• Our team is looking to connect with folks who use email services provided by Plesk, or a premium service. If you'd like to be part of the discovery process and share your experiences, we invite you to complete this short screening survey. If your responses match the persona we are looking for, you'll receive a link to schedule a call at your convenience. We look forward to hearing from you!
  • The BIND DNS server has already been deprecated and removed from Plesk for Windows.
    If a Plesk for Windows server is still using BIND, the upgrade to Plesk Obsidian 18.0.70 will be unavailable until the administrator switches the DNS server to Microsoft DNS. We strongly recommend transitioning to Microsoft DNS within the next 6 weeks, before the Plesk 18.0.70 release.
  • The Horde component is removed from Plesk Installer. We recommend switching to another webmail software supported in Plesk.

Forwarded to devs Outgoing DKIM not working with unauthenticated user

DennisAm

DennisAm

Basic Pleskian
TITLE:
Outgoing DKIM not working with unauthenticated user
PRODUCT, VERSION, OPERATING SYSTEM, ARCHITECTURE:
Plesk Obsidian 18.0.21 Update #4, ‪CentOS Linux 7.7.1908
PROBLEM DESCRIPTION:
When sending emails through e.g. WordPress using unauthenticated SMTP (that is, not providing a username/password but just a From: ... address), the message is not signed with DKIM. Only when using authenticated SMTP (that is, by providing a username and password for sending email), DKIM works.​
STEPS TO REPRODUCE:
  • Activate DKIM for domain using these instructions
  • (specific to our situation, not sure if this is necessary to be able to reproduce the error) add DKIM public key to DNS
  • Create a WordPress website on the domain, e.g. DOMAIN.TLD (though, any PHP script using the default PHP mail() function should reproduce this problem)
  • Send an email through WordPress using [email protected] (by default, WP doesn't do any SMTP authentication and will attempt to use the default PHP mail() function)
  • The receiving party will see in the email headers that the message is not signed with DKIM (see example headers below)
Then, try the following:
  • Create email user in Plesk for DOMAIN.TLD, e.g. [email protected]
  • Install WP Mail SMTP and use the following settings:
    • Server: localhost
    • Port: 25
    • SSL/TLS: none
    • User: [email protected]
    • Password <your password>
  • Send an email through WordPress using [email protected]
  • The receiving party will see in the email headers that the message is correctly signed with DKIM (see example headers below)
ACTUAL RESULT:
When sending from WordPress (unauthenticated, [email protected]):

Code: 
Authentication-Results: spf=pass (sender IP is 149.*.*.*)
smtp.mailfrom=SENDER.nl; RECEIVER.nl; dkim=none (message not signed)
header.d=none;RECEIVER.nl; dmarc=pass action=none
header.from=SENDER.nl;compauth=pass reason=100

When sending from authenticated user ([email protected]):

Code: 
Authentication-Results: spf=pass (sender IP is 149.*.*.*)
smtp.mailfrom=SENDER.nl; RECEIVER.nl; dkim=pass (signature was verified)
header.d=SENDER.nl;RECEIVER.nl; dmarc=pass action=none
header.from=SENDER.nl;compauth=pass reason=100
EXPECTED RESULT:
When sending from WordPress (unauthenticated, [email protected]):

Code: 
Authentication-Results: spf=pass (sender IP is 149.*.*.*)
smtp.mailfrom=SENDER.nl; RECEIVER.nl; dkim=pass (signature was verified)
header.d=SENDER.nl;RECEIVER.nl; dmarc=pass action=none
header.from=SENDER.nl;compauth=pass reason=100

When sending from authenticated user ([email protected]):

Code: 
Authentication-Results: spf=pass (sender IP is 149.*.*.*)
smtp.mailfrom=SENDER.nl; RECEIVER.nl; dkim=pass (signature was verified)
header.d=SENDER.nl;RECEIVER.nl; dmarc=pass action=none
header.from=SENDER.nl;compauth=pass reason=100
ANY ADDITIONAL INFORMATION:
YOUR EXPECTATIONS FROM PLESK SERVICE TEAM:
Confirm bug
 
Thank you for report. Bug was confirmed and submitted as PPPM-11366
 
You must log in or register to reply here.

Similar threads

F
Issue SOGo - emails sent from webmail, both manually created and autoresponder/vacation/out-of-office, are rejected. They miss spf, dkim, dmarc, everything
Replies
1
Views
411
Farfalk
F
E
Question Is multiple HELO registration possible?
Replies
2
Views
620
emrekoc
E
HoracioS
Issue Plesk Forwarding & DKIM Authentication: How to Ensure Matching Signatures?
Replies
1
Views
794
Aslanj
A
K
Issue emails marked to gmail as dkim fail
Replies
3
Views
2K
HoracioS
HoracioS
Bitpalast
Forwarded to devs Spamassassin ignores mails to mailboxes that contain an ampersand, e.g. d&[email protected]
Replies
9
Views
2K
Bitpalast
Bitpalast
Back
Top