Hello, I have setup a fresh Debian 10 and install aaPanel, on top the Mail Server App. Everything works fine, Thank you for this, but unfortunatly outgoing mails are not signed. this is my config: Any Idea what I did wrong. Thank you! Silverchair_mfcu

I am experiencing the same issue on one of my servers. All domain settings are green in Mail Server App. I've tried changind permission without any success: chmod 644 /www/server/dkim/xx.com/default.private systemctl restart rspamd if(window.hljsLoader && !document.currentScript.parentNode.hasAttribute('data-s9e-livepreview-onupdate')) { window.hljsLoader.highlightBlocks(document.currentScript.parentNode); } I've also ran: openssl s_client -connect mail.135mailtest.com:587 -starttls smtp return code is 0 (ok) Do you have any other suggestions? I am running CentOS 8.5, aapanel is 7.0.7 and Mail app is 5.1.1 P.S. I've also replaced the SSL certificate on mail server.

Outgoing mail is not DKIM signed

Josdansd

I'm getting this error too.

Although all seems to be working for the mail server app on aapanel, when I send a mail to a test service like mailgenius, it says that the mail is not DKIM signed

Also this might be related

Since I have two domains in the mail server app, the "from" header of the emails is always the same (VPS hostname) although the email is being sent from one of those domains
!<

As a side problem, whenever I add a valid SSL as mentioned in the official guide (making a SSL with a pan domain activated via DNS verification and then applying the same for the mail server app) for each domain on my mail server, I get the "add SSL" button as if I didn't added a valid SSL record, instead the expiry date as in others screenshots. How can I get over this?

aaPanel_Kern

Josdansd
Hello,
Unable to send dkim headers
Troubleshoot log /var/log/rspamd/rspamd.log
Prompt for permission issues:
2022-04-20 00:27:56 #1363(rspamd_proxy) <6795e9>; proxy; dkim_module_load_key_format: cannot load dkim key /www/server/dkim/xx.com/default.private: cannot map key file: '/www /server/dkim/xx.com/default.private' Permission denied

Set 640 to 644, then restart rspamd to send emails to view the email source code, please replace xxx.com with your domain name.

chmod 644 /www/server/dkim/xx.com/default.private systemctl restart rspamd

aaPanel_Kern

Hello, please try to reapply for SSLs at the mail server. At the same time, check the postfix configuration, which can be viewed in the server status
"mail.135mailtest.com" is replaced with your domain name
Put:
smtpd_tls_chain_files=/etc/ssl/private/ssl-cert-snakeoil.key,/etc/ssl/certs/ssl-cert-snakeoil.pem
Change to:
smtpd_tls_chain_files = /www/server/panel/plugin/mail_sys/cert/135mailtest.com/privkey.pem,/www/server/panel/plugin/mail_sys/cert/135mailtest.com/fullchain.pem
Note to replace 135mailtest.com with your domain name.
Also check /www/server/panel/plugin/mail_sys/cert/135mailtest.com/ for privkey.pem and fullchain.pem files
You can use this command to check whether the correct SSL is configured
openssl s_client -connect mail.135mailtest.com:587 -starttls smtp
or
openssl s_client -connect mail.135mailtest.com:465 -starttls smtp

Josdansd

aaPanel_Kern The dkim permissions solved my problem, thank you!

About the SSL part I didn't try it since I changed the OS of my VPS from ubuntu to CentOs, seems that there is a bug in ubuntu that doesn't let the SSL to be saved on the domains listed on the mail server app. But if someone else's has that problem and can't change its OS maybe your solution might be of help.

aaPanel_Kern

Josdansd
The ubuntu22 has not been adapted yet. can use the ubuntu20 and use ssl normally

aaP_marvin26camarillo

Your solution works.

Set 640 to 644, then restart rspamd to send emails to view the email source code, please replace xxx.com with your domain name.

chmod 644 /www/server/dkim/xx.com/default.private
systemctl restart rspamd

deydod

I am experiencing the same issue on one of my servers.

All domain settings are green in Mail Server App.
I've tried changind permission without any success:

chmod 644 /www/server/dkim/xx.com/default.private
systemctl restart rspamd

I've also ran:
openssl s_client -connect mail.135mailtest.com:587 -starttls smtp
return code is 0 (ok)

Do you have any other suggestions? I am running CentOS 8.5, aapanel is 7.0.7 and Mail app is 5.1.1

P.S. I've also replaced the SSL certificate on mail server.

aaPanel_Kern

Hello, are there any errors when executing the command? What is the specific problem?
Whether to add related records to the domain name

deydod

aaPanel_Kern

I've compared like 10 times what aaPanel gives me for DKIM and the record we have in DNS server. Both are equal, even when tested with external tool default._domainkey is what is expected, however email is not signed with it.

Running openssl command above does not return any errors.
chmod and restart postfix does not help.

aaPanel_Kern

Hello, has the directory where the command is run modified? Are there any errors? If you are using the DNS manager on the panel, please use a domain name provider or third-party domain name management. It is known that some records of the DNS manager will not be disseminated.

deydod

aaPanel_Kern

I can't find any errors. DNS is external and not using aapanel's DNS manager.
Can you give me your email so I can send you access and inspect it?

aaPanel_Kern

Hi, can you give us your aapanel information? The server makes a snapshot backup first, if possible, please send it to kern@aapanel.com.
It is recommended to fill in the following
Post link:
SSH IP address, account password and port:
aapanel login link address and account password:
Detailed problem description:

No post link will not be able to know which user's information is, and the problem will not be processed

deydod