On a freshly installed nethserver including email module, I had to add a dns entry for the green ip of my nethserver, because the external ip is hold by my opnsense router. Now mail.ourdomain.com resolves correctly to the internal ip of nethserver, thus thunderbird can autoguess the needed settings, it chooses Kerberos/GSSAPI for imap and password, normal for smtp. But pushing Finish button, I am informed that sign in to the server has failed. What could be wrong ?
Another thing, I’d like to know is about dkim configuration. When I create a TXT record “default._domainkey”, my providers webinterface automatically ammends my domain, making the key looking like “default._domainkey.ourdomain.com” - that way the check status states that the keys are not the same. As I cannot change the behaviour of my providers webinterface, I’d like to know. hot to reconfigure this within nethserver.
Last but not least, how can I tell nethserver to identify itself in helo as mail.ourdomain.com, and not with its real hostname?
you are right, that way the connection works. Still a problem getting mails sent. I guess, its because of the real hostname being used, instead of mail.ourdomain.com.
Also tried to send from webtop. In the logs, I see connection refused when it tries to access a mailserver nethserver uses its FQDN. Thats why I need helo server name and dkim fixed.
No, I only have put mail.ourdomain.com as dns entry, including reverse dns lookup setup that way. Thats why I would like nethserver to reply as mail.ourdomain.com and not with its fqdn.
The hostname is not that generic so I would prefer not to use it externally.
You say, bether correct dns to point to real fqdn than try to make nethserver mail helo reply to another name like mail.domain.ch. Got it, I will try that tommorrow. Btw. can nethserver hostname be changed without creating problems after having already created domain?
Thanks for your continous advice, much appreciated.
After creating your AD, only the IP can be changed, not the hostname.
I did try to force that once, and deleted the AD and tried to restore just the AD bit back (With Config restore). That screwed up my shares on the NethServer!
As you maybe saw in the Mail Headers sent, that the FQDN shows up once, but is followed by the Name of the external IP, which we have a PTR DNS Record by our Internet Connection Provider.
Better than the FQDN the provider gave the Notebook, But even that name is fully entered in DNS and in Reverse as a PTR. Generally: Anything (host) which shows up in a Mailheader should be resolveable by external DNS - and have Reverse DNS if possible. That improves Mail Quality (Trustworthyness).
I will check tomorrow, maybe really just add that hostname to dns will do.
Last but not least, I really hope there is a way to fix the dkim problem, as I cannot change that on my side. I will contact the hoster anyway, but if they refuse to create a record without my domain appended, I need to be able to change default._domainkey (appending .ourdomain.com) on nethserver side, else I will not be able to get dkim running.
