Well, I'm giving up on the DKIM certificate stuff. I disable the opendkim service. I read somewhere where Google likes to see 1024 bit DKIM keys, rather than 2048, so I tried creating new ones and implementing them, but when I tried to test the keys, opendkim was saying they couldn't be found. I then removed the new ones and used the original ones, but opendkim was still telling me those couldn't be found. I tried removing the original ones (that previously passed the tests) and recreating them, but the same thing. If I left it this way, it made it so mail wasn't sending. When I looked in my maillog, it flagged an issue with the dkim, so I just disabled it. The maillog was saying:
I did get Google support to respond to a ticket. They're suggesting things I've already tried. One of them was to put MX records in my DNS settings that point to the G Suite mail servers. I had already done that in my Clear Center account, but after you made me aware of an issue with that (I wasn't receiving emails using Kopano), I removed those MX records. I don't know how using G Suite MX records would work anyway, since my COS box uses my ClearCenter domain of renncoautomation.us. It's not a Google domain.
I might put the MX records back now, since I really don't use the incoming mail server on my COS box, but doing that in the past didn't keep 'sent mail' out of the gmail recipient's spam folder.
Hey Nick, thanks for sticking with me. I added a dkim key for lgechurch.email like you said. That all went fine. The only thing I wasn't sure of was what domain to use in the Key Table for lgechurch.email, so it looks like:
Should it be more like:
My original Key Table script entry for renncoautomation.us is:
My Signing Table script entries for both looks like:
Then I have two dkim TXT entries in my Clear Center DNS records. One for 202002._domainkey.renncoautomation.us and the other for 202003._domainkey.renncoautomation.us, the latter since lgechurch.email is merely a virtual website on my ClearOS server, not my primary Clear Center domain of renncoautomation.us. Clear Center will only allow you to choose the domains hosted by them when configuring your DNS records. The data is the generated key in the 202002.txt and 202003.txt files respectively. I entered these same dkim TXT records in my Google Domain, using 202002._domainkey.renncoautomation.us and 202003._domainkey.renncoautomation.us respectively, for the names of the TXT records.
Looking at you and your church's DNS set up, You won't receive e-mails back as they will end up at Google as they are set up as your primary mail servers.
I had forgotten during all my experimenting that I had used Google's servers in my Clear Center MX records for renncoautomation.us. I removed those and added server.renncoautomation.us instead. Then I tested that by using Kopano to send an email to email@example.com. I received a reply promptly. Nothing stood out to me in the email body as being a problem.
I then tried sending another email from the church Joomla site and it still got thrown in the spam folder in my gmail. I feel like I'm getting closer. I wish I could talk to Google on the phone or at the least, send their support team an email and get some specific guidance. I am hosting two domains for our church with them. Here's the header of the latest spammed email:
Hey Nick, thanks for the reply.
Well, I have a ClearOS server at work I use for a utility server only. This is domain renncoautomation.us. I run a bare bones website on it to share videos and allow file transfers. This is through a Joomla website in my webroot (i.e. /var/www/html). That seems to have always worked when sending and receiving emails, although the only emailing really is what is sent from the Joomla website I created. I have a Kopano server and SMTP server running on it, but again, I really don't do any emailing. I was using the Kopano webapp to send the test email to firstname.lastname@example.org.
I then have a virtual website (in /var/www/virtual/livinggraceevangelical.church/html) where I have a Joomla website for our church. In the backend administrator configuration of this Joomla site, I have in the Joomla mail settings email@example.com as the 'from' and 'reply to' email addresses when Joomla sends out emails. The two domains used for the church are hosted through Google. The renncoautomation.us domain is hosted through Clear Center.
I have been making some DNS settings in Clear Center, but most of them are in Google Domains for the two church domains. I have placed a TXT entry for the DKIM key in both hosts' DNS records. In Google I use YYYYMM._domainkey.renncoautomation.us and in Clear Center I use just YYYYMM_domainkey for the name entry. I would think, since the emails are being sent from the Joomla site on the virtual website (i.e. /var/www/virtual/livinggraceevangelical.church/html), through my renncautomation.us smtp server, that this would be doing the signing, especially since I just installed and configured OpenDKIM on my ClearOS server.
This is all mostly Greek to me, so it's become a real stumbling block to making our church's website as effective as I want.
Result of the netstat command after I entered the line you recommended in my /etc/dnsmasq.conf file:
I entered the line at the end of the file. I first included the hashtag mark at the end of the line, like you depicted. There were no other lines that included 'local'. Even so, I still have the same error, popping up when using the dig -t command, but with an added error message:
. I then included the port number 53 after the hashtag and got this error message:
. Then I removed the number 53 and the hashtag. Success!
. Still no response when sending the email firstname.lastname@example.org though.
Any rate, any sent mail using email@example.com as the reply to and from email address winds up in my Google spam folder still. What a pain in the butt.
So, I followed this link to setup opendkim on my clearos server and generate a key. At one point it says to
Test your DNS record and signing: dig -t any YYYYMM._domainkey.mydomain.com, to which I did. I get a response back saying,
communications error to 127.0.0.1#53: end of file. I have no idea what that means. Everything else seemed to go OK, although I have to receive an email back after sending a test mail to firstname.lastname@example.org.
Do I need to include the dkim key in my Google Domain DNS settings as a TXT file?
Hey Nick, One domain hosted through Clear Center, renncoautomation.us. This is my primary domain and website. Two domains hosted through Google Domains, livinggraceevangelical.church and lgechurch.email. The first is for a website for our church. The second is for email for our church. All DNS and email for the Google Domains is handled through Google settings. Livinggraceevangelical.church is a virtual website on my clearos. In my Joomla configuration in the backend, I have email@example.com configured as the reply to and from email addresses, so that people see that email address when the church's Joomla site sends out notices to people. I'm testing it all now, sending them to my work gmail. It's always marking them as SPAM in the header.
Here's the header:
So, I am not having any luck with this. I really need this to work. I'm at a loss and Google doesn't provide any tech support numbers or email addresses that I can see. There were SPF and TXT records in my Google Domain DNS Synthetic records, so I had to remove them from there and add them to the custom resource records. This way I could edit them and add to them, to include my clearos domain and static IP address in both the SPF record and the TXT record. I created a PTR record pointing to my ISP, e.g. uvs.toldoh.sbcglobal.net. I left Google's TXT record for their DKIM for my Google domain in the Synthetic Records.
Does anyone know if installing OpenDKIM on my clearos server, creating a DKIM key for, I'm assuming postfix, will attach that to all outgoing mail (sent via PHP Mail from my Joomla virtual site on my clearos server)? Such that I would need to add a TXT in my Google Domain DNS Custom Records that would include the DKIM key from my clearos server?
Thanks for your insight, Nick. I added to the spf record to include: the primary domain of my COS box and even the virtual site's domain, since it is a valid domain. I'll give it 48 hours (Google recommendation) to see if it propagates and prevents the marking of spam in the email headers.
Some more in depth information: My domain is registered through Google Domains. It's for our church. I have setup a virtual site on my COS web server for the domain, since it's a different domain than the primary domain of my COS server. I have a CNAME record for it in my Clear Center account's DNS records, so my Google domain name is a subdomain on my COS server. I also have an A record for it in my Google Domains DNS records that points the domain to my COS server's IP address, which is a static IP through sbcglobal. I can access the website just fine. I don't use the SMTP server on my COS box since I'm not using it as a mail server. The virtual site is a Joomla website and it uses the PHP mailer in Joomla. I have Joomla extensions that send notices to registered users on the website. It sends mail just fine, but mail is marked as spam in Google. I can't have this or my users won't get the notifications I'm sending them.
Based on your advice, I've setup an SPF record in my Google domain DNS settings and also in my Clear Center account. The Google domain DNS setting looks like:
@ for the name, SPF for the type, 1h for the TTL, and "v=spf1 a ip4:18.104.22.168 ~all" for the data.
The DNS record in my Clear Center account looks like: the church's domain for the subdomain, the primary domain of my COS box for the domain, and then "v=spf1 a ip4:22.214.171.124 ~all" for the data.
I did a reverse lookup on my static IP (using mxtoolbox.com) and it shows my static ip.uvs.toldoh.sbcglobal.net. It's also not blacklisted. I do get an SMTP banner mismatch, I think because of this, when using mstoolbox.com to test the email server (i.e. my COS SMTP server). I would suspect most people have this issue since they're not their own ISP. Joomla is configured to use the PHP mailer rather than the SMTP server, so I don't know if this is an issue.
Hey Guys, Any suggestions on how I can prevent email that’s being scheduled and sent through my web server from being marked as spam? I’ve been testing the script and while it sends to my gmail account, it shows up in the spam folder. I’ve got a LetsEncrypt certificate for the site, but it still shows up in the spam folder of my gmail. The domain is a legitimate domain through Google, but of course the site is on my COS PC at my business. You can visit the site without it showing up as being untrusted. Thanks for any insight you can give me.