• DKIM Support for Mail Server

    From Dream Master@VERT/CIAD to All on Mon Feb 1 21:53:47 2021
    Don't hate me because I'm beautiful.

    Okay, now that I got everyone to laugh. What is the possibility of adding DKIM support into the mail server?

    If you say, "Brian, this will take a damn miracle." I'll respond with, "Damn people with their iCloud email addresses aren't getting messages. I support DMARC and SPF but iCloud wants it all."

    ...anyway, back to being beautiful.

    Brian Klauss <-> Dream Master
    Caught in a Dream | caughtinadream.com a Synchronet BBS

    ---
    ■ Synchronet ■ Caught in a Dream - caughtinadream.com
  • From Digital Man@VERT to Dream Master on Tue Feb 2 02:01:51 2021
    Re: DKIM Support for Mail Server
    By: Dream Master to All on Mon Feb 01 2021 04:53 pm

    Okay, now that I got everyone to laugh. What is the possibility of adding DKIM support into the mail server?

    It's not out of the question.
    --
    digital man

    Rush quote #17:
    Leave out fiction, the fact is this friction will only be worn by persistence Norco, CA WX: 62.1°F, 45.0% humidity, 0 mph SSW wind, 0.00 inches rain/24hrs ---
    ■ Synchronet ■ Vertrauen ■ Home of Synchronet ■ [vert/cvs/bbs].synchro.net
  • From Dream Master@VERT/CIAD to Digital Man on Tue Feb 2 04:15:47 2021
    Re: DKIM Support for Mail Server
    By: Digital Man to Dream Master on Mon Feb 01 2021 09:01 pm

    Okay, now that I got everyone to laugh. What is the possibility of adding DKIM support into the mail server?

    It's not out of the question.

    Thank you. I'm starting to find that some "protected walled fortresses" insist on DMARC, SPF, and DKIM. I'm sitting here, like, "What more do you want from me?"

    Thanks, man!

    Brian Klauss <-> Dream Master
    Caught in a Dream | caughtinadream.com a Synchronet BBS

    ---
    ■ Synchronet ■ Caught in a Dream - caughtinadream.com
  • From Digital Man@VERT to Dream Master on Tue Feb 2 05:50:26 2021
    Re: DKIM Support for Mail Server
    By: Dream Master to Digital Man on Mon Feb 01 2021 11:15 pm

    Re: DKIM Support for Mail Server
    By: Digital Man to Dream Master on Mon Feb 01 2021 09:01 pm

    Okay, now that I got everyone to laugh. What is the possibility of adding DKIM support into the mail server?

    It's not out of the question.

    Thank you. I'm starting to find that some "protected walled fortresses" insist on DMARC, SPF, and DKIM. I'm sitting here, like, "What more do you want from me?"

    I haven't had any troubles. icloud you said? I'm pretty sure I've sent emails to those addresses from my BBS's mail server. Maybe its the reverse DNS lookup or the reputation of my IP addresses that allows my mail to get through? <shrug>
    --
    digital man

    Synchronet/BBS Terminology Definition #67:
    SEXYZ = Synchronet External X/Y/ZMODEM file transfer protocol driver
    Norco, CA WX: 56.6°F, 65.0% humidity, 0 mph SW wind, 0.00 inches rain/24hrs
    ---
    ■ Synchronet ■ Vertrauen ■ Home of Synchronet ■ [vert/cvs/bbs].synchro.net
  • From deon@VERT/ALTERANT to Dream Master on Wed Feb 3 01:39:09 2021
    Re: DKIM Support for Mail Server
    By: Dream Master to Digital Man on Mon Feb 01 2021 11:15 pm

    Okay, now that I got everyone to laugh. What is the possibility of adding DKIM support into the mail server?
    It's not out of the question.

    So its pretty easy to hand off outgoing SMTP to an intermediatory (and incoming via that intermediatory), that does the DKIM stuff. (I'm currently doing it.)

    There is a lot of SMTP spammers trying to take out mail servers, so this intermediatory takes the brunt of it all. :)

    ...δεσ∩

    ... Any safety factor set as a result of practical experience will be exceeded

    ---
    ■ Synchronet ■ Alterant | an SBBS in Docker on Pi!
  • From Bob Roberts@VERT/HOVAL to Dream Master on Tue Feb 2 13:04:21 2021
    Re: DKIM Support for Mail Server
    By: Dream Master to All on Mon Feb 01 2021 04:53 pm

    Okay, now that I got everyone to laugh. What is the possibility of adding DKIM support into the mail server?

    I know this isn't a perfect solution, but I use dynu.com as an outbound relay, and they add the DKIM signing in. It's only $10/year for outbound, and another $10/year or for inbound. This also gets me around my ISP's port 25 block.

    Bob Roberts

    ---
    ■ Synchronet ■ Halls of Valhalla =San=Francisco= hovalbbs.com:2333
  • From Bob Roberts@VERT/HOVAL to Digital Man on Tue Feb 2 13:32:25 2021
    Re: DKIM Support for Mail Server
    By: Digital Man to Dream Master on Mon Feb 01 2021 09:01 pm

    Okay, now that I got everyone to laugh. What is the possibility of
    adding DKIM support into the mail server?

    It's not out of the question.

    ooo, if we're making a mail server wishlist, I request STARTTLS. :-)

    Bob Roberts

    ---
    ■ Synchronet ■ Halls of Valhalla =San=Francisco= hovalbbs.com:2333
  • From Ragnarok@VERT/DOCKSUD to Dream Master on Tue Feb 2 18:29:23 2021
    El 1/2/21 a las 20:53, Dream Master escribió:
    Don't hate me because I'm beautiful.

    Okay, now that I got everyone to laugh. What is the possibility of adding DKIM support into the mail server?

    If you say, "Brian, this will take a damn miracle." I'll respond with, "Damn people with their iCloud email addresses aren't getting messages. I support DMARC and SPF but iCloud wants it all."

    Good question.

    Can mailproc.ini be used or is there some other method to process
    outgoing messages?
    It would be nice to be able to use opendkim to sign them.

    Saludos!

    ---
    ■ Synchronet ■ Dock Sud BBS TLD 24 HS - bbs.docksud.com.ar
  • From Digital Man@VERT to Bob Roberts on Tue Feb 2 16:08:29 2021
    Re: DKIM Support for Mail Server
    By: Bob Roberts to Digital Man on Tue Feb 02 2021 08:32 am

    Re: DKIM Support for Mail Server
    By: Digital Man to Dream Master on
    Mon Feb 01 2021 09:01 pm

    Okay, now that I got everyone to laugh. What is the possibility of
    adding DKIM support into the mail server?

    It's not out of the question.

    ooo, if we're making a mail server wishlist, I request STARTTLS. :-)

    The Synchronet Mail Server has supported STARTTLS for SMTP and STLS for POP3 since March of 2018 (thanks Deuce).
    --
    digital man

    Synchronet "Real Fact" #24:
    1584 Synchronet BBS Software registrations were sold between 1992 and 1996. Norco, CA WX: 70.6°F, 45.0% humidity, 0 mph WSW wind, 0.00 inches rain/24hrs ---
    ■ Synchronet ■ Vertrauen ■ Home of Synchronet ■ [vert/cvs/bbs].synchro.net
  • From Digital Man@VERT to Ragnarok on Tue Feb 2 16:09:49 2021
    Re: Re: DKIM Support for Mail Server
    By: Ragnarok to Dream Master on Tue Feb 02 2021 01:29 pm

    El 1/2/21 a las 20:53, Dream Master escribió:
    Don't hate me because I'm beautiful.

    Okay, now that I got everyone to laugh. What is the possibility of adding DKIM support into the mail server?

    If you say, "Brian, this will take a damn miracle." I'll respond with, "Damn people with their iCloud email addresses aren't getting messages. I support DMARC and SPF but iCloud wants it all."

    Good question.

    Can mailproc.ini be used or is there some other method to process
    outgoing messages?

    External mail processors are for incoming mail.

    It would be nice to be able to use opendkim to sign them.

    It would be possible to have a JavaScript event walk through the mail base and modify pending outbound email messages. Doesn't seem like the best approach, but it could work.
    --
    digital man

    This Is Spinal Tap quote #42:
    What day the Lord created Spinal Tap and couldn't he have rested on that day? Norco, CA WX: 70.6°F, 45.0% humidity, 0 mph WSW wind, 0.00 inches rain/24hrs ---
    ■ Synchronet ■ Vertrauen ■ Home of Synchronet ■ [vert/cvs/bbs].synchro.net
  • From Dream Master@VERT/CIAD to Digital Man on Tue Feb 2 16:35:47 2021
    Re: DKIM Support for Mail Server
    By: Digital Man to Dream Master on Tue Feb 02 2021 12:50 am

    I haven't had any troubles. icloud you said? I'm pretty sure I've sent emails to those addresses from my BBS's mail server. Maybe its the reverse DNS lookup or the reputation of my IP addresses that allows my mail to get through? <shrug>

    I have zero issues in DNSBL as well as all my DNS lookups are configured appropriately (including reverse). I'm thinking it might just be where the user may be located (GDPR, who knows). Oh, well. I loaded in a public DKIM entry as a means to an end. :)

    Brian Klauss <-> Dream Master
    Caught in a Dream | caughtinadream.com a Synchronet BBS

    ---
    ■ Synchronet ■ Caught in a Dream - caughtinadream.com
  • From Dream Master@VERT/CIAD to deon on Tue Feb 2 16:36:49 2021
    Re: DKIM Support for Mail Server
    By: deon to Dream Master on Tue Feb 02 2021 08:39 pm

    So its pretty easy to hand off outgoing SMTP to an intermediatory (and incoming via that intermediatory), that does the DKIM stuff. (I'm currently doing it.)

    I've thought about relaying through postfix and have it deal with all the extras. What are you using, if I may ask?

    Brian Klauss <-> Dream Master
    Caught in a Dream | caughtinadream.com a Synchronet BBS

    ---
    ■ Synchronet ■ Caught in a Dream - caughtinadream.com
  • From Dream Master@VERT/CIAD to Bob Roberts on Tue Feb 2 17:08:12 2021
    Re: DKIM Support for Mail Server
    By: Bob Roberts to Digital Man on Tue Feb 02 2021 08:32 am

    ooo, if we're making a mail server wishlist, I request STARTTLS. :-)

    My jaw... it just dropped. :)

    Brian Klauss <-> Dream Master
    Caught in a Dream | caughtinadream.com a Synchronet BBS

    ---
    ■ Synchronet ■ Caught in a Dream - caughtinadream.com
  • From Bob Roberts@VERT to Dream Master on Tue Feb 2 17:45:49 2021
    ooo, if we're making a mail server wishlist, I request STARTTLS. :-)
    My jaw... it just dropped. :)

    DM says it already supports it. So I'm going to review my configs. I seem to remember there was some issue getting it working before.

    Bob Roberts
    --- SBBSecho 3.12-Linux
    * Origin: Halls of Valhalla -:- hovalbbs.com:2333 (1:218/840)
    ■ Synchronet ■ Vertrauen ■ Home of Synchronet ■ [vert/cvs/bbs].synchro.net
  • From deon@VERT/ALTERANT to Dream Master on Wed Feb 3 13:02:11 2021
    Re: DKIM Support for Mail Server
    By: Dream Master to deon on Tue Feb 02 2021 11:36 am

    So its pretty easy to hand off outgoing SMTP to an intermediatory (and incoming via that intermediatory), that does the DKIM stuff. (I'm currently doing it.)
    I've thought about relaying through postfix and have it deal with all the extras. What are you using, if I may ask?

    I'm using sendmail with rspamd. (rspamd does the signing and validation).

    ...δεσ∩

    ... When Chuck Norris breaks wind, the wind stays broken.

    ---
    ■ Synchronet ■ Alterant | an SBBS in Docker on Pi!
  • From Dream Master@VERT/CIAD to Bob Roberts on Wed Feb 3 02:44:30 2021
    Re: DKIM Support for Mail Server
    By: Bob Roberts to Dream Master on Tue Feb 02 2021 12:45 pm

    DM says it already supports it. So I'm going to review my configs. I seem to remember there was some issue getting it working before.

    I just reviewed my sbbs.ini and I could not locate a STARTTLS option within the [Mail] block of the file.

    Brian Klauss <-> Dream Master
    Caught in a Dream | caughtinadream.com a Synchronet BBS

    ---
    ■ Synchronet ■ Caught in a Dream - caughtinadream.com
  • From Digital Man@VERT to Dream Master on Wed Feb 3 18:10:05 2021
    Re: DKIM Support for Mail Server
    By: Dream Master to Bob Roberts on Tue Feb 02 2021 09:44 pm

    Re: DKIM Support for Mail Server
    By: Bob Roberts to Dream Master on Tue Feb 02 2021 12:45 pm

    DM says it already supports it. So I'm going to review my configs. I seem to remember there was some issue getting it working before.

    I just reviewed my sbbs.ini and I could not locate a STARTTLS option within the [Mail] block of the file.

    It's not optional - it's always supported.
    --
    digital man

    Synchronet/BBS Terminology Definition #60:
    REP = QWK Reply
    Norco, CA WX: 68.9°F, 50.0% humidity, 12 mph ENE wind, 0.00 inches rain/24hrs ---
    ■ Synchronet ■ Vertrauen ■ Home of Synchronet ■ [vert/cvs/bbs].synchro.net
  • From Dream Master@VERT/CIAD to Digital Man on Wed Feb 3 20:16:20 2021
    Re: DKIM Support for Mail Server
    By: Digital Man to Dream Master on Wed Feb 03 2021 01:10 pm

    It's not optional - it's always supported.

    So much better. So, you could say its a non-optional option? Those are my favorites. Now, DKIM? I'll bow down to your greatness the next time I'm in California (this summer, maybe).

    Brian Klauss <-> Dream Master
    Caught in a Dream | caughtinadream.com a Synchronet BBS

    ---
    ■ Synchronet ■ Caught in a Dream - caughtinadream.com
  • From Digital Man@VERT to Dream Master on Thu Feb 4 01:17:47 2021
    Re: DKIM Support for Mail Server
    By: Dream Master to Digital Man on Wed Feb 03 2021 03:16 pm

    Re: DKIM Support for Mail Server
    By: Digital Man to Dream Master on Wed Feb 03 2021 01:10 pm

    It's not optional - it's always supported.

    So much better. So, you could say its a non-optional option? Those are my favorites. Now, DKIM?

    If you add it as an "issue" at https://gitlab.synchro.net/main/sbbs/-/issues it'll be less likely be forgotten about and get better visibility with others that could/might implement it (e.g. Deuce).

    I'll bow down to your greatness the next time I'm in
    California (this summer, maybe).

    Cool. We'll have to catch then. No bowing of course.
    --
    digital man

    Synchronet/BBS Terminology Definition #43:
    IMAP = Internet Message Access Protocol
    Norco, CA WX: 54.1°F, 80.0% humidity, 5 mph ESE wind, 0.00 inches rain/24hrs ---
    ■ Synchronet ■ Vertrauen ■ Home of Synchronet ■ [vert/cvs/bbs].synchro.net
  • From Dream Master@VERT/CIAD to Digital Man on Thu Feb 4 05:34:34 2021
    Re: DKIM Support for Mail Server
    By: Digital Man to Dream Master on Wed Feb 03 2021 08:17 pm

    If you add it as an "issue" at https://gitlab.synchro.net/main/sbbs/-/issues it'll be less likely be forgotten about and get better visibility with others that could/might implement it (e.g. Deuce).

    Done.

    Cool. We'll have to catch then. No bowing of course.

    Okay, no bowing. :)

    Brian Klauss <-> Dream Master
    Caught in a Dream | caughtinadream.com a Synchronet BBS

    ---
    ■ Synchronet ■ Caught in a Dream - caughtinadream.com
  • From Tracker1@VERT/TRN to Digital Man on Thu Feb 4 10:29:14 2021
    On 2/2/2021 12:08 PM, Digital Man wrote:
    ooo, if we're making a mail server wishlist, I request STARTTLS. :-)

    The Synchronet Mail Server has supported STARTTLS for SMTP and STLS
    for POP3 since March of 2018 (thanks Deuce).

    On a similar note... would it be possible to have a setting that rejects inbound email not on TLS? (either the smtp+tls port or via starttls)

    Not sure how much spam vs ham it would catch/reject that way.
    --
    Michael J. Ryan (tracker1)
    +o roughneckbbs.com
    ---
    ■ Synchronet ■ Roughneck BBS - roughneckbbs.com
  • From Tracker1@VERT/TRN to Ragnarok on Thu Feb 4 10:31:58 2021
    On 2/2/2021 9:29 AM, Ragnarok wrote:
    El 1/2/21 a las 20:53, Dream Master escribió:
    Don't hate me because I'm beautiful.

    Okay, now that I got everyone to laugh.  What is the possibility of
    adding DKIM support into the mail server?

    If you say, "Brian, this will take a damn miracle."  I'll respond
    with, "Damn people with their iCloud email addresses aren't getting
    messages.  I support DMARC and SPF but iCloud wants it all."

    Good question.

    Can mailproc.ini be used or is there some other method to process
    outgoing messages?
    It would be nice to be able to use opendkim to sign them.

    I've been routing my outbound mail through sendgrid (I'm well within
    their free tier) with spf/dkim etc configured on that side. Don't seem
    to have issues with gmail or other cloud mail hosts that way.

    Of course, need to remember to add the bit flags for relay in addition
    to the relay host/user/pass settings.
    --
    Michael J. Ryan (tracker1)
    +o roughneckbbs.com
    ---
    ■ Synchronet ■ Roughneck BBS - roughneckbbs.com
  • From Digital Man@VERT to Tracker1 on Thu Feb 4 18:52:36 2021
    Re: Re: DKIM Support for Mail Server
    By: Tracker1 to Digital Man on Thu Feb 04 2021 05:29 am

    On 2/2/2021 12:08 PM, Digital Man wrote:
    ooo, if we're making a mail server wishlist, I request STARTTLS. :-)

    The Synchronet Mail Server has supported STARTTLS for SMTP and STLS
    for POP3 since March of 2018 (thanks Deuce).

    On a similar note... would it be possible to have a setting that rejects inbound email not on TLS? (either the smtp+tls port or via starttls)

    Sure, just about anything's possible.

    Not sure how much spam vs ham it would catch/reject that way.

    I still get a lot of valid mail via plain ole SMTP. <shrug>
    --
    digital man

    Rush quote #82:

    Norco, CA WX: 66.2°F, 39.0% humidity, 7 mph ENE wind, 0.00 inches rain/24hrs ---
    ■ Synchronet ■ Vertrauen ■ Home of Synchronet ■ [vert/cvs/bbs].synchro.net
  • From Dream Master@VERT/CIAD to Tracker1 on Thu Feb 4 18:13:21 2021
    Re: Re: DKIM Support for Mail Server
    By: Tracker1 to Ragnarok on Thu Feb 04 2021 05:31 am

    I've been routing my outbound mail through sendgrid (I'm well within
    their free tier) with spf/dkim etc configured on that side. Don't seem
    to have issues with gmail or other cloud mail hosts that way.

    Of course, need to remember to add the bit flags for relay in addition
    to the relay host/user/pass settings.

    That worked beautifully!!!

    Thank you for the suggestion. Oh, yeah, and the bit flags were annoying as fuck!

    LOL

    Brian Klauss <-> Dream Master
    Caught in a Dream | caughtinadream.com a Synchronet BBS

    ---
    ■ Synchronet ■ Caught in a Dream - caughtinadream.com
  • From Tracker1@VERT/TRN to Dream Master on Fri Feb 5 14:08:37 2021
    On 2/4/2021 1:13 PM, Dream Master wrote:
    I've been routing my outbound mail through sendgrid (I'm well
    within their free tier) with spf/dkim etc configured on that
    side. Don't seem to have issues with gmail or other cloud
    mail hosts that way.

    Of course, need to remember to add the bit flags for relay in
    addition to the relay host/user/pass settings.

    That worked beautifully!!!

    Thank you for the suggestion. Oh, yeah, and the bit flags were
    annoying as fuck!

    Yeah, I set the relay* entries, but couldn't figure out why it was
    sending directly on my recent deploy, then had noticed the need for the
    flags as well as setting the relay entries. Glad it works for you.

    I also added a comment as such on the issue you created in gitlab in
    case someone comes across it looking for similar support.
    --
    Michael J. Ryan (tracker1)
    +o roughneckbbs.com
    ---
    ■ Synchronet ■ Roughneck BBS - roughneckbbs.com