Closed nlewo closed 6 years ago
r-raymond
commented
6 years ago Hi niewo, thanks for using SNM!
I don't mind simply patching this to relaxed if there are no objections. Btw, do you need relaxed for both the body and the header? If I had to guess I'd think header should be enough. What is your setup and to which mail testers are you writing?
nlewo
commented
6 years ago relaxed canonicalization is only required on the header. My configuration is
mailserver = {
debug = true;
enable = true;
fqdn = "abes.fr";
domains = [ "abes.fr" ];
# DNS configuration is failing
# See https://github.com/r-raymond/nixos-mailserver/issues/108
localDnsResolver = false;
# To generate the password mkpasswd -m sha-512
loginAccounts = {
"lewo@abes.fr" = {
hashedPassword = "$6$gjsfhDV5z$Ej.seJ0RbIvJgyy14q11xpYNvxISI.QQf43s26ewblLHD3Kcx5Ws3ykzJjyCTQyVqQodPPaaFvamapLuf/";
aliases = [
"antoi@abes.fr"
];
};
};
# Enable IMAP and POP3
enableImap = true;
enableImapSsl = true;
# Enable the ManageSieve protocol
enableManageSieve = true;
};
tokudan
commented
6 years ago @nlewo You might want to replace your email addresses and password with placeholders in this issue. That configuration contains everything needed to try to log into your account, apart from the password. And since you provided the hash, it's actually possible to try to crack the hash locally at a couple of million attempts per seconds.
nlewo
commented
6 years ago @tokudan Thanks, but the hash is not the good one:/
I'm using SNM 1dd394e63fa15d200faf83988f8fb5f9a54c04c5 with nixos 17.09. The DKIM signature validation is failing on several mail testers. But with a
relaxedcanonicalization, DKIM signature are valid:I don't know why it is failing with the
simplecanonicalization, so I don't know how to fix it :/ Any idea why I'm getting this problem?Otherwise, do you think we could add an option to be able to choose between
simpleandrelaxedcanonicalization. Or maybe, could we used therelaxedcanonicalization by default?