SMTP server configuration: Difference between revisions
No edit summary |
|||
(6 intermediate revisions by the same user not shown) | |||
Line 20: | Line 20: | ||
This is also the protocol which lets you request reports from other SMTP servers (like GMail) regarding compliance -- so that looks like a powerful tool for finding out if your configuration passes muster with them. | This is also the protocol which lets you request reports from other SMTP servers (like GMail) regarding compliance -- so that looks like a powerful tool for finding out if your configuration passes muster with them. | ||
==Domains== | ==Domains== | ||
I'll track changes to relevant DNS records on relevant domains here as I make them. | |||
* [[/v1]]: this is how things were set before I made any changes | |||
== | Proposed changes: | ||
{| class="wikitable" | ==Tests== | ||
{| class="wikitable sortable" | |||
! "from" domain !! software !! sent to !! result | |||
|- | |- | ||
| | | woozalia.com || Roundcube || Gmail || OK | ||
| | |||
| | |||
| | |||
|- | |- | ||
| | | wooz.dev || Roundcube || Gmail || no response yet | ||
| | |||
| | |||
| | |||
|- | |- | ||
| | | woozalia.com || Roundcube || Outlook || IP blocked | ||
| | |||
| | |||
|- | |- | ||
| | | hypertwins.org || Roundcube || Gmail || OK | ||
| | |||
| | |||
| | |||
| | |||
|- | |- | ||
| | | hypertwins.org || phpBB || wooz.dev || OK | ||
| | |||
| | |||
| | |||
|- | |- | ||
| | | woozalia.com || phpBB || wooz.dev || OK | ||
| | |||
| | |||
|- | |- | ||
| woozalia.com || phpBB || Gmail || no response yet | |||
| woozalia.com | |||
| | |||
| | |||
|} | |} | ||
==External Reading== | |||
* '''2022-09-03''' [https://jan.wildeboer.net/2022/09/Email-3-TheRest/ E-Mail Done My Way, Part 3 - DKIM/DMARC/SPF] |
Latest revision as of 12:40, 23 August 2023
This page is, for now, notes towards trying to configure our outgoing email servers so that at least GMail won't bounce notifications from apps like phpBB. The primary return-address domains I want to configure are:
- hypertwins.org
- woozalia.com
- wooz.dev
There seem to be several necessary anti-spam protocols: SPF, DKIM, and DMARC.
For clues, I can look at the configuration of TootCat -- I'm pretty sure we configured it with all three.
Protocols
The DNS records for of these are TXT records. DKIM and DMARC use only name=value
tags separated by semicolons (SPF is a little different). There appears to have been a lot of controversy around the adoption of these standards, and it seems likely that the unofficial standard of using these particular three is largely defined by what the major players (especially Google) choose to use and support.
SPF (Sender Policy Framework)
SPF is relatively simple, I think? Last I remember, there's a web tool to help build the necessary TXT records... but I think those domains may already be configured. Will check that.
DKIM (DomainKeys Identified Mail)
This has two parts:
- public key in domain's DNS record
- public key attached to email somehow (shouldn't that be "email signed by private key"?
DMARC (Domain-based Message Authentication, Reporting and Conformance)
This also requires a DNS entry. (I started to document here how it works, but decided to move the generally-applicable stuff to HTYP. It looks like it can be very simple, but also can be quite complex depending on how you want it to work.
This is also the protocol which lets you request reports from other SMTP servers (like GMail) regarding compliance -- so that looks like a powerful tool for finding out if your configuration passes muster with them.
Domains
I'll track changes to relevant DNS records on relevant domains here as I make them.
- /v1: this is how things were set before I made any changes
Proposed changes:
Tests
"from" domain | software | sent to | result |
---|---|---|---|
woozalia.com | Roundcube | Gmail | OK |
wooz.dev | Roundcube | Gmail | no response yet |
woozalia.com | Roundcube | Outlook | IP blocked |
hypertwins.org | Roundcube | Gmail | OK |
hypertwins.org | phpBB | wooz.dev | OK |
woozalia.com | phpBB | wooz.dev | OK |
woozalia.com | phpBB | Gmail | no response yet |
External Reading
- 2022-09-03 E-Mail Done My Way, Part 3 - DKIM/DMARC/SPF