GroupWise relay outbound

So I have an idea. Before trying it I thought I would ask if others have tried it or something like it. I have several Synology Nas products. I was wondering if anyone tried using Synology MailPlus Server with the Groupwise GWIA relaying to the Mailplus Server for outbound and inbound?  The MailPlus server allows implementing DKIM. Groupwise does not. Since I already own the MailPlus app, it would be a free DKIM addon solution.

Anyone tried this? Seems like you would just set the GWIA to relay through the MailPlus like you would any secure messaging device.

Thanks

  • Verified Answer

    That should be fine, most of us use firewalls with appropriate MTA for processing inbound and outbound smtp with the required DKIM, or a cloud scanning relay server.

    I think the days of gwia being connected direct to internet have passed, any mail server should have a bouncer standing in front of it these days.

  • I need to get DKIM implemented as well.  Currently, all of my inbound messages are scanned through ProofPoint before they hit my GWIA and I had been sending outbound messages to the world directly from my GWIA.  Proofpoint will also provide DKIM for me at no cost, so I am planning to route my outbound messages through them. 

    So, to do this, on the Groupwise end, all I need to do is put the Proofpoint relay address in the "Relay Host for Outbound Messages" line under the GWIA settings?

  • It is possible that will work. But, equally possible it will not. I use a postfix setup with opendkim as an outbound relay only, and inserting the address to it in the "relay host for outbound messages" works great. But for proofpoint see help.proofpoint.com/Proofpoint_Essentials/Email_Security/Administrator_Topics/000_gettingstarted/Enabling_outbound_relay_feature

    If your plan does not work, you may have to tinker with gwia.cfg and gwauth.cfg.  If proofpoint demand that you AUTH to their server, which I believe they do, then insert --forceoutboundauth in gwia.cfg, and in the gwauth.cfg file put domain_name authuser authpassword. For example: smtp.novell.com remotehost novell. See SMTP/MIME Switches - GroupWise Administration Guide (novell.com) Also see https://support.microfocus.com/kb/doc.php?id=3755267

    This entire dkim being absent from gwia needs to be fixed asap. I started a request for this improvement and it has 13 votes, so find it an up the votes please. With today's requirements for dkim for over messages over 5000 a day it is needed. But that requirement will only tighten in the future. I have wasted so much trial and error time to get my setup to work it is ridiculous. Though my setup works, I could never easily recreate it. Only outbound. Mostly try this, doesn't work, then try that. Should not be this hard. Groupwise does wonderfully with gwweb and docker. Also wonderful job tightening up SSL, Should be able to implement dkim very simply. I know proofpoint wants to make a buck, and secure messaging is an option and earns money, but basic requirements to safely send and receive are important to meet.

  • Yeah...I did see that and upvoted it. GWIA should natively support it, but have been told there are no plans for that