Search found 15 matches

by kmwade
2018-08-07 23:34
Forum: General discussions
Topic: dmarc reports show some messages failing dkim
Replies: 11
Views: 2645

Re: dmarc reports show some messages failing dkim

Wow, I see that my last reply never posted. Sorry about that.

This seems to be fixed with the version upgrade. I've been up for over a week and have 0 open smtp sessions, and no more DKIM failures in my dmarc reports. Thanks for your help.
by kmwade
2018-08-01 00:37
Forum: General discussions
Topic: dmarc reports show some messages failing dkim
Replies: 11
Views: 2645

Re: dmarc reports show some messages failing dkim

2018-07-31 Hmailserver: 5.6.7-B2425 DOMAINS "Domain1.com" - dxxxxxxxxxxx.com Enabled: True |- "Alias1.com" - mixxxxxxxxxxxxxxxxx.com |- "Alias2.com" - mixxxxxxxxx.com SIGNATURE LIMITS DKIM ADVANCED Enabled: True Max size: 0 Enabled: True APPEND Max message size: 0 Header: Relaxed Plus addressing: F...
by kmwade
2018-08-01 00:35
Forum: General discussions
Topic: dmarc reports show some messages failing dkim
Replies: 11
Views: 2645

Re: dmarc reports show some messages failing dkim

timeout is normal - that happens This is thousands of timeouts in a couple of days. My last hmailserver shutdown shows 9802 "ending session" lines in the log after the shutdown command was sent. You have many SMTP open connections? Normally it's 0. Probably never more than 2 or 3 at a time, no more...
by kmwade
2018-07-31 05:03
Forum: General discussions
Topic: dmarc reports show some messages failing dkim
Replies: 11
Views: 2645

Re: dmarc reports show some messages failing dkim

How do you know that there is thousands of open connections? On the Status page under "Number of open sessions". Normally it doesn't get that high before I restart. When this happens people tell me nothing is sending or receiving, What are your thread settings in Performance? 15,10,15,Normal Is any...
by kmwade
2018-07-31 02:07
Forum: General discussions
Topic: dmarc reports show some messages failing dkim
Replies: 11
Views: 2645

Re: dmarc reports show some messages failing dkim

I was on B2383 until today. I'm now on B2425 and watching. It usually takes a day or two for the SMTP problem to show up.
by kmwade
2018-07-30 23:34
Forum: General discussions
Topic: dmarc reports show some messages failing dkim
Replies: 11
Views: 2645

Re: dmarc reports show some messages failing dkim

No. DMARC is intended to prevent fraudulent messages. However, these messages are traveling directly from my server to Google and Yahoo servers, as evidenced by the fact that they pass SPF. I think tampering is highly unlikely, and malware scanning is not occurring in between these edge servers. Our...
by kmwade
2018-07-25 16:20
Forum: General discussions
Topic: dmarc reports show some messages failing dkim
Replies: 11
Views: 2645

dmarc reports show some messages failing dkim

In each of my dmarc reports I see some failures. For example, in yesterday's Google report I had 7 dkim passes and 1 dkim failure. All 8 messages originated from my hmailserver, according to my log files. Similar results from Yahoo. This happens daily. Unfortunately the reports are very general, so ...
by kmwade
2013-05-12 18:31
Forum: General discussions
Topic: DKIM validation fails for facebook.com
Replies: 18
Views: 8393

Re: DKIM validation fails for facebook.com

Bill, is this fix in subsequent experimental builds? Or are we frozen at this point if we need the DKIM fix?
by kmwade
2012-09-21 19:54
Forum: Feature requests
Topic: Event on new user creation
Replies: 1
Views: 2016

Event on new user creation

It would be nice to have an event fire when a new user is created. I would use this to send welcome emails, notify supervisors, and add new users to a global address book.
by kmwade
2011-08-22 18:47
Forum: Feature requests
Topic: Require encrypted connection for SMTP authentication
Replies: 2
Views: 3298

Re: Require encrypted connection for SMTP authentication

Looking toward the future, ie STARTTLS, I think it would be more elegant to make the SMTP server itself aware of the connection status. Then the SMTP server can choose to deny access to the AUTH command and send the appropriate response codes.
by kmwade
2011-08-22 18:37
Forum: Feature requests
Topic: Apply IP Range connection policies per inbound port
Replies: 9
Views: 6331

Apply IP Range connection policies per inbound port

I would like to be able to select the incoming server port in the IP range definitions. For example: addresses connecting to port 465 could be required to authenticate. Addresses connecting to port 25 could be restricted to local delivery only.
by kmwade
2011-08-22 18:26
Forum: Feature requests
Topic: Require encrypted connection for SMTP authentication
Replies: 2
Views: 3298

Require encrypted connection for SMTP authentication

In order to prevent users from logging in to the SMTP server over a clear and unencrypted connection, I would like an option to require an encrypted(TLS/SSL) SMTP connection before the AUTH command is available. For example, if the connection were unencrypted, the AUTH capability would not be advert...
by kmwade
2011-08-22 17:51
Forum: General discussions
Topic: TLS email and STARTTLS
Replies: 10
Views: 5852

Re: TLS email and STARTTLS

Sorry, I was not trolling. (You may notice that I long ago posted on the feature request and voted for it.) I just noticed that on every thread about this topic you respond with the same unhelpful arguments. (That seems more like trolling to me.) All of your arguments about message security have bee...
by kmwade
2011-08-22 07:12
Forum: General discussions
Topic: TLS email and STARTTLS
Replies: 10
Views: 5852

Re: TLS email and STARTTLS

I know it's a dead thread, but I'm tired of seeing the same post over and over by the STARTTLSophobe dzekas. 1. Please stop trying to convince the little guys how useless STARTTLS is. Take your crusade to the giant insurance/medical/banking institutions which are shoving this down our throat. Martin...
by kmwade
2010-08-13 18:11
Forum: Archived feature requests
Topic: ssl/tls and starttls [50%]
Replies: 145
Views: 122662

Re: ssl/tls and starttls

Implicit TLS/SSL has worked fine for local user connections. Opportunistic TLS is necessary for server-to-server communication. For awhile this was only necessary for banks and so forth, but it has begun to hit smaller folks like independent insurance agents. All of the commercial servers support th...