search

jeboehm / docker-mailserver

Docker Mailserver based on the famous ISPMail guide
MIT License
368 stars 97 forks source link

Gmail shows email is unencrypted #90

Closed vassad closed 4 years ago

vassad commented 4 years ago

Describe the bug I use custom let's encrypt certificates, and email sending/receiving is working ok, but: Gmail shows the email is "not encrypted by the domain", while being sent by docker-mailserver with SMTP server by 587 port with STARTTLS enabled.

To Reproduce Steps to reproduce the behavior: install docker-mailserver, setup everything, send email to Gmail account via Thunderbird (SMTP server is automatically configured to 587 port and STARTTLS enabled).

Expected behavior To be secured (STARTTLS, 587 port)

Screenshots изображение symbol is shown near the email sender in Gmail Mail interface

Docker environment (please complete the following information):

Server: Containers: 6 Running: 6 Paused: 0 Stopped: 0 Images: 61 Server Version: 19.03.8 Storage Driver: overlay2 Backing Filesystem: Supports d_type: true Native Overlay Diff: true Logging Driver: json-file Cgroup Driver: cgroupfs Plugins: Volume: local Network: bridge host ipvlan macvlan null overlay Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog Swarm: inactive Runtimes: runc Default Runtime: runc Init Binary: docker-init containerd version: runc version: init version: Security Options: apparmor seccomp Profile: default Kernel Version: 5.4.0-33-generic Operating System: Ubuntu 20.04 LTS OSType: linux Architecture: x86_64 CPUs: 1 Total Memory: 478MiB Name: intensive-similaun ID: 7ZWG:EDHX:EY3B:KIAL:O3JG:CWUM:JNRW:CYGA:Z7MH:ZILK:BQXS:JNPY Docker Root Dir: /var/lib/docker Debug Mode: false Registry: https://index.docker.io/v1/ Labels: Experimental: false Insecure Registries: 127.0.0.0/8 Live Restore Enabled: false

WARNING: No swap limit support

 - Output of ```docker-compose version```

docker-compose version 1.25.0, build unknown docker-py version: 4.1.0 CPython version: 3.8.2 OpenSSL version: OpenSSL 1.1.1f 31 Mar 2020


**Additional context**
Email being sent from one account of docker-mailserver to another shows below code in "Received" field:

Received: from mail.**** (docker-mailserver_mda_1.docker-mailserver_default [172.18.0.7]) by mail.**** (Postfix) with ESMTP id D557C200E72 for user@********; Tue, 2 Jun 2020 20:08:35 +0000 (UTC)

And email sent from gmail account:

Received: from mail-yb1-f169.google.com (mail-yb1-f169.google.com [209.85.219.169]) by mail.**** (Postfix) with ESMTPS id 871F5200C2A

jeboehm commented 4 years ago

I'm wondering why I never saw this. SMTPd -> SMTP Encryption is now activated. You should have a gray lock icon when you have updated to the latest image version. Please note that this has nothing to do with Thunderbird settings, because the server to server communication wasn't secured - this is what the icon shows.

https://support.google.com/mail/answer/6330403?hl=en

Thanks for reporting the issue!

vassad commented 4 years ago

@jeboehm Thanks very much! I will try as soon as possible and feedback. Thank you for the really nice and complete mail server with a beautiful, laconic and easy web interfaces :)

vassad commented 4 years ago

@jeboehm Hey! Sorry for long time, got to it only now. Just tried to update the image - stopped and removed all the docker-container_* containers, git pulled the master, ran bin/production.sh pull and bin/production.sh up -d and again able to send e-mail, but still red "unsecured" lock in Gmail. Perhaps the image has to be updated another way? All the database with admin/user email accounts was not removed, may be the image is still old?

vassad commented 4 years ago

Managed to test it finally - everything works ok 👍 Updated the docker image like this:

# stopping all the mail containers
sudo docker container stop docker-mailserver_filter_1
sudo docker container stop docker-mailserver_web_1
sudo docker container stop docker-mailserver_mda_1
sudo docker container stop docker-mailserver_mta_1
sudo docker container stop docker-mailserver_db_1
sudo docker container stop docker-mailserver_virus_1

# removing all the mail containers
sudo docker container rm docker-mailserver_filter_1
sudo docker container rm docker-mailserver_web_1
sudo docker container rm docker-mailserver_mda_1
sudo docker container rm docker-mailserver_mta_1
sudo docker container rm docker-mailserver_db_1
sudo docker container rm docker-mailserver_virus_1

# updating the mta image:
sudo docker pull jeboehm/mailserver-mta:latest

# rebuilding all
sudo bin/production.sh pull
sudo bin/production.sh up -d
jeboehm commented 4 years ago

Yeah, nice!