Linux - ServerThis forum is for the discussion of Linux Software used in a server related context.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
When I send emails from this server to e.g. gmail, it works fine; my DMARC notices show DKIM Results: pass and SPF Results: pass. However, when I send email from my home computer using Thunderbird and the novatec-inc.com server as the relay, I get the following:
The 'Source IP' in this notice is the IP address of my home computer. I'm assuming this DKIM/SPF "fail" dispositions are because the Source IP is not that of the mail server novatec-inc.com.
I think the messages are getting delivered, but with gmail, that may change.
I send quite a lot of email from my home computer connecting with POP via the mail server at novatec-inc.com. I'm sure many people send email from home computers or cell phones connecting to their work computers to so so.
Am I doing something wrong to get the "fail" dispositions? How can I fix this?
As in your other, almost-a-duplicate thread, use the spf record for your domain to define who is authorized to send email with that domain name. I suspect the same is true for DKIM, but I’ve not yet broken the learning curve on DKIM.
I am wondering why your home computer using Thunderbird is sending email with its presumably dynamic road runner IP. If you’re relaying, it should be using the IP of the mail server you’re relaying with.
Typically, a TB setup would connect to the remote server and send email from there…not “relay”. My home Linux PC doesn’t even run an email server (MTA), only Thunderbird connected to my production email server.
I am wondering why your home computer using Thunderbird is sending email with its presumably dynamic road runner IP. If you’re relaying, it should be using the IP of the mail server you’re relaying with.
Well, maybe I've got my TBird config wrong. I've got outgoing SMTP to port 587 on the office mail server, security = Password. In checking just now I noticed that my home computer IP was not in the officer server's relay list, so I just added it and sent a test message to my gmail account. The gmail header for that message says, "PASS with IP 24.142.169.12", which is the IP of my mail server.
I bcc'd that message to my office mail server and it's header has:
Code:
Received: from [192.168.0.17] (quadmon [184.57.112.120])
(authenticated bits=0)
by novatec-inc.com (8.15.2/8.15.2) with ESMTPA id 3858WUHR016132;
Tue, 5 Sep 2023 04:32:30 -0400
Which does show it coming from my home TBird (quadmon) IP. 184.57.112.120 IP is the external/Public IP of my home Spectrum modem and 192.168.0.17 is the home/LAN IP of the computer with TBird. I guess I'll have to wait until I get the DMARC reports to see if this fixed it or not.
Is that the first header in the bcc’d message? Note that every computer that process the message wil add a Received line. The first Received header is added by the receiving server, and it records the IP address of the server from which it got the message.
Using SMTP port 587 is not “relaying” email, but is logging in and authenticating to use the remote server.
Is that the first header in the bcc’d message? Note that every computer that process the message wil add a Received line. The first Received header is added by the receiving server, and it records the IP address of the server from which it got the message.
Using SMTP port 587 is not “relaying” email, but is logging in and authenticating to use the remote server.
My top several headers are:
Code:
From mfoley@novatec-inc.com Tue Sep 5 04:32:32 2023
Return-Path: <mfoley@novatec-inc.com>
Received: from [192.168.0.17] (quadmon [184.57.112.120])
(authenticated bits=0)
by novatec-inc.com (8.15.2/8.15.2) with ESMTPA id 3858WUHR016132;
Tue, 5 Sep 2023 04:32:30 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=novatec-inc.com;
s=novatec; t=1693902751;
bh=oV1lg/v9xafFAKM+/FBAO5THAYiNUnAgQRdo8Qf5PuU=;
h=Date:To:From:Subject;
b=EJLl8x6scQMsyzPY1QYmMioObi//WSGOD1rSHdg0FzcwVKQYEuVZ1UzR+ucRs9DR8
jygbDMRMzF4wzKqmY5gNyY8NNBFCAIKvGQVOfzAbKLWRwXI+1pmZ+etJDHmogH7xyC
ft2f5ErajnR8jDK3oVApgPexr1RejxmkeMODCIW0=
Date: Tue, 5 Sep 2023 04:32:30 -0400
As stated in my previous message, my Thunderbird settings on my home computer have the IP of the work computer as the outgoing server, port 587, authentication Password transmitted insecurely. I did set my home (dynamic) IP as a relay on the office computer in /etc/mail/access. I believe I'm still have the DKIM fail issue:
This is the most recent DMARC from Gmail and still shows Source IP: 184.57.112.120 (my home computer)., with DKIM and SPF dispositions: fail. The test message was sent at 4:32A EDT on 9/5 and the time range of the DMARC is 2023-09-04 20:00:00 to 2023-09-05 19:59:59, so possible that my changes did were not in effect, but I doubt it. I just sent another message to gmail at 21:17, so I'll see what the next DMARC report comes up with. The header on that message at gmail says: SPF: PASS with IP 24.142.169.12 and DKIM: 'PASS' with domain novatec-inc.com.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.