When adding a sieve filter for out-of-office, the automatic email is sent without being DKIM signed. Example:
Sieve filter:
When an email is delivered to this account, the normal stuff is logged by exim:
And the dovecot lmtp log shows no issues either:
But the exim log shows an error when trying to deliver the vacation response:
And sure enough, the DMARC policy for this domain is strict,
I tried setting
Any ideas on how to resolve this?
Sieve filter:
Code:
require ["date","relational","vacation"];
# rule:[Out of Office]
if allof (currentdate :zone "+0200" :value "ge" "iso8601" "2021-07-01T16:30:00+02:00", currentdate :zone "+0200" :value "le" "iso8601" "2021-07-17T23:59:00+02:00")
{
vacation :days 5 :subject "Feriemelding" text:
<Body of mail here>
.
;
}
When an email is delivered to this account, the normal stuff is logged by exim:
Code:
2021-06-30 09:58:29 1lyV77-0005O6-Og <= <redacted>@gmail.com H=<redacted> [<redacted>] P=esmtps X=TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128 CV=no S=5813 DKIM=gmail.com id=CA+1mp2ZsndiaeMFoPMuJd36UHUkFnJEPS+YhtmbLG1Sqcxmy4Q@mail.gmail.com T="test fra gmail" from <<redacted>@gmail.com> for <redacted>@<redacted>
2021-06-30 09:58:29 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1lyV77-0005O6-Og
2021-06-30 09:58:29 cwd=/run/dovecot 6 args: /usr/sbin/sendmail -i -f <> -- <redacted>@gmail.com
2021-06-30 09:58:29 1lyV77-0005OE-SY <= <> U=<redacted> P=local S=943 id=dovecot-sieve-1625039909-869326-0@<redacted> T="Feriemelding" from <> for <redacted>@gmail.com
2021-06-30 09:58:29 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1lyV77-0005OE-SY
2021-06-30 09:58:29 1lyV77-0005O6-Og => <redacted> <<redacted>@<redacted>> F=<<redacted>@gmail.com> R=virtual_user T=dovecot_lmtp_udp S=6038 C="250 2.0.0 <<redacted>@<redacted>> CIx5MyUk3GCRTwAAYMfYVg Saved"
2021-06-30 09:58:29 1lyV77-0005O6-Og Completed
And the dovecot lmtp log shows no issues either:
Code:
Jun 30 09:58:29 lmtp(20369): Info: Connect from local
Jun 30 09:58:29 lmtp(<redacted>@<redacted>)<20369><CIx5MyUk3GCRTwAAYMfYVg>: Info: sieve: msgid=<CA+1mp2ZsndiaeMFoPMuJd36UHUkFnJEPS+YhtmbLG1Sqcxmy4Q@mail.gmail.com>: vacation action: sent vacation response to <<redacted>@gmail.com>
Jun 30 09:58:29 lmtp(<redacted>@<redacted>)<20369><CIx5MyUk3GCRTwAAYMfYVg>: Info: sieve: msgid=<CA+1mp2ZsndiaeMFoPMuJd36UHUkFnJEPS+YhtmbLG1Sqcxmy4Q@mail.gmail.com>: stored mail into mailbox 'INBOX'
Jun 30 09:58:29 lmtp(20369): Info: Disconnect from local: Client has quit the connection (state=READY)
But the exim log shows an error when trying to deliver the vacation response:
Code:
2021-06-30 09:58:30 1lyV77-0005OE-SY ** <redacted>@gmail.com F=<> R=lookuphost T=remote_smtp H=gmail-smtp-in.l.google.com [74.125.131.27] X=TLS1.2:ECDHE-ECDSA-CHACHA20-POLY1305:256 CV=yes: SMTP error from remote mail server after end of data: 550-5.7.26 Unauthenticated email from <redacted> is not accepted due to\n550-5.7.26 domain's DMARC policy. Please contact the administrator of\n550-5.7.26 <redacted> domain if this was a legitimate mail. Please visit\n550-5.7.26 https://support.google.com/mail/answer/2451690 to learn about the\n550 5.7.26 DMARC initiative. 15si4275330lfz.385 - gsmtp
2021-06-30 09:58:30 1lyV77-0005OE-SY Frozen (message created with -f <>)
And sure enough, the DMARC policy for this domain is strict,
v=DMARC1; p=reject; adkim=s; aspf=s;
, so the error is legitimate. Now the question is, how can I get dovecot to deliver the vacation response in a way that also gets it DKIM signed?I tried setting
submission_host = localhost:25
in the dovecot config, but this seems to be blocked in Exim by Spamblocker/Blockcracking:
Code:
2021-06-30 11:53:37 H=localhost (<redacted>) [127.0.0.1] F=<> rejected RCPT <<redacted>@gmail.com>: We didn't send the message
Any ideas on how to resolve this?