Koozali.org: home of the SME Server

Email setup, DKIM, Certs Etc.

Offline Drifting

  • ****
  • 431
  • +0/-0
Email setup, DKIM, Certs Etc.
« on: January 04, 2024, 01:18:05 PM »
Happy New Year to you all.
Need some advice. I retired last year due to my failing eyesight. I have now been asked to setup and SME for a close friends small business. Now this is from memory, but there was an awful lot of faffing involved with DKIM, Certs, and keeping Google and Microsoft happy with DNS entries, so they would not bounce email.
Obviously I am now out of my depth. But wonder is there a document I can follow to set these up? As from what I have managed to glean, the info is mostly in Forums (Could be wrong, can't read for long)
Other than that is there someone that is willing to help on a generous beer token, or if preferred commercial basis?

Kindest Regards
Infamy, Infamy, they all have it in for me!

Offline ReetP

  • *
  • 3,804
  • +5/-0
Re: Email setup, DKIM, Certs Etc.
« Reply #1 on: January 04, 2024, 03:51:26 PM »
The basics are here:


But there is a bit of faff for sure. I actually use authsmtp (no relationship) for outgoing mail as it is plain easier!

Contact me in Rocket if you want a hand - happy to help.
1. Read the Manual
2. Read the Wiki
3. Don't ask for support on Unsupported versions of software
4. I have a job, wife, and kids and do this in my spare time. If you want something fixed, please help.

Bugs are easier than you think: http://wiki.contribs.org/Bugzilla_Help

If you love SME and don't want to lose it, join in: http://wiki.contribs.org/Koozali_Foundation

Offline Jean-Philippe Pialasse

  • *
  • 2,818
  • +11/-0
  • aka Unnilennium
    • http://smeserver.pialasse.com
Re: Email setup, DKIM, Certs Etc.
« Reply #2 on: January 04, 2024, 07:39:39 PM »
will try to draft a dedicated DNS page in the week end as the dns setting part of sending email
is fringe to setting a SME but also an essential part. 

you might at least find some info there:
- https://wiki.koozali.org/Autodiscover#DNS_SRV_Record_alternate_method and following DNS related menus
- https://wiki.koozali.org/Email#DKIM_Setup_-_qpsmtpd_version_.3E.3D_0.96

basically you should at least have right A, MX, dkim, spf and dmarc.
you should also set your reverse dns if possible to your server name. if not possible you are probably on dynamic IP list and it WILL create issue in sending emails as you WILL be tagged as untrusted from major operator even if your ISP does not block your from sending. 

DNS and file for MTA-STS and TLS-RPT and BMI could be an extra.  but most will stop before paying the annual 1500$ to get a certificate (VMC) to allow to display your logo in mails. 

Offline mmccarn

  • *
  • 2,638
  • +10/-0
Re: Email setup, DKIM, Certs Etc.
« Reply #3 on: January 05, 2024, 01:23:10 PM »
Google has a site to let you check your domain against their requirements:

...and... if the domain will be sending more than 5000 messages per day there are some extra requirements:

This page appears (after a very quick glance) to cover everything I am aware of (not SME-Specific):

My home emails are now handled by Apple using a vanity domain.

My work emails are handled by Microsoft - we were required by our cyber insurance provider to certify that all cloud and email systems require multi factor authentication...

Offline Drifting

  • ****
  • 431
  • +0/-0
Re: Email setup, DKIM, Certs Etc.
« Reply #4 on: January 08, 2024, 12:30:43 PM »
Fantastic response guys, thank you so much.

Will have a read through what I can, and see if I can understand any of it ;-)

Kindest regards

Infamy, Infamy, they all have it in for me!