smallseo.info

postfix interview questions

Top postfix frequently asked interview questions

Postfix: Recipient address rejected: User unknown in local recipient table

When I try to send an email on my postfix server to an address on the same domain (for example, if the server hostname is mail.example.com and I try to send an email to test@example.com), I get the following error in the log and the email is not delivered: Recipient address rejected: User unknown in local recipient table. If I send to an address on another domain, I don't have any problems. Here is my /etc/postfix/main.cf file:

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
myhostname = mail.example.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
#myorigin = /etc/mailname
myorigin = $mydomain
mydestination = $mydomain, localhost.$mydomain, localhost
relayhost =
#fake IP address
mynetworks = 127.0.0.0/8 100.837.191.223
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all

Source: (StackOverflow)

Confused about alias_maps and virtual_alias_maps

I have already re-read the docs on this as well as other posts here and this is still very unclear to me. I have been testing various things to understand the difference between alias_maps and virtual_alias_maps and I don't see the use of these 2 separate settings in postfix. This is what I found so far (Note - I am using postfix in the same server as my web server as null client to send emails only):

1) /etc/aliases file:

root: me@somedomain.com

When I add the above to the alias_maps, I noticed that some services like fail2ban are able to pick this and it sends root emails to the alias email addresses mentioned. However, I also noticed that some other services (like mail command) does not respect this and tries to send the email directly to root@mydomain.com which does not exist (I think its the postfix myorigin setting that is adding the @mydomain.com). To fix this I then added the virtual_alias_maps

2) /etc/postfix/virtual

root     me@someotherdomain.com

When the above is added, all services uses this virtual aliases email. I also noticed that once I add the above, even fail2ban begins to ignore my initial settings in /etc/aliases/ file and starts to follow the email address given in virtual file.

Now this has confused me even more -

  1. Why do we need /etc/aliases/ when having the email inside virtual aliases map seems to override it?

  2. What is the purpose of having these 2 separate aliases mapping and when do we decide when to use what?

  3. Why did fail2ban (which is configured to email to root@localhost) first follow email address given in alias_maps (/etc/aliases/) and later decides to ignore that once virtual_alias_maps was added?

  4. Why doesn't all services read email aliases mentioned in /etc/aliases and they only work when the email aliases are added in virtual alias map?

I have spend several hours since yesterday and still unsure. Can someone help me clear my confusion?

EDIT: This is the mail log when email is sent to root using mail root command. The aliases email for root is mentioned in /etc/aliases/. But mail does not work until I move this root aliases email from aliases_maps to virtual_aliases_maps

Log when root email alias is mentioned in /etc/aliases/:

Nov 14 16:39:27 Debian postfix/pickup[4339]: 0F12643432: uid=0 from=<root>

Nov 14 16:39:27 Debian postfix/cleanup[4495]: 0F12643432: message-id=<20141114110927.0F12643432@Debian.domainname.com>

Nov 14 16:39:27 Debian postfix/qmgr[4338]: 0F12643432: from=<root@domainname.com>, size=517, nrcpt=1 (queue active)

Nov 14 16:39:27 Debian postfix/error[4496]: 0F12643432: to=<root@domainname.com>, orig_to=<root>, relay=none, delay=0.04, delays=0.03/0/0/0.01, dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to domainname.com[128.199.147.136]:25: Connection refused)

This is the log after the email aliases for root is moved from /etc/aliases/ to /etc/postfix/virtual where the email delivery is successful after the change:

Nov 14 16:44:58 Debian postfix/pickup[4545]: ADD9A43436: uid=0 from=<root>

Nov 14 16:44:58 Debian postfix/cleanup[4563]: ADD9A43436: message-id=<20141114111458.ADD9A43436@Debian.domainname.com>

Nov 14 16:44:58 Debian postfix/qmgr[4544]: ADD9A43436: from=<root@domainname.com>, size=453, nrcpt=1 (queue active)

Nov 14 16:45:00 Debian postfix/smtp[4551]: ADD9A43436: to=<admin@somesite.com>, orig_to=<root>, relay=somesite.com[108.160.157.120]:25, delay=1.9, delays=0.03/0/0.97/0.88, dsn=2.0.0, status=sent (250 OK id=1XpEqC-0002ry-9s)

Nov 14 16:45:00 Debian postfix/qmgr[4544]: ADD9A43436: removed

Source: (StackOverflow)

Can't receive mails from Gmail

A few days ago Gmail suddenly decided to stop sending mails to my mailserver. I am using Postfix and Dovecot with an paid SSL Certificate running on Debian 7 with everything updated.

My mail.log shows the following error:

Dec 19 11:09:11 server postfix/smtpd[19878]: initializing the server-side TLS engine
Dec 19 11:09:11 server postfix/tlsmgr[19880]: open smtpd TLS cache btree:/var/lib/postfix/smtpd_scache
Dec 19 11:09:11 server postfix/tlsmgr[19880]: tlsmgr_cache_run_event: start TLS smtpd session cache cleanup
Dec 19 11:09:11 server postfix/smtpd[19878]: connect from mail-wi0-x230.google.com[2a00:1450:400c:c05::230]
Dec 19 11:09:11 server postfix/smtpd[19878]: setting up TLS connection from mail-wi0-x230.google.com[2a00:1450:400c:c05::230]
Dec 19 11:09:11 server postfix/smtpd[19878]: mail-wi0-x230.google.com[2a00:1450:400c:c05::230]: TLS cipher list "aNULL:-aNULL:ALL:+RC4:@STR                              ENGTH:!aNULL:!DES:!3DES:!MD5:!DES+MD5:!RC4:!RC4-MD5"
Dec 19 11:09:11 server postfix/smtpd[19878]: SSL_accept:before/accept initialization
Dec 19 11:09:11 server postfix/smtpd[19878]: SSL_accept:error in unknown state
Dec 19 11:09:11 server postfix/smtpd[19878]: SSL_accept error from mail-wi0-x230.google.com[2a00:1450:400c:c05::230]: -1
Dec 19 11:09:11 server postfix/smtpd[19878]: warning: TLS library problem: 19878:error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown                               protocol:s23_srvr.c:647:
Dec 19 11:09:11 server postfix/smtpd[19878]: lost connection after STARTTLS from mail-wi0-x230.google.com[2a00:1450:400c:c05::230]
Dec 19 11:09:11 server postfix/smtpd[19878]: disconnect from mail-wi0-x230.google.com[2a00:1450:400c:c05::230]

excerpts from my postfix main.cf:

smtpd_use_tls=yes
smtpd_tls_security_level = may
smtpd_tls_auth_only = yes
smtpd_tls_CAfile = path to CA Bundle
smtpd_tls_cert_file= path to cert (pem)
smtpd_tls_key_file=path to key (pem)
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_tls_mandatory_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1
smtpd_tls_exclude_ciphers = aNULL, DES, 3DES, MD5, DES+MD5, RC4, RC4-MD5
smtpd_tls_protocols=!SSLv2,!TLSv1,!TLSv1.1,!SSLv3
smtpd_tls_mandatory_ciphers = medium
smtpd_tls_received_header = yes
tls_preempt_cipherlist = yes
tls_medium_cipherlist = AES256+EECDH:AES256+EDH

I don't know where the problem is, because I regularly receive mails from others. There are no errors connecting to port 25 via telnet or port 465 via openssl

Addition: I got this mail in return from Google:

Delivery to the following recipient failed permanently:

     <removed>

Technical details of permanent failure:
TLS Negotiation failed

----- Original message -----
[...]

Maybe it's an issue with my cipherlist?

Answer to masegaloeh's question:

openssl s_client -connect localhost:25 -starttls smtp
CONNECTED(00000003)
depth=3 C = SE, O = AddTrust AB, OU = AddTrust External TTP Network, CN = AddTrust External CA Root
verify error:num=19:self signed certificate in certificate chain
verify return:0
---
Certificate chain
[...]
---
Server certificate
-----BEGIN CERTIFICATE-----
[...]
---
No client certificate CA names sent
---
SSL handshake has read 6267 bytes and written 477 bytes
---
New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES256-GCM-SHA384
Server public key is 2048 bit
Secure Renegotiation IS supported
Compression: zlib compression
Expansion: zlib compression
SSL-Session:
Protocol  : TLSv1.2
Cipher    : ECDHE-RSA-AES256-GCM-SHA384
Session-ID: [...]
Session-ID-ctx:
Master-Key: [...]
Key-Arg   : None
PSK identity: None
PSK identity hint: None
SRP username: None
TLS session ticket lifetime hint: 3600 (seconds)
TLS session ticket: [...]

Compression: 1 (zlib compression)
Start Time: 1418986680
Timeout   : 300 (sec)
Verify return code: 19 (self signed certificate in certificate chain)

---
250 DSN

Update 1: Reissued my SSL certificate. Generated everything as following:
openssl req -nodes -newkey rsa:2048 -keyout myserver.key -out server.csr -sha256

I then created a new file consisting of the crt and the key, after this I created the CA bundle:
cat COMODORSADomainValidationSecureServerCA.crt COMODORSAAddTrustCA.crt AddTrustExternalCARoot.crt > bundle.crt

Added everything to my dovecot and postfix config and restarted both services.
Google still fails to send mails zo my server resulting in TLS Negotiation failed

I tried another mail provider (web.de) and the mail gets send.
web.de log:

Dec 19 17:33:15 server postfix/smtpd[14105]: connect from mout.web.de[212.227.15.3]
Dec 19 17:33:15 server postfix/smtpd[14105]: setting up TLS connection from mout.web.de[212.227.15.3]
Dec 19 17:33:15 server postfix/smtpd[14105]: mout.web.de[212.227.15.3]: TLS cipher list "aNULL:-aNULL:ALL:+RC4:@STRENGTH"
Dec 19 17:33:15 server postfix/smtpd[14105]: mout.web.de[212.227.15.3]: save session EA1635ED786AFC2D9C7AB43EF43620A1D9092DC640FDE21C01E7BA25981D2445&s=smtp&l=268439647 to smtpd cache
Dec 19 17:33:15 server postfix/tlsmgr[14107]: put smtpd session id=EA1635ED786AFC2D9C7AB43EF43620A1D9092DC640FDE21C01E7BA25981D2445&s=smtp&l=268439647 [data 127 bytes]
Dec 19 17:33:15 server postfix/tlsmgr[14107]: write smtpd TLS cache entry EA1635ED786AFC2D9C7AB43EF43620A1D9092DC640FDE21C01E7BA25981D2445&s=smtp&l=268439647: time=1419006795 [data 127 bytes]
Dec 19 17:33:15 server postfix/smtpd[14105]: Anonymous TLS connection established from mout.web.de[212.227.15.3]: TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)

Soultion:
After enabling TLSv1 and TLSv1.1 in the smtpd_(mandatory)_protocols section everything works fine. Thanks masegaloeh !

Dec 20 11:44:46 server postfix/smtpd[31966]: initializing the server-side TLS engine
Dec 20 11:44:46 server postfix/tlsmgr[31968]: open smtpd TLS cache btree:/var/lib/postfix/smtpd_scache
Dec 20 11:44:46 server postfix/tlsmgr[31968]: tlsmgr_cache_run_event: start TLS smtpd session cache cleanup
Dec 20 11:44:46 server postfix/smtpd[31966]: connect from mail-wi0-x235.google.com[2a00:1450:400c:c05::235]
Dec 20 11:44:46 server postfix/smtpd[31966]: setting up TLS connection from mail-wi0-x235.google.com[2a00:1450:400c:c05::235]
Dec 20 11:44:46 server postfix/smtpd[31966]: mail-wi0-x235.google.com[2a00:1450:400c:c05::235]: TLS cipher list "aNULL:-aNULL:ALL:+RC4:@STRENGTH"
Dec 20 11:44:46 server postfix/smtpd[31966]: Anonymous TLS connection established from mail-wi0-x235.google.com[2a00:1450:400c:c05::235]: TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)

Source: (StackOverflow)

SRS / Sender Rewriting when forwarding mail through postfix

Is there any way to perform SRS, or something similar using Postfix?

When I get a mail from user@example.org, I forward it (via a catchall) to something@gmail.com, but GMail is checking SPF, and seeing that my server is not authorized to send mail on behalf of example.org. I'd like to rewrite the sender to something@myserver, while leaving the from as user@example.org.


Source: (StackOverflow)

Can postfix be set up to forward mail to multiple recipients

I have the following postfix virtual file:

test@domain.com bob@me.com

This correctly forwards all emails to test@domain.com to bob@me.com

However I would like to forward these emails to bob2@me.com as well.

I tried this change and it does not seem to work:

test@domain.com bob@me.com
test@domain.com bob2@me.com

How do I tell postfix to forward all emails to multiple recipients?


Source: (StackOverflow)

Postfix TLS over SMTP - RCPT TO prompts renegotiation then 554 5.5.1 Error: no valid recipients

I've setup ispconfig3 on my debian six server, and here is a little smtp over ssl:

The server is postfix

AUTH PLAIN (LOL!)
235 2.7.0 Authentication successful

MAIL FROM: lol@lol.com
250 2.1.0 Ok
RCPT TO: lol@lol.com
RENEGOTIATING
depth=0 /C=AU/ST=NSW/L=Sydney/O=Self-Signed Key! Procees with caution!/OU=Web Hosting/emailAddress=postmaster@lol.com
verify error:num=18:self signed certificate
verify return:1
depth=0 /C=AU/ST=NSW/L=Sydney/O=Self-Signed Key! Procees with caution!/OU=Web Hosting/emailAddress=postmaster@lol.com
verify return:1
DATA
554 5.5.1 Error: no valid recipients

but, the thing is, if I just do a vanilla telnet over port 25 I can authenticate and send mail like a madman... hopefully this is enough information! (as opposed to 'mail.app can't handle ssl!')


Source: (StackOverflow)

How can I configure Postfix to retain copies of all email sent through it?

My company currently uses Google Apps for email. I can configure Google Apps to forward all outgoing email through a relay server. I can also point my MX records at this server and have it forward incoming mail onto Google. Therefore I can configure Postfix act as a proxy for all email that is both sent to and from our users. This part is done and works fine. However, I'm not sure how to retain a full copy of each message that passes through it.

I'm interested in doing this so that all email to/from customers can be dumped into our CRM system so they're searchable by everyone in our company who might talk to a customer. The most common way of doing this is to have a "always BCC" setting specified in Postfix. However, this would only archive email sent to customers, not email received from them. Does anyone have any suggestions? Thank you!


Source: (StackOverflow)

How do you monitor a monitoring server?

So we run Groundworks (with Nagios) on CentOS to monitor our various servers and processes. I have it setup to automatically send emails and SMS texts when things reach a WARNING or CRITICAL state. Normally this works perfectly. However, twice we've had problems with Postfix on that server where Postfix decides to stop sending email. The most recent time lasted 4 days because none of us noticed.

That leads me to a important question: how am I supposed to monitor my monitoring server?


Source: (StackOverflow)

How to make Postfix use another IP address?

I'm using the Postfix mail server and I have 6 IPs available. I'd like to use another IP for the Postfix mail server for sending mail than the web server uses.

How can I do this? My postfix version is 2.3.3.

For example: main IP: 66.66.66.66 other IP: 66.66.66.67


Source: (StackOverflow)

How read mail from /var/spool/postfix/deferred?

Is there a way to read deffered mail from /var/spool/postfix/deferred. I tried to copy file to my mail directory and see it from webmail but it dosnt work. When im using less or cat it seems like files in spool/deferred are some binary files.


Source: (StackOverflow)

How to configure postfix to pipe all incoming email to a script?

Using postfix, I'd like all incoming mail, to any address (including those that don't map to local users) to be piped to a script. I've tried configuring mailbox_command in /etc/postfix/main.cf:

mailbox_command = /path/to/myscript.py

This works great if the user is a local user, but it fails for "unknown" users who don't have aliases. I tried setting luser_relay to a local user, but this pre-empts mailbox_command, and so the command doesn't get run. I tried setting local_recipient_maps= (empty string), but the message is still bounced (unknown user).

Is there a magic invocation I can use to get all known and unknown users to go to the script as well?

Full /etc/postfix/main.cf follows -- it's the default Ubuntu 10.04, with the exception of the mailbox_command line:

# See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = no

# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = ... snip ...
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
mydestination = sassafras, ... snip ...,localhost.localdomain, localhost
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all

mailbox_command = /path/to/my/script.py

Source: (StackOverflow)

Is an IPv6-only MTA possible yet?

Has anyone had tried to run an IPv6-only SMTP engine? Pretty much everybody with any sense has IPv6 configured for major front-end servers. I was curious if anyone had tried to run an IPv6-only MTA and received any connection errors.

Is IPv6-only a viable solution yet? Can I expect a few lingering connection issues? Or did a magic fairy come down on the internet and made IPv6-to-IPv4 on port 25 work like magic on a direct connection?


Source: (StackOverflow)

Fixing My MTA's Poor Reputation

I have a web site that needs to send email to customers to deliver files that they have purchased. Reliable email delivery is vital to this business. Unfortunately, most of the emails sent by my server are not delivered due to my MTA's "poor reputation." Here are some sample lines from my mail.log:

Feb 20 02:40:41 servername postfix/smtp[14580]: 4E30B1100C7: host aspmx.l.google.com[209.85.211.78] said: 421-4.7.0 [174.143.183.26] Our system has detected an unusual amount of 421-4.7.0 unsolicited mail originating from your IP address. To protect our 421-4.7.0 users from spam, mail sent from your IP address has been temporarily 421-4.7.0 blocked. Please visit http://www.google.com/mail/help/bulk_mail.html 421 4.7.0 to review our Bulk Email Senders Guidelines. 10si1216690ywh.92 (in reply to end of DATA command)

Feb 20 12:49:22 servername postfix/smtp[5651]: A86CB1CC0CF: to=<user@domain.com>, relay=mx3.comcast.net[76.96.58.14]:25, delay=55186, delays=55185/0.01/0.93/0, dsn=4.0.0, status=deferred (host mx3.comcast.net[76.96.58.14] refused to talk to me: 554 imta36.westchester.pa.mail.comcast.net comcast 174.143.206.168 found on one or more DNSBLs, see http://help.comcast.net/content/faq/BL000001)

Feb 16 10:50:11 servername postfix/smtp[6931]: 98B94380A1: host mx-in-2.webreus.nl[212.61.252.240] refused to talk to me: 554-mx-in-2.webreus.nl 554-Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error, please contact the intended recipient via alternate means. 554 More information can be found on http://senderbase.org/senderbase_queries/detailhost?search_string=174.143.206.168

Feb 16 10:50:12 servername postfix/smtp[6931]: 98B94380A1: to=<user@domain.com>, relay=mx-in-1.webreus.nl[212.61.10.240]:25, delay=173653, delays=173650/0.22/2.8/0, dsn=4.0.0, status=deferred (host mx-in-1.webreus.nl[212.61.10.240] refused to talk to me: 554-mx-in-1.webreus.nl 554-Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error, please contact the intended recipient via alternate means. 554 More information can be found on http://senderbase.org/senderbase_queries/detailhost?search_string=174.143.206.168)

Steps I've taken to try to improve the situation:

  • set up reverse DNS lookups to work correctly
  • set up SPF records for my domain
  • disallow incoming connections to my SMTP server
  • format messages according to RFC 2822
  • never send unsolicited messages (I never have)

My server is in Rackspace's cloud. Is it possible that the IP address's bad reputation was inherited from a previous customer? Some of the above steps have been taken in the past week--am I going to have to wait for the situation to improve? Are there other things I should be doing? Should I hire a third party to send emails for me?


Source: (StackOverflow)

Why Does hotmail still reject my emails?

I have a very strange problem with my emails being marked as spam by hotmail.
I just have configured Postfix + Dovecot on my server and all works perfectly. I can Send/Receive emails. I only have problems with hotmail accounts, I do not understand the reason, because I also configured:

  • SPF
  • DKIM
  • rDNS
  • My IP is not listed in any backlist, I used: mxtoolbox.com

Checking the headers I see that SPF and DKIM pass correctly. I have no problem with GMAIL, YAHOO, and other, but hotmail seems very strict.

The only problem I think... could be that my IP had no email traffic yet. I've sent very few emails to hotmail.

So, if postfix has no problem, what do I have to do to send emails to hotmail correctly? Because if the only reason is that I had no email traffic yet it means that my first newsletters will be tag as SPAM without no reason.

Advice?

(An example of email received as SPAM is below)

HEADERS:

x-store-info:4r51+eLowCe79NzwdU2kRwMf1FfZT+JrxVyutn/pLjoZiDggbl3J7aHGkQoNPd8ZB9iY77nKNhzoKkbFqj2wPQ4Ha91HUDyzG+BsQ2lzn+x/xsXGuDBWhAPIPgrYY3dCiWYILdpiCyM=
Authentication-Results: hotmail.com; sender-id=pass (sender IP is 66.85.140.94) header.from=info@example.net; dkim=pass header.d=example.net; x-hmca=pass
X-SID-PRA: info@example.net
X-SID-Result: Pass
X-DKIM-Result: Pass
X-AUTH-Result: PASS
X-Message-Status: n:n
X-Message-Delivery: Vj0xLjE7dXM9MDtsPTA7YT0wO0Q9MjtHRD0yO1NDTD00
X-Message-Info: M98loaK0Lo1j8FOgXol8UFVrP26QMSvVTQXke21+QxXu+DJ5ttCh6cM/eFA+HRgTBFdz52wvmszvfgxVXBCfExvqqIFxcJKaFap8dwTFrYmSiOTK6J40vAbrC+QeYPnMG9Hntes6IFH9T95bydckDQ==
Received: from mail.example.net ([66.85.140.94]) by SNT0-MC3-F15.Snt0.hotmail.com with Microsoft SMTPSVC(6.0.3790.4900);
     Sun, 30 Sep 2012 14:13:33 -0700
Received: from [192.168.1.2] (2-231-150-154.ip207.fastwebnet.it [2.231.150.154])
    by mail.example.net (Postfix) with ESMTPA id DD0A3401D9
    for <abcdef@hotmail.it>; Sun, 30 Sep 2012 21:13:31 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=example.net;
    s=mail; t=1349039612;
    bh=qCXqeVFYopgNSxSiqL3ANA5CfkeFw8AlGDFYh/ruUlg=;
    h=Date:From:To:Subject;
    b=NIYcYZJ4YitQHGus2ZQV4ErzN+hvFoDWi+M53eJXZSx3o0VamoA8PODMEZlWqvG29
     aYQK8DVW140wZ1tmHCvNCIe+KF/FVmRkxtD2aWGVK5OhVNuFv6ldRE7VUDhlPfOvaZ
     uUqp1QopHJsg8pGDTeifigb58xTa2V4AOac6WY4c=
Message-ID: <5068B5FA.7040704@example.net>
Date: Sun, 30 Sep 2012 23:13:30 +0200
From: Aziende Mandanti <info@example.net>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:15.0) Gecko/20120911 Thunderbird/15.0.1
MIME-Version: 1.0
To: abcdef@hotmail.it
Subject: Registrazione avvenuta con successo
Content-Type: text/plain; charset=ISO-8859-15; format=flowed
Content-Transfer-Encoding: 8bit
Return-Path: info@example.net
X-OriginalArrivalTime: 30 Sep 2012 21:13:33.0410 (UTC) FILETIME=[72B24C20:01CD9F50]

Gentile Damiano,
la registrazione รจ avvenuta correttamente.
Saluti

example.net

The IP you see in the headers is correct, I only obfuscated the email addresses


Source: (StackOverflow)

DKIM sign outgoing mail from any domain (with Postfix and Ubuntu)

I got DKIM setup on my mail server (postfix and ubuntu) so it signs outgoing emails. I used these instructions: https://help.ubuntu.com/community/Postfix/DKIM

However, I need it to sign emails from any domain (in the From address) and not just my own. I'm building an email newsletter service and clients will be sending their own email through the server.

First I set "Domain *" in /etc/dkim-filter.conf. This got it to include the DKIM headers in all outgoing emails, no matter what the domain.

However, the verification check fails on gmail because it is checking the domain in the from address, and not my domain (and dns record). Does anyone know how to do this?


Source: (StackOverflow)