I am using Plesk (Onyx) in combination with external DNS. I configured mail and everything seems to be ok, but I am not sure if my mail configuration is correct, because sometimes a DMARC-report states, that a SPF / DKIM verification did not pass.
My configs:
DNS-Records for domain - mydomain.com AND mail.mydomain.com (created the same dns entries twice, for mydomain.com and subdomain mail.mydomain.com, except MX-entry, which is only configured for mydomain.com):
Reverse DNS:
123.456.1.1 -> mail.mydomain.com
MX: mail.mydomain.com
SPF:
v=spf1 +a +mx -all
_dmarc:
v=DMARC1; p=none; pct=100; rua=mailto:mailerror@mydomain.com; ruf=mailto:mailerror@mydomain.com; fo=1; adkim=s; aspf=r
domainkey:
o=-
default._domainkey:
v=DKIM1; p=SIGNATUREHERE;
PLESK/Server related:
- Hostname:
zeus.mydomain.com
- Mailname:
mail.mydomain.com
Mail-headers of test mail:
Delivered-To: test-email@gmail.com
Received: by 10.31.48.86 with SMTP id w83csp1454833vkw;
Fri, 6 Oct 2017 01:39:44 -0700 (PDT)
X-Google-Smtp-Source: AOwi7QAKFeawe3fGhxawUkAdVvaqjrBGMTZvJ466CoQNxwFGRk6xInOapHBRt14rI+zpCQmcl4z4
X-Received: by 10.223.184.246 with SMTP id c51mr1352887wrg.250.1507279184077;
Fri, 06 Oct 2017 01:39:44 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1507279184; cv=none;
d=google.com; s=arc-20160816;
b=SignatureHERE
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
h=content-transfer-encoding:mime-version:subject:to:from:date
:dkim-signature:message-id:arc-authentication-results;
bh=4lLj3bndoJBX1fsz99dGcUZLZyWwVlQLXwB3uGl3sKs=;
b=SignatureHERE
ARC-Authentication-Results: i=1; mx.google.com;
dkim=pass header.i=@mydomain.com header.s=default header.b=RUVEDlBN;
spf=pass (google.com: domain of info@mydomain.com designates 123.456.1.1 as permitted sender) smtp.mailfrom=info@mydomain.com;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=mydomain.com
Return-Path: <info@mydomain.com>
Received: from mail.mydomain.com (mail.mydomain.com. [123.456.1.1])
by mx.google.com with ESMTPS id k10si874730wrg.550.2017.10.06.01.39.43
for <test-email@gmail.com>
(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
Fri, 06 Oct 2017 01:39:44 -0700 (PDT)
Received-SPF: pass (google.com: domain of info@mydomain.com designates 123.456.1.1 as permitted sender) client-ip=123.456.1.1;
Authentication-Results: mx.google.com;
dkim=pass header.i=@mydomain.com header.s=default header.b=RUVEDlBN;
spf=pass (google.com: domain of info@mydomain.com designates 123.456.1.1 as permitted sender) smtp.mailfrom=info@mydomain.com;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=mydomain.com
Message-Id: <59d74150.0ac7df0a.a9cd2.2856SMTPIN_ADDED_MISSING@mx.google.com>
Received: from mydomain.com (unknown [188.93.221.133]) by mail.mydomain.com (Postfix) with ESMTPSA id 6821B3C00CF for <test-email@gmail.com>; Fri,
6 Oct 2017 10:39:43 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=mydomain.com; s=default; t=1507279183; bh=4lLj3bndoJBX1fsz99dGcUZLZyWwVlQLXwB3uGl3sKs=; l=26539; h=From:To:Subject; b=RUVEDlBNkO7PgHEEmuAlCSgG+batl5Ple/8O94GKLu7StZJLLa01k4rbjlnKX+3R9
mWt8+kOAPthM6lro4Z23B7LMk2ueWDpkFJZX3zRnOUC9E7LiIIQXNz83s8N640T6e7
7a4nFVAWgS9bIu/+TyyInPHOsnbe0/IKZKAyJw9k=
Authentication-Results: zeus.mydomain.com;
spf=pass (sender IP is 188.93.221.133) smtp.mailfrom=info@mydomain.com smtp.helo=mydomain.com
Received-SPF: pass (zeus.mydomain.com: connection is authenticated)
Date: Fri, 06 Oct 2017 10:39:43 +0200
From: MyDomain <info@mydomain.com>
To: test-email@gmail.com
Subject: mydomain.com: Test Subject
MIME-Version: 1.0
Content-Type: text/html; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
What do I have to change, if I want to use f. e. "info@mydomain.com" as from-address/sender address? Do I need to change the mailname to"mydomain.com"? Can I safely delete DNS entries for mail.mydomain.com, if I change mailname to "mydomain.com"? Is there a way to configure the mailname in PLESK/make sure PLESK does not overwrite it, if a new update/upgrade is made?
EDIT: Test of unlocktheinbox: https://www.unlocktheinbox.com/mail-tester/9YBYhi8wpqo=/