XF 2.3 Emails won't send

My Dime Is Up

My Dime Is Up

Member
Users have been reporting they aren't getting their OTP emails. After some DNS changes, the mail does send but will now always go to the spam folder. Using online email analyzers, it said that a DKIM record is invalid or not added at all, even though it is. I generated a DKIM in the email options of the Admin CP of XenForo and added it to our Cloudflare DNS records, and online DKIM checker tools say that "xenforo._domainkey" does return a valid DKIM, however when it comes to sending a test email, the DKIM signature is incorrect for some reason.

Here are the headers from the test email sent.
Code: 
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=neutral (body hash did not verify) header.i=@{XXXXX}.com header.s=xenforo header.b=fXj91kqT;
       spf=pass (google.com: domain of admin@{XXXXX}.com designates {IP ADDY} as permitted sender) smtp.mailfrom=admin@{XXXXX}.com;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from={XXXXX}.com
1753246991867.webp
1753247021872.webp
1753247072539.webp
 
Last edited:
Sort by date Sort by votes
I am experiencing the same issue. The DKIM is set up correctly, but the email headers show 'dkim=neutral (body hash did not verify)'. The privateKey option value is set to false in the xf_option table. Not sure how to change it (and to what?). Any suggestions?
 
Upvote 0 Downvote
enivid said:
I am experiencing the same issue. The DKIM is set up correctly, but the email headers show 'dkim=neutral (body hash did not verify)'. The privateKey option value is set to false in the xf_option table. Not sure how to change it (and to what?). Any suggestions?
Click to expand...
I'm leaning towards calling this a bug, but I bet it's not very visible to most people who had this set successfully prior to an upgrade. The way I understand this function is that it's supposed to set the private key for you once you set it through the ACP email settings. All you should have to do is enable DKIM in XF, setup the relative DNS records and that should be it.

@Kirby I saw you report DKIM issues in the past, do you have a current setup to [help] validate what seems to be going on here?
 
Upvote 0 Downvote
We don't use XenForo DKIM as that is somewhat inflexible (see my bug reports) and was insanely slow (in 2.2 at least).

Looking at the code it seems to me that DKIM signing is completely broken in XF 2.3 due to changes how email sending is implemented.

I'd recommend to setup DKIM signing at MTA level if possible and only use XenForo as last resort, the attached patch IMHO should fix DKIM signing in XenForo 2.3
 

Attachments

Upvote 0 Downvote
Kirby said:
We don't use XenForo DKIM as that is somewhat inflexible (see my bug reports) and was insanely slow (in 2.2 at least).

Looking at the code it seems to me that DKIM signing is completely broken in XF 2.3 due to changes how email sending is implemented.

I'd recommend to setup DKIM signing at MTA level if possible and only use XenForo as last resort, the attached patch IMHO should fix DKIM signing in XenForo 2.3
Click to expand...
Thank you! These changes solved the issue.
 
Upvote 0 Downvote
You must log in or register to reply here.

Similar threads

DarkGizmo
  • Question Question
XF 2.3 Forum won't send emails.....gives server error.
Replies
2
Views
62
DarkGizmo
DarkGizmo
O
  • Question Question
XF 2.3 Emails not being sent wrong openSSL version
Replies
10
Views
79
Onlyme
O
nakedzombo
  • Question Question
XF 2.3 Please help: Emails will not send (Fresh Install)
Replies
0
Views
34
nakedzombo
nakedzombo
M
  • Suggestion Suggestion
The ACP is too obscure. Example: the Test Outbound Email page should link to the page where you can send a formatted email to test branding, logo, etc
Replies
0
Views
53
MaximilianKohler
M
themago
  • Question Question
XF 2.2 Send welcome DM, but don't send welcome email, but send emails for other DMs
Replies
0
Views
22
themago
themago
Back
Top Bottom