mailcow-dockerized
mailcow-dockerized copied to clipboard
mailcow
dkim fails when sending from alias setup as domain-alias
Contribution guidelines
- [X] I've read the contribution guidelines and wholeheartedly agree
I've found a bug and checked that ...
- [X] ... I understand that not following the below instructions will result in immediate closure and/or deletion of my issue.
- [X] ... I have understood that this bug report is dedicated for bugs, and not for support-related inquiries.
- [X] ... I have understood that answers are voluntary and community-driven, and not commercial support.
- [X] ... I have verified that my issue has not been already answered in the past. I also checked previous issues.
Description
hey,
i've got a webserver sending mails through mailcow via smtp with some aliases for different localizations of the webapp/website.
The webserver uses the mailbox "[email protected]" and has aliases for:
- "[email protected]"(primary domain),
- "[email protected]"(domain-alias with dkim),
- "[email protected]"(domain-alias with dkim) and
- "[email protected]"(domain-alias with dkim)
When sending a mail from "[email protected]" the server is using a dkim selector with d=abc.de which leads to correct dkim (because the signage is correct), but fails dmarc because of unalignment of dkim-domain and sender.
Logs
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=abc.de;
s=dkim; t=1652857617; h=from:subject:date:message-id:to:mime-version:content-type;
bh=;
b=
Steps to reproduce
- add domain and alias-domain to mailcow and configure dns for dkim
- add mailbox in domain's namespace with alias in alias-domain's namespace
- send mail from mailbox to external via the configured alias
System information
| Question | Answer |
|---|---|
| My operating system | Debian Bullseye Server (dockerized) |
| Is Apparmor, SELinux or similar active? | no |
| Virtualization technology (KVM, VMware, Xen, etc - LXC and OpenVZ are not supported | KVM |
| Server/VM specifications (Memory, CPU Cores) | 4 vCores on Xeon (Ivy Bridge EP) with 8 GiB RAM |
Docker version (docker version) |
20.10.5+dfsg1 |
docker-compose version (docker-compose version) |
docker-compose version 1.29.2 |
mailcow version (git describe --tags `git rev-list --tags --max-count=1` ) |
2022-05a |
| Reverse proxy (custom solution) | none |
Output of git diff origin/master, any other changes to the code? If so, please post them:
smtpd_milters = inet:rspamd:9900, { inet:abc.de, connect_timeout=5s, default_action=accept }
All third-party firewalls and custom iptables rules are unsupported. Please check the Docker docs about how to use Docker with your own ruleset. Nevertheless, iptabels output can help us to help you: iptables -L -vn:
default
ip6tables -L -vn:
default
iptables -L -vn -t nat:
default
ip6tables -L -vn -t nat:
default
DNS problems? Please run docker exec -it $(docker ps -qf name=acme-mailcow) dig +short stackoverflow.com @172.22.1.254 (set the IP accordingly, if you changed the internal mailcow network) and post the output:
151.101.193.69
151.101.65.69
151.101.129.69
151.101.1.69
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs.
Hello,
Today while testing some stuff, I've discovered we have the same issue.
DKIM signature check fails when sending from a domain alias, but works when using the primary domain.
Anyone else noticed this ?
Kind regards.
EDIT: Ok, not an issue. I had the wrong private keys for the domain aliases in redis... cleared all the stuff and copied back the right private keys and now it works ....
