1 (edited by camel1cz 2013-05-31 19:29:26)

Topic: Forward of emails and SPF

==== Required information ====
- iRedMail version: 0.8.4
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): PgSQL
- Linux/BSD distribution name and version: Debian7/Wheezy
- Related log if you're reporting an issue:
====

Hi Zhang,

I run into an issue with forwarding emails. Can you please advice?

Situation:
External user user@1.example.com sends email to my iRedMail user internal@2.example.com.
The email gets delivered correctly into local mailbox (according to alias.goto attribute in DB). But I have in the goto another recipient (copy of all emails) to external address forward@3.example.com - the email is redirected, but with original sender in body of email (this is fine) but also in SMTP header "MAIL FROM" (this is not good). The targer mailserver reject the email saying my iRedMail is not authorized to send emails in behalf of user@1.example.com

In short, original sender has SPF records set for his domain and the recipient of the forwarded email is checking SPF and doesn't allow me to do it...

Do you have any solution? e.g. rewrite the MAIL FROM to the original recipient (internal@2.example.com in example above)? Something like SRS does?

2

Re: Forward of emails and SPF

This is exactly what SRS does. Try searching SRS implementation for Postfix with Google.

3

Re: Forward of emails and SPF

Do you have any more specific instructions? I don't like the global SRS at all, it makes a lot of headache - I would be happy with changing the "MAIL FROM" to the original_recipient. (the user with forwarding takes over the email when it is forwarded and will possibly receive also the bouce message / it's correct in this scenario)

I just need to put my custom code somewhere in the chain of postfix resending the original email to the alias.goto

Can you help me how to achieve this or point me in the right direction?

Thank you!

4

Re: Forward of emails and SPF

As solution I decided to modify the dovecot-sieve to send from recipient address when doing REDIRECT command... in MUA it would be wrong, but if my user decides to forward his email, it should be sent with envelope MAIL FROM of this user not the original sender. Possible errors/bouces should be delivered to the original  recipient and not to confuse sender.

If anyone is interested in this, AND KNOWS WHAT IS DOING, here is the quick HOWTO:

1) download sources of dovecot-core

apt-get source dovecot-core

2) modify the sources:
Look for the file pigeonhole/src/lib-sieve/cmd-redirect.c and go to the line around 338

smtp_handle = sieve_smtp_open(senv, ctx->to_address, sender, &f);

and change it to:

smtp_handle = sieve_smtp_open(senv, ctx->to_address, recipient, &f);

3) rebuild the package:

debina/rules binary

4) update the files:
get the dovecot sieve library with the above modification:

pigeonhole/src/lib-sieve/.libs/libdovecot-sieve.so.0.0.0

and copy it to your iRedMail server as:

/usr/lib/dovecot/libdovecot-sieve.so.0.0.0

5) restart dovecot service

service dovecot restart

6) put package owning the file on hold:

echo "dovecot-sieve hold" | dpkg --set-selections

Note: the package will not update automatically! You need to redo this change everytime the package gets updated!

Now, when your user sets redirection in the roundcube sieve rules, all emails are resend as if they would be send from your user...