Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 26 subscribers
  • Views 1802 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

DKIM in SOphos XG v18

Madni Malik

Hi,
i have XG210 with V18 MR4. it is configured in MTA mode. when i am sending email to gmail then gmail returns below message:
"Remote Server returned '<gmail-smtp-in.l.google.com #5.0.0 smtp; 550-5.7.26 This message does not have authentication information or fails to 550-5.7.26 pass authentication checks. To best protect our users from spam, the 550-5.7.26 message has been blocked. Please visit 550-5.7.26 support.google.com/.../81126 for more 550 5.7.26 information. p5si8001652wrr.336 - gsmtp>'"

how can i get rid of it?? do i need to enable DKIM on firewall?? how can i do that? it is asking for domain name, key selector and RSA key. where can i get key selector and RSA KEY???

please advise .



This thread was automatically locked due to age.
Parents
  • FormerMember
    0 FormerMember

    Hey Malik, The error you get can be referenced with DMARC.

    DMARC works in combination with SPF and DKIM. You're using in MTA mode and DKIM can be configured.

    You can refer to Add a DKIM signature.

    • Key selector: This is used to identify the outbound mails from the server (e.g : localmailserver)
    • Private RSA Key: This is where you put the private key from the public-private key-pair

    To generate a public-private key pair you can use Puttygen or any other tool that you see fit.

Reply
  • FormerMember
    0 FormerMember

    Hey Malik, The error you get can be referenced with DMARC.

    DMARC works in combination with SPF and DKIM. You're using in MTA mode and DKIM can be configured.

    You can refer to Add a DKIM signature.

    • Key selector: This is used to identify the outbound mails from the server (e.g : localmailserver)
    • Private RSA Key: This is where you put the private key from the public-private key-pair

    To generate a public-private key pair you can use Puttygen or any other tool that you see fit.

Children
  • 0 in reply to FormerMember

    thank you. i have enabled it on sophos XG and also make a DNS entry in public DNS server. but when i see the header in gmail it is showing email is not DKIM singed. how can i rectify this?

  • FormerMember
    0 FormerMember in reply to Madni Malik

    Alright, If the settings are applied it should work. Although, there are some DKIM improvements in 18.0.5 MR-5 but in your case DKIM is not getting signed at all as per you. 

    No worries, drop me a PM with your domain name and a sample mail that got delivered to Gmail (or the mail header) so that I can verify further :)