docker-mailserver: bug report: SPF Fail - Not authorized in Outlook sending to DMS
๐ Preliminary Checks
- I tried searching for an existing issue and followed the debugging docs advice, but still need assistance.
๐ What Happened?
Although everything works fine on GMail, Proton and Thunderbird (to use to send from my custom email)
I could only send to outlook.com but could not receive, it would return
Recipient address rejected: Message rejected due to: SPF fail - not authorized. (550 5.7.23)
nor does it allow me to sign in with outlook IMAP
I do not know why this doesnโt work, something to do with Microsoft. Iโve searched all over the place and couldnโt find an answer.
๐ Reproduction Steps
No response
๐ DMS Version
v12.1.0
๐ป Operating System and Architecture
Ubuntu 22.04.3 LTS
โ๏ธ Container configuration files
version: "3"
services:
mailserver:
image: ghcr.io/docker-mailserver/docker-mailserver:latest
container_name: mailserver
# Provide the FQDN of your mail server here (Your DNS MX record should point to this value)
hostname: mail.kirakitsune.com
env_file: mailserver.env
environment:
# Set SSL certificate type.
- SSL_TYPE=letsencrypt
# More information about the mail-server ports:
# https://docker-mailserver.github.io/docker-mailserver/latest/config/security/understanding-the-ports/
# To avoid conflicts with yaml base-60 float, DO NOT remove the quotation marks.
ports:
- "25:25" # SMTP (explicit TLS => STARTTLS, Authentication is DISABLED => use port 465/587 instead)
- "143:143" # IMAP4 (explicit TLS => STARTTLS)
- "465:465" # ESMTP (implicit TLS)
- "587:587" # ESMTP (explicit TLS => STARTTLS)
- "993:993" # IMAP4 (implicit TLS)
volumes:
- ./docker-data/dms/mail-data/:/var/mail/
- ./docker-data/dms/mail-state/:/var/mail-state/
- ./docker-data/dms/mail-logs/:/var/log/mail/
- ./docker-data/dms/config/:/tmp/docker-mailserver/
- /etc/localtime:/etc/localtime:ro
- ./docker-data/certbot/certs/:/etc/letsencrypt/:ro
restart: always
stop_grace_period: 1m
# Uncomment if using `ENABLE_FAIL2BAN=1`:
# cap_add:
# - NET_ADMIN
healthcheck:
test: "ss --listening --tcp | grep -P 'LISTEN.+:smtp' || exit 1"
timeout: 3s
retries: 0
๐ Relevant log output
No response
Improvements to this form?
No response
About this issue
- Original URL
- State: closed
- Created 9 months ago
- Reactions: 1
- Comments: 15 (11 by maintainers)
Is outlook.com sending via IPv6 and the others via IPv4?
I have found today the solution alongside my partner (who did most of the work), but as @polarathene mentioned the
policyd-spfwas causing them issues in the past, this was also enabled on my end (which is by default), we disabled that and enabledENABLED_RSPAMD, this did indeed solve the problem, I am surprised this is enabled by default even when the documentation statedand we sadly overlooked this part of the docs when going through it.
Sorry about not replying to all these replies, and coming back to it so late, but I much appreciated all your input.
I acknowledge that removing the AAAA record (so disabling ipv6 the easy way) solved this issue
Iโd perform the following steps:
The fact that you cannot login via IMAP though leads me to believe there may be something more fundamentally wrong. Iโd definitely check the DNS records.
Sorry forgot to answer about aliases, no none was created, simply used
docker exec -ti <CONTAINER NAME> setup email add <NEW ADDRESS>to create the account.I removed this
As Iโve mentioned and to make sure itโs clear
@outlook.com -> @kirakitsune.comSPF Fails@gmail.com, @proton.me, etc. -> @kirakitsune.consuccess@kirakitsune.com -> anything (incl. @outlook.com)success (also all exchange emails after doing more tests give the same results, @hotmail.com, @outlook.com, custom exchange mail, etc.)I mentioned IMAP login with outlook because it failed due to authentication failure but worked fine in thunderbird.
My DNS TXT for spf is
v=spf1 mx -allIโve also tried~allLogs (debug, ip is my home ip hence the censor):
This is what the outlook email says