Summary
I have a Mattermost server which needs to send emails out to users when they sign up, etc. These emails are failing DKIM checks and showing up in users' Gmail as spam.
Observed behavior
I have DKIM, SPF and DMARC set up on my mail server. I send email via Gmail using SMTP and these emails pass all checks. When Mattermost sends emails through the same server by SMTP, emails pass SPF but fail DKIM with this message from Gmail:
dkim=fail header.i=@example.com header.s=default header.b=YXmrE5yx;
Sending email to dkimvalidator.com results in this message for DKIM:
Validating Signature
result = fail
Details: message has been altered
Expected behavior
I am expecting the emails from Mattermost to pass DKIM since they’re under a domain which I thought I'd allowed in my DKIM record.
Steps to reproduce
Mattermost Version: 5.19.1
Database Schema Version: 5.19.0
Database: mysql
My Mattermost instance is running on an AWS EC2 instance with an elastic IP, but I've got it set use a subdomain, chat.example.com. This is working for users.
The SMTP settings in Mattermost are:
SMTP Server: example.com
SMTP Server Port: 465
Enable SMTP Authentication: true
SMTP Server Username: chat@example.com
Connection Security: TLS
Skip Server Certificate Verification: false
Enable Security Alerts: true
These settings are working in the sense that email is successfully sending; it's just going into spam for Gmail.
My DKIM record is:
v=DKIM1; k=rsa; c=relaxed/relaxed; d=example.com; p=[DKIM-key redacted]
My SPF record is:
v=spf1 +mx +a +ipx:xxx:xxx:xx +include:google.com +include:mailgun.org +include:[IP of the EC2 instance] ~all
I’m a bit lost on next steps for how to troubleshoot this further; would appreciate your thoughts!
