Hi,
whenever we have an out-of-office filter on, the replies often end up in spam. With Gmail, the replies do not even arrive at all.
I've looked at the headers for a regular mail and such a "spam" mail and the only real difference I see is in the Message-ID header.
regular mail: Message-ID: <
[email protected]>
spammed mail: Message-ID: <
[email protected]>
Could this be the reason for the spam detection? If so, where is it to be changed? In the Dovecot configuration?
Thanks,
BC
OK, I got further in this issue and I discovered that iRedMail is configured to use a relayserver that takes care of anti-spam things. The e-mails sent by the RoundCube filter are sending mail directly to MX servers however, so they are not going through the anti-spam system. Can Roundcube be configured for that?
BC
I think it can be problem with this difference:
@aquabio.be
@email.aquabio.be
Your domain name aquabio.be have SPF,DKIM,DMARK and correct DNS but domain email.aquabio.be have not this options (I think this is your mail server hostname but not mail domain). So when GMAIL receive mail FROM:
[email protected] it check SPF,DNS and etc ...and reject it as spam.
RC can't send mail directly to another mail server. RC use for send your SMTP server.
So I think problem can be in some of config files dovecot or smtp (you use postfix?) with hostname, server name or similar option
and check your mail logs for information about hostname or domain name when you send mail :
1. From RC to external mail (for example Gmail)
2. From RC to your domain
3. From RC with plugin to your domain
4. From RC with plugin to external mail
Compare it - may be it give you additional info.
PS. You use manage sieve plugin for "out of office" function ? or another ?
if you use managesieve you can check ..../plugins/managesieve/config.inc.php
Quote from: Dmitry42 on August 12, 2023, 06:22:11 AM
RC can't send mail directly to another mail server. RC use for send your SMTP server.
So I think problem can be in some of config files dovecot or smtp (you use postfix?) with hostname, server name or similar option
Hi,
this does nto seem to be true: I've sniffed the packages with tcpdump and I see direct connections to external SMTP servers when the filter sends a mail, Could then still be Postfix, but there is nothing in the Postfix logs ...
BC
Quote from: Dmitry42 on August 12, 2023, 06:27:39 AM
and check your mail logs for information about hostname or domain name when you send mail :
1. From RC to external mail (for example Gmail)
2. From RC to your domain
3. From RC with plugin to your domain
4. From RC with plugin to external mail
Compare it - may be it give you additional info.
PS. You use manage sieve plugin for "out of office" function ? or another ?
Yes, I believe the manage sieve plugin is used.
In out-of-office setting options "Reply sender address" and "My e-mail addresses" - this strings clear ? If not - try with clear.
When plugin work I see in log for example:
QuoteAug 13 05:14:10 mail dovecot: lda(user@***.ru)<578729><aq7UI3I82GSp1AgAn678JQ>: sieve: msgid=<CAEEAvEU1mRH5pCnJpxdTDS5VK-+0MNJd88Vzc-Ob+0H6MnPZCw@mail.gmail.com>: vacation action: discarded duplicate vacation response to <******@gmail.com>
Did you see message from your plugin ?
Quote from: Dmitry42 on August 12, 2023, 10:16:37 PM
In out-of-office setting options "Reply sender address" and "My e-mail addresses" - this strings clear ? If not - try with clear.
When plugin work I see in log for example:
QuoteAug 13 05:14:10 mail dovecot: lda(user@***.ru)<578729><aq7UI3I82GSp1AgAn678JQ>: sieve: msgid=<CAEEAvEU1mRH5pCnJpxdTDS5VK-+0MNJd88Vzc-Ob+0H6MnPZCw@mail.gmail.com>: vacation action: discarded duplicate vacation response to <******@gmail.com>
Did you see message from your plugin ?
Hi, I did a new test and this time I found an entry in the Postfix log:
QuoteAug 15 00:26:31 email postfix/10025/smtpd[1710933]: 542747320D45: client=email.aquabio.be[127.0.0.1]
Aug 15 00:26:31 email postfix/cleanup[1710928]: 542747320D45: message-id=<[email protected]>
Aug 15 00:26:31 email postfix/qmgr[578662]: 542747320D45: from=<>, size=2580, nrcpt=1 (queue active)
Aug 15 00:26:31 email postfix/10025/smtpd[1710933]: disconnect from email.aquabio.be[127.0.0.1] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Aug 15 00:26:31 email amavis[1710936]: (1710936-02) Passed CLEAN {RelayedInbound}, [127.0.0.1] <> -> <[email protected]>, Message-ID: <[email protected]>, mail_id: Wht0-jgpUsjD, Hits: -, size: 1946, queued_as: 542747320D45, 99 ms
Aug 15 00:26:31 email postfix/amavis/smtp[1711047]: 3BC697320D41: to=<[email protected]>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.13, delays=0.02/0/0/0.11, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 542747320D45)
Aug 15 00:26:31 email postfix/qmgr[578662]: 3BC697320D41: removed
Aug 15 00:26:31 email postfix/smtp[1711050]: Trusted TLS connection established to mx1.telenet-ops.be[195.130.132.8]:25: TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)
Aug 15 00:26:31 email postfix/smtp[1711050]: 542747320D45: to=<[email protected]>, relay=mx1.telenet-ops.be[195.130.132.8]:25, delay=0.33, delays=0.01/0.01/0.18/0.14, dsn=2.0.0, status=sent (250 2.0.0 Message accepted for delivery (ZaSX2A03h2XWY9w01aSX7
By the way, both fields you referred to are used, I don't think that is a problem.
Question now is how we get this email traffic to our internal relay server.
Postfix can relay based on destination, but the destination is always different.
Cheers,
BC
As I remember I have similar problem when I setup postfix first time.
So now I have configs (who can affect to server name or use it):
root@mail:~# hostname
Quotemail.domain.ru
/etc/postfix/main.cf :
Quote#myorigin = /etc/mailname
...
# appending .domain is the MUA's job.
append_dot_mydomain = no
...
myhostname = mail.domain.ru
mydestination = localhost.$mydomain, localhost, localhost.localdomain, $myhostname
virtual_mailbox_domains = domain.ru
Here is my log (and its look like your.... im confused ???):
Quote
Aug 15 04:10:00 mail postfix/pickup[710947]: 670FE1043: uid=5000 from=<>
Aug 15 04:10:00 mail postfix/cleanup[713555]: 670FE1043: message-id=<dovecot-sieve-1692061800-402178-0@mail.domain.ru>
Aug 15 04:10:00 mail opendkim[712]: 670FE1043: DKIM-Signature field added (s=relay, d=domain.ru)
Aug 15 04:10:00 mail postfix/qmgr[1497]: 670FE1043: from=<>, size=923, nrcpt=1 (queue active)
Aug 15 04:10:01 mail postfix/smtp[714126]: 670FE1043: to=<[email protected]>, relay=gmail-smtp-in.l.google.com[108.177.14.26]:25, delay=1.4, delays=0.06/0.01/0.83/0.54, dsn=2.0.0, status=sent (250 2.0.0 OK 1692061801 d5-20020ac24c85000000b004fdd7bf3bafsi3727762lfl.252 - gsmtp)
Aug 15 04:10:01 mail postfix/qmgr[1497]: 670FE1043: removed
QuoteQuestion now is how we get this email traffic to our internal relay server.
Postfix can relay based on destination, but the destination is always different.
I think you need check your postfix config like my in up message.
I have not any additional rules for relaying based on internal or external domains .
/etc/dovecot/conf.d/90-sieve.conf
Quote
# Specifies what envelope sender address is used for redirected messages.
# The following values are supported for this setting:
#
# "sender" - The sender address is used (default).
# "recipient" - The final recipient address is used.
# "orig_recipient" - The original recipient is used.
# "user_email" - The user's primary address is used. This is
# configured with the "sieve_user_email" setting. If
# that setting is unconfigured, "user_mail" is equal to
# "recipient".
# "postmaster" - The postmaster_address configured for the LDA.
# "<user@domain>" - Redirected messages are always sent from user@domain.
# The angle brackets are mandatory. The null "<>" address
# is also supported.
Hi,
thanks, a small update: I configured the Postfix instance to use the same relayhost as is used for the regular mails. That relayhost normally takes care of DKIM signing, BUT DOES NOT SO FOR THE AUTOREPLY MESSAGES.
So the problem has now moved to that relayhost.
I'm not sure this can be fixed in 90-sieve.conf but I will try some things.
It's kind of weird the relayhost decides not to apply DKIM signing for the autoreply e-mails. I asked this question as well in the Proxmox Mail Gateway (the relayhost) forum,
cheers,
BC
OK, I have found where the issue is: Proxmox Mail Gateway uses the envelop address in the e-mail to do the DKIM signing, but this envelop address is empty in autoreply mails.
The envelop address is probably not influenced by the values in /etc/dovecot/conf.d/90-sieve.conf .
The only solutoin I currently see is implementing DKIM and DMARC on the local Postfix instance, which does not use the envelop address.
BC
Quote from: Dmitry42 on August 14, 2023, 08:58:45 PMAs I remember I have similar problem when I setup postfix first time.
So now I have configs (who can affect to server name or use it):
root@mail:~# hostname
Quotemail.domain.ru
/etc/postfix/main.cf :
Quote#myorigin = /etc/mailname
...
# appending .domain is the MUA's job.
append_dot_mydomain = no
...
myhostname = mail.domain.ru
mydestination = localhost.$mydomain, localhost, localhost.localdomain, $myhostname
virtual_mailbox_domains = domain.ru
Hi,
Because we still have separate SPF issues because of the fact that RoundCube managesieve messages have the @FQDN as Message-ID instead of the domain, we try to change that, but the Postfix line
append_dot_mydomain = no
does not work, even though mydomain is configured correctly. What else could be wrong?
Thanks,
BC