open '/app/haraka-config/config/dkim/*****.******/private'
                          2019-02-26T21:12:32.000Z [NOTICE] [-] [dkim_sign] skipped: no private key for *****.******
                          
                          cloudron@h2812623:/home/yellowtent/boxdata/mail/dkim/*****.******$ ll
                          total 20
                          drwxr-xr-x 2 yellowtent yellowtent 4096 Jan  9 07:29 ./
                          drwxr-xr-x 3 yellowtent yellowtent 4096 Dez  8 23:13 ../
                          -rw------- 1 yellowtent yellowtent  891 Dez  8 23:13 private
                          -rw-r--r-- 1 yellowtent yellowtent  272 Dez  8 23:13 public
                          -rw-r--r-- 1 yellowtent yellowtent    8 Dez  8 23:13 selector
                          

                          @girish please let us know if you figure out what causes this behavior.

                          1 Reply Last reply
                          0
                          • subvenS Offline
                            subvenS Offline
                            subven
                            wrote on last edited by
                            #12

                            I noticed that some folders maybe have wrong permissions. "cloudron" is the user I used to install Cloudron (with sudo) on the server.
                            2019-02-28 22_24_43-root@h2812623_ _home_yellowtent_boxdata_mail.png
                            Most of the folders/files under /home/yellowtent are owned by yellowtent, some by root and a small percentage is owned by cloudron. Could this result in the error we see?

                            1 Reply Last reply
                            0
                            • girishG Do not disturb
                              girishG Do not disturb
                              girish
                              Staff
                              wrote on last edited by
                              #13

                              This is fixed in 3.5.4 now.

                              1 Reply Last reply
                              1
                              • R Offline
                                R Offline
                                ruben
                                wrote on last edited by
                                #14

                                I experienced the same issue today on a fresh new installation v4.0.0:

                                2019-05-10T11:54:20.000Z [INFO] [-] [core] [outbound] Sending email as a transaction
                                2019-05-10T11:54:20.000Z EACCES: permission denied, open '/app/haraka-config/config/dkim/mydomain.net/private'
                                2019-05-10T11:54:20.000Z [NOTICE] [-] [dkim_sign] skipped: no private key for mydomain.net
                                2019-05-10T11:54:20.000Z [INFO] [-] [core] [outbound] Processing delivery for domain: mail-tester.com
                                

                                so it seems that this bug is still out there...

                                murgeroM subvenS 2 Replies Last reply
                                1
                                • R ruben

                                  I experienced the same issue today on a fresh new installation v4.0.0:

                                  2019-05-10T11:54:20.000Z [INFO] [-] [core] [outbound] Sending email as a transaction
                                  2019-05-10T11:54:20.000Z EACCES: permission denied, open '/app/haraka-config/config/dkim/mydomain.net/private'
                                  2019-05-10T11:54:20.000Z [NOTICE] [-] [dkim_sign] skipped: no private key for mydomain.net
                                  2019-05-10T11:54:20.000Z [INFO] [-] [core] [outbound] Processing delivery for domain: mail-tester.com
                                  

                                  so it seems that this bug is still out there...

                                  murgeroM Offline
                                  murgeroM Offline
                                  murgero
                                  App Dev
                                  wrote on last edited by
                                  #15

                                  @ruben 4.0.0 is out? how do I install? my cloudron checks for updates but says it's up to date??

                                  R 1 Reply Last reply
                                  0
                                  • R ruben

                                    I experienced the same issue today on a fresh new installation v4.0.0:

                                    2019-05-10T11:54:20.000Z [INFO] [-] [core] [outbound] Sending email as a transaction
                                    2019-05-10T11:54:20.000Z EACCES: permission denied, open '/app/haraka-config/config/dkim/mydomain.net/private'
                                    2019-05-10T11:54:20.000Z [NOTICE] [-] [dkim_sign] skipped: no private key for mydomain.net
                                    2019-05-10T11:54:20.000Z [INFO] [-] [core] [outbound] Processing delivery for domain: mail-tester.com
                                    

                                    so it seems that this bug is still out there...

                                    subvenS Offline
                                    subvenS Offline
                                    subven
                                    wrote on last edited by
                                    #16

                                    @ruben did you checked if the file exists? What are the file permissions/owner/group? Does the file contains a certificate? With cloudron 4.X.X you have the ability to re-setup DNS (maybe this fixes the issue?). What about renewing all certs (--> Domain)?

                                    @murgero cloudron is at v4.0.3 at the moment. Do you use a custom hoster image? I'm on a netcup image and the message popped up today. You're off topic by the way...

                                    murgeroM 1 Reply Last reply
                                    0
                                    • subvenS subven

                                      @ruben did you checked if the file exists? What are the file permissions/owner/group? Does the file contains a certificate? With cloudron 4.X.X you have the ability to re-setup DNS (maybe this fixes the issue?). What about renewing all certs (--> Domain)?

                                      @murgero cloudron is at v4.0.3 at the moment. Do you use a custom hoster image? I'm on a netcup image and the message popped up today. You're off topic by the way...

                                      murgeroM Offline
                                      murgeroM Offline
                                      murgero
                                      App Dev
                                      wrote on last edited by
                                      #17
                                      This post is deleted!
                                      1 Reply Last reply
                                      0
                                      • murgeroM murgero

                                        @ruben 4.0.0 is out? how do I install? my cloudron checks for updates but says it's up to date??

                                        R Offline
                                        R Offline
                                        ruben
                                        wrote on last edited by
                                        #18

                                        @subven yes, the file exists. These are the permissions:

                                        drwxr-xr-x 2 yellowtent yellowtent 4096 May 10 10:33 ./
                                        drwxr-xr-x 4 yellowtent yellowtent 4096 May 10 11:27 ../
                                        -rw------- 1 yellowtent yellowtent  887 May 10 10:33 private
                                        -rw-r--r-- 1 yellowtent yellowtent  272 May 10 10:33 public
                                        -rw-r--r-- 1 yellowtent yellowtent    8 May 10 10:33 selector
                                        

                                        The DKIM-signing works after a chmod 777 private but I don't think that 's a sustainable solution.

                                        The 'renew all certs'-button does not seem te renew my certificates.
                                        My DNS-setup is 'wildcard', so I don't think it 's possible to re-setup dns?

                                        I just added an extra domain (with cloudron 4.0.3) and it results in the same permissions:

                                        drwxr-xr-x 2 yellowtent yellowtent 4096 May 17 06:54 ./
                                        drwxr-xr-x 5 yellowtent yellowtent 4096 May 17 06:54 ../
                                        -rw------- 1 yellowtent yellowtent  887 May 17 06:54 private
                                        -rw-r--r-- 1 yellowtent yellowtent  272 May 17 06:54 public
                                        -rw-r--r-- 1 yellowtent yellowtent    8 May 17 06:54 selector
                                        
                                        1 Reply Last reply
                                        0
                                        • girishG Do not disturb
                                          girishG Do not disturb
                                          girish
                                          Staff
                                          wrote on last edited by
                                          #19

                                          @clouddaz @ruben @subven Any of you still facing this issue? I would love to get to the bottom of this since I thought this got fixed, but clearly hasn't.

                                          R 1 Reply Last reply
                                          0
                                          • D Offline
                                            D Offline
                                            doomilation
                                            wrote on last edited by
                                            #20

                                            @girish Hi, I can confirm that this issue is still there with 2 domains.
                                            Unfortunately I didn't check after a fresh install and just 1 domain.

                                            1 Reply Last reply
                                            0
                                            Reply
                                            • Reply as topic
                                            Log in to reply
                                            • Oldest to Newest
                                            • Newest to Oldest
                                            • Most Votes


                                              • Login

                                              • Don't have an account? Register

                                              • Login or register to search.
                                              • First post
                                                Last post
                                              0
                                              • Categories
                                              • Recent
                                              • Tags
                                              • Popular
                                              • Bookmarks
                                              • Search