0

A rails application is sending an email to postfix for processing with From: do-not-reply@some_domain.top returning an error:

[ActionMailer::MailDeliveryJob] [fa3df6b5-72a4-4a57-a5f8-ef7a98e4d8a9] 
Error performing ActionMailer::MailDeliveryJob (Job ID: fa3df6b5-72a4-4a57-a5f8-ef7a98e4d8a9) 
from GoodJob(default) in 2613.2ms:  
Net::SMTPFatalError (551 5.7.1 Not authorised to send from this header address

Thus /etc/postfix/main.cf needs proper set-up. Presently:

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
append_dot_mydomain = no
readme_directory = no
compatibility_level = 2
   # TLS parameters
smtpd_tls_cert_file=/etc/letsencrypt/live/sandbox.domain.club/fullchain.pem
smtpd_tls_key_file=/etc/letsencrypt/live/sandbox.domain.club/privkey.pem
smtpd_tls_security_level=may

smtp_tls_CApath=/etc/ssl/certs
smtp_tls_security_level=may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache


smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = sandbox.domain.club
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = localhost.$myhostname, localhost, $myhostname

relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all

The plurality of cases complicates the understanding of documentation and/or references.

There are two issues at hand.

  1. there are multiple from issuers with their own domains (all are covered by SPF, DKIM and DMARC)
  2. there are multiple certificates issued across these domains. to be honest, even the existing reference is wrong as letsencrypt went and re-wrote the cert to sandbox.domain.club-0001 but that is easily fixable

How can postfix be configured to use from domains for, say, some_domain.top, sandbox.domain.club, twirlingaround.com ?

*note: a possible avenue indicated here was attempted, however the postfix server would not start because of a previous binding to 127.0.0.1 I surmise this is because of the different setting in main.cf for inet_interfaces.

Jerome
  • 207
  • 1
  • 8

1 Answers1

0

This question had little to do with postfix, as only

masquerade_domains =  some_domain.top sandbox.domain.club twirlingaround.com

was added as a security measure.

The problem was a rails configuration one. The config/environment/[acting_environment].rb file needs to be set as:

  config.action_mailer.delivery_method = :sendmail
  config.action_mailer.smtp_settings = {
    openssl_verify_mode: 'none'
  }
Jerome
  • 207
  • 1
  • 8