First, I'm going to publicly thank the ongoing efforts of Michael and
everyone associated with keeping BlueOnyx alive and the awesome
community it is. My journey with BlueOnyx started when I was working at
Sun, and they handed out a bunch of the Cobalt Qube's to engineers. The
design and management was really just what I wanted for my home, and I
jumped in fully, getting my own domain, running my own email server,
etc., etc.
Fast forward to now 20+ years later, and still with the same ISP
(Charter -> Spectrum). I'd been happily using their SMTP relay with no
issues for all that time. Pointed Sendmail at it as a smart relay and
things just worked. Until yesterday, when Spectrum finally tracked down
the last open relay from the legacy RoadRunner / TWC portion of their
network, and no longer allowed it to forward emails.
I'd paid attention to the thread in late May, where Michael outlined how
to configure Postfix for authenticated email relay. I kept those
messages in my local archive of "this may come in handy" postings. So
when emails started failing to deliver yesterday afternoon, I first
panicked, and then set about the task of find a way to get things
working again. Keep in mind, I run email for my household of 4.
My first attempt was simply to configure Postfix, set up the
authentication per the steps that Michael had so accurately outlined and
figured I'd be done in time for a late dinner. That was not to be the
case. Emails wouldn't deliver, and debugging the process wasn't
terribly straightforward, as the failure reason wasn't making it into
the logs. So I set up an instance of Thunderbird to mimic the process,
and turned on debugging there. This showed that Spectrum would accept my
authentication, but would only accept emails with a FROM address that
matched the authentication used. Well, that's not going to work... I
figured trying to reason with Spectrum was going to be an effort in
futility, so I started looking for other alternatives.
Now, it should be pointed out that I'm not the only person that's facing
a similar problem. I found a thread on Spectrum's own discussion
community where several others were facing the exact same problem, and
weren't happy about the total apathy that Spectrum was showing. I
contemplated for a brief moment if their Business solution would make
any of this easier, but I didn't really want to rely on that, so I dove
into looking for email relay services.
I found many, but narrowed it down to three: smtp2go.com, mailtrap.io,
and dnsexit.com. Based on longevity, website information, and
implementation guides available, I decided I'd start with smpt2go and
see how painful the process would be, but I needed 6 hours of sleep
first. This morning, I signed up, and put in the mandatory entries in
my DNS records...and waited....until it finally propagated far enough
that smtp2go would let me proceed. I then created a domain
userid/password, and added it to the sasl_passwd file, and updated my
relay host, following the steps Michael had already posted. This
process was absolutely simple!
Having done that, outbound email was once again happy (inbound was NEVER
impacted!), as evidenced by my ability to now post this to the list.
The only odd things that I've currently noticed, I believe, are part of
the switch to Postfix from Sendmail (yes, long overdue but if it ain't
broke, don't fix it!). My hostname, for some reason, changed from
mail.foo.bar to just mail. No idea why. Doesn't seem to impact
anything, yet. I'm hoping it won't wreak havoc on any of my
Let'sEncrypt certificates, etc. The other oddity is that I had an entry
in /etc/aliases to send a copy of emails that came in to a specific
inbox to two recipients. For some reason, I'm now getting TWO copies of
those emails, but the other user is only getting a single copy. If I
can sort out these two issues, I'll be thrilled, but they don't seem to
be hugely impacting, yet.
The fix wasn't hugely difficult, just time consuming. Hopefully this
will continue to work, and not having the dependency on my ISP is,
honestly, a relief. I get the security side of things, and why Spectrum
changed their relays (they weren't completely open before, as if you
weren't part of their network block they'd not let you relay), but the
lack of notice and a reasonable way of being able to allow access for
those that need it was frustrating.
Thanks for reading, and hope maybe there's a tidbit in here for someone.
-- Chad
_______________________________________________
Blueonyx mailing list
Blueonyx@mail.blueonyx.it
http://mail.blueonyx.it/mailman/listinfo/blueonyx
