Resolved [PPP-54865] Missing DKIM signature on error-notices is missing

[Jan]

Hei,

I'm using 18.0.39 Update #1 on Linux. DKIM signatures are enabled and work in most situations. Still, I've some trouble having one in an error report.

The situation is:

• plesk is running on plesk.jluehr.de
• One domain (test.tld) has a mail address [email protected] that is forward-only but the target ([email protected]) is not working (e.g. typo in the forwarding address)
• 'Fix incorrectly set sender for outgoing mail' is enabled in plesk

When somebody from an external-server ([email protected] / mx.jluehr.de) tries to write a mail to [email protected], the mail is accepted by the plesk-server at first. After getting a rejection from [email protected], plesk sends an error-report to the original sender as follows:

Return-Path: <>
Delivered-To: jan@localhost
Received: from mx.jluehr.de
    by localhost with LMTP
    id /Gr+HncOeWEDvQEA0J78UA
    (envelope-from <>)
    for <jan@localhost>; Wed, 27 Oct 2021 08:31:51 +0000
Received: from localhost (localhost [127.0.0.1])
    by mx.jluehr.de (Postfix) with ESMTP id 6559DA703E26
    for <[email protected]>; Wed, 27 Oct 2021 08:31:51 +0000 (UTC)
X-Spam-Flag: NO
X-Spam-Score: 0
X-Spam-Level:
X-Spam-Status: No, score=0 tagged_above=-400 required=3.41
    tests=[SPF_HELO_PASS=-0.001, URIBL_BLOCKED=0.001]
    autolearn=ham autolearn_force=no
Received: from mx.jluehr.de ([127.0.0.1])
    by localhost (localhost [127.0.0.1]) (amavisd-new, port 10024)
    with ESMTP id NhsxWx4TdHaZ for <[email protected]>;
    Wed, 27 Oct 2021 08:31:50 +0000 (UTC)
Received: from plesk.jluehr.de (plesk.jluehr.de [IPv6:2001:8d8:1800:406::1])
    by mx.jluehr.de (Postfix) with ESMTPS
    for <[email protected]>; Wed, 27 Oct 2021 08:31:50 +0000 (UTC)
Received: by plesk.jluehr.de (Postfix)
    id BC5589AD; Wed, 27 Oct 2021 08:31:49 +0000 (UTC)
Date: Wed, 27 Oct 2021 08:31:49 +0000 (UTC)
From: [email protected] (Mail Delivery System)
Subject: Undelivered Mail Returned to Sender
To: [email protected]
Auto-Submitted: auto-replied
MIME-Version: 1.0
Content-Type: multipart/report; report-type=delivery-status;
    boundary="42D84A0.1635323509/plesk.jluehr.de"
Message-Id: <[email protected]>

This is a MIME-encapsulated message.

--42D84A0.1635323509/plesk.jluehr.de
Content-Description: Notification
Content-Type: text/plain; charset=us-ascii

This is the mail system at host plesk.jluehr.de.

I'm sorry to have to inform you that your message could not
be delivered to one or more recipients. It's attached below.

For further assistance, please send mail to postmaster.

If you do so, please include this problem report. You can
delete your own text from the attached returned message.

The problem with this report is that is doesn't contain a DKIM signature. Hence, there's a higher chance that this report won't make it to the original sender. I've already seen some on these reports bouncing back (external spam false postives) to the server administrator's mailbox. Furthermore, this prevents enabling DMARC in my domain.

As a work-around, I tried installing a plesk hosting regarding the domain plesk.jluehr.de explictly at the server and enabling DKIM. For regular emails, DKIM works fine. Still, error-reports as shown above are not signed.

As a partial work-around, I created additional subdomain plesk.jluehr.de in the DNS-Zone. I also disabled DMARC in the DNS-settings of the plesk,jluehr.de-hosting, whereas it is still present in jluehr.de. This prevent's me from violating my own policy :-(, AFAIK. Please correct me if I'm wrong.

So, the remaining question is: How to make plesk signing such error-reports using DKIM?

Any help would be appreciated,

Thanks in advance, Jan

 

[Nik G]

hello @Jan ,

looks like you've found a bug.
we'll try to fix it in some nearest release.


thank you for helping us make Plesk better.

 

[Ehud]

Hi Nik G,

After a year and a half, Plesk server notifications, still do NOT sign DKIM, when that is enabled.

A BUG? More like a failure a year and a half after notification.