2

When redirected, received email from my server preserves the original "From: " address, which isn't favorable since that address may (and usually do) have SPF protected domain, among other reasons.

This looks like:

  • a mail is sent from forexampleaddr@gmail.com to email address name@domain.tld hosted at my server,

  • a mail is delivered to name@domain.tld

  • a mail is forwarded to othername@otherdomain.tld. otherdomain.tld rejects the email since my server isn't eligible to send @gmail.com emails.

How can I deal with this: can I rewrite "From: " address but only in case when email is redirected and according to some map?

It is a standard Virtualmin email setup with Postfix and /etc/aliases.

virtual_alias_maps = hash:/etc/postfix/virtual
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases

/etc/postfix/virtual

name@domain.tld    name.domain

/etc/aliases

# See man 5 aliases for format
postmaster:    root
clamav: root


name.domain: othername@otherdomain.tld,\name.domain
Miloš Đakonović
  • 682
  • 3
  • 9
  • 28

2 Answers2

3

Preserving the From: is not a problem since SPF checks are not done against the From: header. In fact, it is a great idea not to touch the From: header since emails from @gmail.com usually have this From: header signed with DKIM.

You need to rewrite the envelope sender, which you may see in the email headers as Return-Path:. This answer provides one possible solution to your problem. To quote it here:

I fixed this with postsrsd by following this guide: https://www.mind-it.info/forward-postfix-spf-srs/

In short:

Download and compile the software

cd ~
wget https://github.com/roehling/postsrsd/archive/master.zip
unzip master
cd postsrsd-master/
make
sudo make install

Add postfix configuration parameters for postsrsd

sudo postconf -e "sender_canonical_maps = tcp:127.0.0.1:10001"
sudo postconf -e "sender_canonical_classes = envelope_sender"
sudo postconf -e "recipient_canonical_maps = tcp:127.0.0.1:10002"
sudo postconf -e "recipient_canonical_classes = envelope_recipient"

Add SRS daemon to startup

sudo chkconfig postsrsd on
# Start SRS daemon
sudo service postsrsd restart
#Reload postfix
sudo service postfix reload
chutz
  • 7,888
  • 1
  • 29
  • 59
  • Thanks for answer, ↑ vote so far. Definitely not happy because of need for 3rd party daemon to perform what I thought it's natural for Postfix to have a built-in way. – Miloš Đakonović Mar 27 '21 at 16:36
0

I needed to rewrite from address from an external mailservice, as I would then redirect it to gmail. I had found that canonical has helped me do that.

/etc/postfix/sender_canonical has a list of mappings of external addresses to internal addresses. This will make the relayed email appear to be sent from my domain and match the pointer record lookup of my mailserver-IP

http://postfix.cs.utah.edu/ADDRESS_REWRITING_README.html#canonical
009
  • 1
  • 2
  • Your answer could be improved with additional supporting information. Please [edit] to add further details, such as citations or documentation, so that others can confirm that your answer is correct. You can find more information on how to write good answers [in the help center](/help/how-to-answer). – Community Nov 08 '22 at 16:26