agentj icon indicating copy to clipboard operation
agentj copied to clipboard

Published 20 hours ago verified publisher icon Probesys

DKIM for base domain

Open lpoujade opened this issue 8 months ago • 0 comments

Describe the bug

AgentJ web URL can, and often is, different than the mail domain. Default no-reply address use the web domain so in a classic setup it doesn't match the configured DKIM key which is only generated for manually created domains. The result is validation mails which a bad DKIM signature

To Reproduce

  • install AgentJ on a different domain than the mail domain (eg web.domain.coop if mail domain is domain.coop)
  • create a domain and keep the default no-reply mail ([email protected])
  • send a mail to a protected email with an external server
  • examine DKIM signature of validation mail

Expected behavior

All mails sent from/via AgentJ must have a correct DKIM signature

  • when an instance is started for the first time, a DKIM key should be generated
  • corresponding public key should by local and super admins (with a DNS-ready format)
  • maybe we should be able to regenerate this key (only super admin)
  • maybe there should be a form somewhere to generate key from whatever domain we need (by super admin: visible for everyone, by local admin: only in their domain)

Additional context

lpoujade avatar Feb 12 '25 10:02 lpoujade