On 14/09/2020 14:31, IL Ka wrote:
Hello.
I have postfix running on linux box.
I setup OpenDKIM with both smtpd and non_smtp milters.
I also set my address in DNS as permitted IP for SPF.
So far, so good.
But I want all my mail to be forwarded to gmail.
Some user sends me email from user@some_sender_domain.
If I use .forward or alias, then postfix doesn't change "From" header,
so gmail believes email was sent from @some_sender_domain.
This domain doesn't have my box IP as permitted in DNS, so SPF failed.
I can change header using headers_check. But then DKIM signature
would be broken because some_sender_domain signed email and I changed it.
It seems that I need to:
* Change headers
* Sign email with my DKIM
* Forward it to gmail
But milters are not applied on forwarded emails because they aren't
locally generated (or I failed to configure it correctly?)
I can fix it using custom script that reads my local email
and sends it to gmail.
But how can I do that with postfix?
The short answer is that SPF failures do not normally matter when
forwarding to gmail. They only matter if sender uses DMARC with p=reject
*and* has not signed their email with DKIM, which is a poor and rare
practice (though not forbidden). (Forwarding to gmail should not break
the original sender's DKIM signature.)