I've setup a multiserver setup with the perfect webserver tutorial on debian. Everything is working beside sending Mails with PHP mail() function from the Nginx Webserver to the own Mailserver in the multiserver setup. If i send the mails to another receiver on another server it works as expected. i assume that the webserver is working correctly and i think the Mailserver is rejecting the Mails. The Mailserver is like in the tutorial with Dovecot, Postfix and RSPAMD installed. When i sent mails from the Webserver i can't even see them in the RSPAMD-History on the webinterface. It seems they get rejected before. i've already tried setting up a whitelist in rspamd with IP_WHITELIST { type = "ip"; prefilter = true; map = "/${LOCAL_CONFDIR}/local.d/ip_whitelist.map"; action = "accept"; } WHITELIST_SENDER_DOMAIN { type = "from"; filter = "email:domain"; map = "/etc/rspamd/local.d/whitelist.sender.domain.map"; score = -1000.0 } in the file /etc/rspamd/local.d/multimap.conf i've added the ip of the webserver to the file /etc/rspamd/local.d/ip_whitelist.map and the doimain to the file /etc/rspamd/local.d/whitelist.sender.domain.map both show up in the RSPAMD-Webinterface but it is still not working. the php code i use $headers = 'From: ' . $email . "\r\n"; $headers .= 'Reply-To: '. $email . "\r\n"; $headers .= 'MIME-Version: 1.0' . "\r\n"; $headers .= 'Content-Type: text/plain;charset=utf-8' . "\r\n"; $headers .= 'X-Mailer: PHP/' . phpversion(); ... if (mail($to, $subject, $body, $headers)) { // Mail send sendStatus('OK'); } else { sendStatus($errorServerMail); exit; } does't anyone got a idea how to solve that problem, i wasn't able to find something here in the forum or google.
My understanding is that is not supposed to work. Send e-mails by authenticating as an existing user on the e-mail server. So enter the mailbox username and password to the e-mail sending thingy.
thx for your fast reply. if i understand you right the only way is to use SMTP to send the mails that they get signed with dkim, right? isn't there a way to whitelist the webserver domain/ip on the mailserver to accept all mails from that domain/ip without checking the dkim?
You should use SMTP for security reasons. That said, you can use php mail(). Take a look at your mail.log to see why it's rejected.
@Taleman's mention of 'authentication' refers to smtp authentication (authenticating as a user when sending mail), not dkim ("authenticating" the message headers/body against the dkim signature). If your webserver uses your mail server as a smarthost, then whether you send via php mail() or directly with smtp, it will arrive via smtp at your mail server. If you use smtp authentication, and in the absence of your ip whitelist config, it should be dkim signed by rspamd if you have set that up; it's actually on my todo list for today to test if it is still dkim signed when you force 'accept' the message. Your mail is likely being rejected by postfix, before it hits rspamd. The best solution is to send via authenticated smtp as already suggested, but you can whitelist the ip or a sender domain/address under Email > Postfix Whitelist. The mail sent from your webserver is almost certainly not dkim signed, and it is not making it to rspamd to have a dkim signature checked. If you think of websites as an application, it makes sense that they should be configured with an smtp server/username/password to send - any app on your phone or desktop would of course require that information to send mail, and a website could (should?) be considered the same way. You get better mail deliverability, less spam floods, more accountability, etc. There is almost no downside, other than it takes a few minutes to setup the smtp account.
