Hiya Matt, Once again, Thank you very much for the information and reminding me, I always forgot that you did mention that in the previous thread and I always forgot to take note on that. I will try to check the DNS.
So I sended a mail from thunderbird to my gmail and it goes to spam, so here’s the of the “Original Message” of the mail: --Starts of Original message-- Delivered-To: pochuf...@gmail.com Received: by 2002:a2e:a308:0:0:0:0:0 with SMTP id l8csp8462142lje; Tue, 9 Jul 2019 19:33:55 -0700 (PDT) X-Google-Smtp-Source: APXvYqz2Pvu7dnv1bNtBtkjraYHKl+VdAxxe6+MyZLxqGuajgEZz5FSJ7lblFfGiOnxW28OiQmBd X-Received: by 2002:a05:6000:9:: with SMTP id h9mr1329142wrx.271.1562726035666; Tue, 09 Jul 2019 19:33:55 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1562726035; cv=none; d=google.com; s=arc-20160816; b=hxt9MA20Il62uGMvpeoIKYM7NvUS69phJNlI2EtRzKHZ1pxSmmmHEkNbet+ox+qyXl xH25lbOW73Z9Z03GFQZ7TDPp0tRC2dgB+cFQUxN4xrYveEDFpfIH0oIeqOYhr+p0Bwi0 50vEC39FMNpxuvVoKWdt219JU3cGaCtpbkdmql0W33rvQQjttgJhkbEBy4/niSqKMR8F s3waE7r1MzHkAPVdZpU0NDnJjJM6uY5Mq37KiALOkQfWg2Sn8ZpN9BV+BeFlcdbNo9kL aDHi33veJ41o1vZndh1VJGypXMgxriyV7REMQBg3J5NS72cj4guaf5q7bWM1rjn6I406 gTKA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=content-language:content-transfer-encoding:user-agent:date :message-id:subject:from:to:mime-version; bh=5wfo1H+29jHo4uhiLLqayCA+TQbQEzg1BJDlbD3Zqv8=; b=fTx9CRHmU7CPabrGxTB1TW7g7CoS2X6Q2vXogTKnwwY2EbZ6KfllSJkj2OD0WFC+2e niYXcqouoFoXsxZbBDDqNlwr8rq2wa2OsuwLVsEAnXzGKyFppjW0bGm6lU9IDxZIfcr7 i5vqBAGsjdVwyr3TvVxPZaIoyh/ySeB44drESxcnTZFa9tkiNxgvMKTkpl6GQfvZJICl KZd8VzHBFOGHa4T4ov6oXhX5PuqdFQz7FSuQrzra2xP35cj575vTGWKLo7QSpyZibzvy nPmWwoM+/3UZbBJStASz2dglpsJZpAn3NTfBAqfRRd/TVmBXlcfeWVvUNpqTUY5oao+m 32iA== ARC-Authentication-Results: i=1; mx.google.com; spf=neutral (google.com: 173.249.33.70 is neither permitted nor denied by best guess record for domain of i...@pc.107.jp) smtp.mailfrom=i...@pc.107.jp Return-Path: <i...@pc.107.jp> Received: from pc.107.jp (vmi269656.contaboserver.net. [173.249.33.70]) by mx.google.com with ESMTP id l3si735050wrw.0.2019.07.09.19.33.55 for <pochuf...@gmail.com>; Tue, 09 Jul 2019 19:33:55 -0700 (PDT) Received-SPF: neutral (google.com: 173.249.33.70 is neither permitted nor denied by best guess record for domain of i...@pc.107.jp) client-ip=173.249.33.70; Authentication-Results: mx.google.com; spf=neutral (google.com: 173.249.33.70 is neither permitted nor denied by best guess record for domain of i...@pc.107.jp) smtp.mailfrom=i...@pc.107.jp MIME-Version: 1.0 X-UserIsAuth: true Received: from 103.121.18.42 (EHLO [192.168.100.26]) ([103.121.18.42]) by pc.107.jp (JAMES SMTP Server ) with ESMTPA ID 51347993 for <pochuf...@gmail.com>; Wed, 10 Jul 2019 04:33:55 +0200 (CEST) (*Header right here*) To: pochuf...@gmail.com From: Mr Sano Mail <i...@pc.107.jp> Subject: Test Send With Thunderbird Message-ID: <dace3df1-b5af-5d52-e3a2-413aed2a8...@pc.107.jp> Date: Wed, 10 Jul 2019 09:33:54 +0700 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.7.2 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Content-Language: en-US Test Send With Thunderbird, will it goes to spam? --End of Original Message— I just notice that the SPF said NEUTRAL instead of PASS (I check random mail from my inbox and compare see what’s different). So im guessing I have to make the SPF say PASS. For the DNS Record, I will consult my partner since he’s the one who set up the MX Record and all that stuff (We use Cloudflare as the mail server). I will post the result of trying to configuring the DNS Record. As for the DKIM Mailet, I have removed it for now and just leave the ConvertTo7Bit Mailet for now (The header said the Encoding is 7 bit, it must’ve worked). It still produces the “Bad Decryption Password” error and mailetcontainer.xml doesn’t allow “--” to be in the comment. Thank you for the help and sorry for any wrong word. Sincerely, Jason Sent from Mail for Windows 10 From: cryptearth Sent: Wednesday, July 10, 2019 2:33 AM To: server-user@james.apache.org Subject: Re: Applying JDKIM and SPF to the Mailets Hey Jason, as said earlier: If Google is marking your mails as spam that's most likely issue with DNS. Neither DKIM nor SPF is needed, Google uses a "soft-ignore" policy wich, when no information can be obtained, ignores it. SPF is set in the zone file belong to your domain, there's no need for any config related in James (config is only needed if you want to check incoming mail). A correct SPF record is a TXT record on the domain level noting every allowed mail server. For my domain cryptearth.de my SPF is this: "v=spf1 +ip4:213.211.219.9 +ip4:91.121.4.115 +ip6:2001:41d0:1:5773::1 -all" as TXT record directly in the main zone cryptearth.de. v=spf1 - that's the SPF marker +ip4 / +ip6 - these IPv4/v6 remote hosts are allowed -all - all other remote hosts are not allowed If your domain doesn't have any TXT record begin with v=spf1 Google just ignore the SPF check. Same goes for DKIM: if you don't provide DKIM Google ignores to check it. If your mail still get flagged as spam this could be reason by: - the mail server has no / an invalid PTR record - the mail server is located in a dial-up range - other DNS records doesn't match needed To help it could be helpful to show us the header of a mail that's marked as spam by google - we then can try to analyze if we found any issues. This is an example for my webserver send with php mail() function > dropped into sendmail nullclient > forwarded to james > send to google (I marked the headers): // all here until return-path header is google internal stuff Delivered-To: cryptea...@gmail.com Received: by 2002:a4f:6e52:0:0:0:0:0 with SMTP id j79csp7648569ivc; Tue, 9 Jul 2019 12:23:31 -0700 (PDT) X-Google-Smtp-Source: APXvYqxFdrccZnMMbSgzmSSr2YFUZ23iQA0se2sQVtyWuH5h/msfARkXQzD5JQP/j7z0vfw5NlOP X-Received: by 2002:adf:e8cb:: with SMTP id k11mr26007187wrn.244.1562700211239; Tue, 09 Jul 2019 12:23:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1562700211; cv=none; d=google.com; s=arc-20160816; b=CW95ECbinyXl5+I6Dmh3AYViWiGAnzsEHq149ZQBGjstvPEVzaAoRojjPoFw2wmoKZ eiDn7C/4R3Ee1NoiavjUKWZrQiQHjsvvf2f3eO5c0kNmFm1BBjqQUj9ibmIOIuZcGdjS HCCsdazTSJFJwj+HqkIJQQqCO4yJ8YJ8zVSmyWef7GuVtG9bWcqXK0GYSuC8o4KdDLrn zoGZQbE/6Bxt2JF9A9hF9BHa0pGdoWM4vKQWg3p2KgmZ58ckBBADCjtXMpv+zxlzzgE3 Qhl0Eal8blMPymECdkUAzSKZVmxDUYzQuBHql079UJQJsnOq+Mk3wANsrazX6FHF7C2k nYBg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=subject:to:message-id:from:date; bh=g3zLYH4xKxcPrHOD18z9YfpQcnk/GaJedfustWU5uGs=; b=YxxdpYMPG/GWtkqztwbHHI8T3Joli6if1Y3/jl5tNxTYtu1571oCEk/UhhUuqjOwtA cGN8+H/y4wEAnpuAioqhYeMCp8RbxXLCE2MVnYyGY/GUkz8PvFxV+1zcelW+xRQwdj+A +aFjWnZP9xmH1UThe6FDnUVdPu1txs2fgE6Euu2NFPJuyGovD0zwL2+xFqnNZXE4QBrb 5KTkNx9h5Q7cu+XUiQeVFYJjico6P87UPUJXoVYrAVxwF6CtLKPgzn1I8iaIySiJF+xl FlXQD+8OIcQhkVka6/xQMZNEfyYZiI+CanAKzR3vyYyvUbdWapWD4+DiSyw0iygn3tEs 7AUQ== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of webmas...@cryptearth.de designates 91.121.4.115 as permitted sender) smtp.mailfrom=webmas...@cryptearth.de // google main mail server receives mail from James on my root and checks SPF Return-Path: <webmas...@cryptearth.de> Received: from cryptearth.de (cryptearth.de. [91.121.4.115]) by mx.google.com with ESMTPS id s84si2873797wmf.151.2019.07.09.12.23.30 for <cryptea...@gmail.com> (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 09 Jul 2019 12:23:31 -0700 (PDT) Received-SPF: pass (google.com: domain of webmas...@cryptearth.de designates 91.121.4.115 as permitted sender) client-ip=91.121.4.115; Authentication-Results: mx.google.com; spf=pass (google.com: domain of webmas...@cryptearth.de designates 91.121.4.115 as permitted sender) smtp.mailfrom=webmas...@cryptearth.de // james getting mail forwarded from sendmail nullclient Received: from localhost (EHLO root1.cryptearth.de) ([127.0.0.1]) by root1 (JAMES SMTP Server ) with ESMTP ID -1249001323 for <cryptea...@googlemail.com>; Tue, 09 Jul 2019 21:23:30 +0200 (CEST) // sendmail Received: (from wwwrun@localhost) by root1.cryptearth.de (8.15.2/8.15.2/Submit) id x69JNUWS017954; Tue, 9 Jul 2019 21:23:30 +0200 // mail header generated by php mail() Date: Tue, 9 Jul 2019 21:23:30 +0200 From: webmas...@cryptearth.de Message-Id: <201907091923.x69jnuws017...@root1.cryptearth.de> To: cryptea...@googlemail.com Subject: test test // EOF So, to get mail received by google without spam flag, all I had to do is to setup my DNS records correctly - the only config I did in James is to enable StartTLS on remoteDelievery - but this isn't needed. Matt Am 09.07.2019 um 21:04 schrieb Jason Tjankilisan: > Hiya Tellier, > > So lately I’ve tried some things to apply DKIM and I finally making some > progress. > > First of all I apologize for the confusion, mainly because I still trying to > figure things out how everything works (James , Mailet and Matcher and etc). > > I just discovered that you just need to download the zip files from : > https://james.apache.org/download.cgi#Apache_jDKIM and then extract the jar > file inside the lib directory to james/lib to use ConvertTo7Bit and DKIMSign > class. So that;s one problem solved. > > Im guessing that since the tutorial ( > https://james.apache.org/jdkim/mailets/index.html ) said that you must > convert it to 7 bit and sign the DKIM right before the mail is sended, I need > to find which mailet has the function to send the mail to put the DKIM and > 7Bit Mailet before that sending mailet. To my surprise when you explain a bit > about the matcher, I didn’t know that matcher has anything to do with the > DKIM, so definitely gonna try to mess and read it when I had the time. > (After checking out the thread, I found this > https://www.mail-archive.com/server-user@james.apache.org/msg11597.html to > help me understand where to put it) > > What I try for the mailet last time is putting these lines after the > “RemoteDelivery” class mailet in processor state = “transport”, I will try to > put it before the “RemoteDelivery” and post the result in reply. > > <mailet match="All" class="org.apache.james.jdkim.mailets.ConvertTo7Bit"> > </mailet> > > <mailet match="All" class="org.apache.james.jdkim.mailets.DKIMSign"> > <signatureTemplate>v=1; s=selector; d=pc.107.jp; > h=from:to:subject:received; a=rsa-sha256; bh=; b=; </signatureTemplate> > <privateKey> > -----BEGIN RSA PRIVATE KEY----- > [Private Key Here in PEM Format] > -----END RSA PRIVATE KEY----- > </privateKey> > <privateKeyPassword> > testpassword > </privateKeyPassword> > </mailet> > > But when I try to run it, it produces some error Saying the cannot create the > RSA Private key because bad decryption password : > https://www.dropbox.com/s/b3gnc3894zn57fb/JamesError-CannotCreateRSAKey.txt?dl=0 > > I created the private key using Letsencrypt and the file type is pem. I copy > paste the content into the <privateKey> just as the tutorial did, but maybe > something wrong with my private key (I think? It works for my SMTP and IMAP > server so I doubt that) can you/anyone tell me what causing this error? > > Just a little more and I’ll be able to implement DKIM and SPF to my mail so > finally google don’t take it as spam. > > Last time I try to build with the mvn clean install ( Following this > https://nozaki.me/roller/kyle/entry/configuring-james-to-sign-dkim ), the > james-jdkim yield a lot of error since I never used maven myself, so I guess > im gonna skip that one and try it some other time. > > Lastly, thank you for the help and response, it give me some answer to the > problem I had right now, I will probably reply to my own mail if I did found > the solution or someone else. > > Again, thank you for the help and sorry for any wrong word. > > Sincerely, Jason > > Sent from Mail for Windows 10 > > From: Tellier Benoit > Sent: 09 July 2019 21:54 > To: server-user@james.apache.org > Subject: Re: Applying JDKIM and SPF to the Mailets > > Hi Jason, > > I will try to answer your questions: > > 1. I don't really understand the question. > > You can use matcher to apply actions to emails matching certain > conditions. For instance, upon signing a mail for DKIM, you want to sign > it when the sender is local and authenticated, just before > RemoteDelivery. Combining `SenderIsLocal` with `SmtpAuthSuccessFull` and > the like will do the trick - while all incoming traffic from a non > trusted source needs to be DKIM validated. Again playing with matchers > within mailetcontainer.xml will be needed to do what you want. > > 2. I don't know the state of the DKIM status in JAMES Spring packaging. > Probably not working (version clashes). > > No additional jar is required with Guice packaging. > > 3. What makes you believe this? > > 4. mvn clean install + look in target directories > > Hope it helps. > > Benoit > > On 08/07/2019 05:30, Jason Tjankilisan wrote: >> Hi, >> >> Sorry for the frequent asking but I just hit dead end with the DKIM config. >> https://james.apache.org/jdkim/mailets/index.html -> so I just read this as >> my tutorial guidelines to apply DKIM to my mail. From what I understand, >> that the mail needed to be converted to 7 bit before being Sign by DKIM and >> the DKIM mailet has to be the last one. I guess I need to do DKIM so my mail >> has less chance of getting into SPAM + request. >> >> So I downloaded the James JDKIM from this one : >> https://github.com/apache/james-jdkim >> And take the DKIMSign.java and ConvertTo7Bit.java and my >> CustomMeiletTest.java (I need to use ANT cause request) and build those 3 >> using ANT so they become 1 jar file. But as expected, the file wont compile >> because some missing files from james/lib (probably didn’t have JDKIM >> Library from the start) >> >> So I download the library from here : >> https://james.apache.org/download.cgi#Apache_jDKIM and I extract the >> apache-jdkim-library-0.2.jar and apache-jdkim-mailets-0.2.jar from the /lib >> and put it on james/lib/ and try to compile it. But it still missing some >> library. >> I also downloaded this jar files http://www.badpenguin.co.uk/dkim/ and put >> it on james/lib and nothing works also. >> >> For the SPF I there;s already one inside james/lib folder named : >> apache-jspf-resolver-1.0.1.jar so I guess I don’t need to find for SPF >> library and just use it in the mailetcontainer.xml as you mentioned it in >> the last mail (haven’t tried since it since I didn’t found anything related >> how to use the SPF, but will search more) >> >> So my question is : >> 1. How do I know what is the sending mailet and receiveing mailet? So I can >> put the DKIMSign Mailet before the sending mailet. (Im guessing the >> 2. From the https://james.apache.org/download.cgi#Apache_jDKIM, should I >> also put the Javadoc, source sources also in james/lib? >> 3. Am I adding the wrong library or misunderstood the procedure of adding >> DKIM and SPF mailets? I really need to know this so I can document this and >> make a tutorial full from setting apache James to adding DKIM and SPF. >> 4. Should I really needed the https://github.com/apache/james-jdkim ? all of >> it was a java files, and I don’t know how to turn all of them into 1 jar so >> I can use as library I think? >> >> Im sorry for the lack of understanding and any wrong work, I hope it wasn’t >> too much. >> >> thank you for the help. >> >> Sincerely, Jason >> >> Sent from Mail for Windows 10 >> >> > --------------------------------------------------------------------- > To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org > For additional commands, e-mail: server-user-h...@james.apache.org > > > > > --- > This email has been checked for viruses by AVG. > https://www.avg.com --------------------------------------------------------------------- To unsubscribe, e-mail: server-user-unsubscr...@james.apache.org For additional commands, e-mail: server-user-h...@james.apache.org