[pfx] Re: 25 years today
+1 thank you. I have enjoyed Postfix for all these years & paid zero for it. Seems wrong somehow, but I am very grateful. - Marc On 15/12/2023 12:20 am, Wietse Venema via Postfix-users wrote: As a few on this list may recall, it is 25 years ago today that the "IBM secure mailer" had its public beta release. This was accompanied by a nice article in the New York Times business section. There is some literature at https://www.postfix.org/press.html that attests how this project accelerated open-source adoption by a very large company. At the time there were several efforts by people inside IBM to do open-source projects, but it was the NY Times article that brought open source on the radar of the CEO. He then tasked people to come up with an open-source strategy for IBM. As for the name Postfix, my colleagues and I had come up with multiple names that were rejected each time (I still have some Internet domains names from that time). We decided that this was not going to work, released it as "IBM secure mailer", and then, after IBM was no longer in control, changed the name to Postfix. That was a long time ago. Postfix has evolved as the Internet has changed. I am continuing the overhaul of this software, motivated by people like you on this mailing list. Wietse ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: mask "mail from: " for Microsoft
On 15/09/2023 1:38 am, Wietse Venema via Postfix-users wrote: Marc Lucke via Postfix-users: On 15/09/2023 12:08 am, Wietse Venema via Postfix-users wrote: Marc Lucke via Postfix-users: re: https://techcommunity.microsoft.com/t5/exchange-team-blog/updated-requirements-for-smtp-relay-through-exchange-online/ba-p/3851357 That text is about relaying email: you originate a message, and use Postfix to ask a Microsoft email service to deliver that message to some recipient on the Internet. As documented at the link that you cite, Microsoft requires that the SMTP client is authorized to use the MAIL FROM domain. Let's say I send an email. I use: > mail from: and in the data (body) > From: Professional Legit Person That appears to be a different use case: you are not originating a message for some recipient on the Internet, instead you appear to be using Postfix to forward a message from the Internet to a Microsoft email service. For this, your best bet is to forward the message as an attachment, instead of inline. That is, create a new email message, from your email address, and attach the forwarded message as message/rfc822. I do this sporadically, using the 'forward' feature of a mail reader program. If you want to do this in some automated manner, perhaps Bill Cole has some tooling suggestions. Wietse Thanks Wietse. Not my use case. It's a simple store & forward MTA & the senders will always be local & authorized - that's already taken care of. You need to prove that to a remote SMTP server (e.g., Microsoft) with DMARC, DKIM, SPF, and so on. I literally would like to know how to make it so that whatever the "mail from: " that was used is none of Microsoft's, or anyone else's, business, & if that's possible. But I'm also annoyed that I have to. You would have to invent time traval and go back 20 years, when email receivers were more liberal in what MAIL FROM address they accepted. Wietse ah - the good 'ol days when I was a kid running an ISP (the tech stuff). Kind of makes me nostalgic for sendmail. dmarc, dkim, spf - yes, I get it - I was wondering if someone would pick up on that. All email flowing through my postfix is legitimate and valid as if it was a client, just a huge job with a risk of missing important instances to identify where P1 != P2 (as Microsloth call it). At least (I think), I'm not missing any obvious config option :) Thanks anyhow. ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: mask "mail from: " for Microsoft
On 15/09/2023 12:08 am, Wietse Venema via Postfix-users wrote: Marc Lucke via Postfix-users: re: https://techcommunity.microsoft.com/t5/exchange-team-blog/updated-requirements-for-smtp-relay-through-exchange-online/ba-p/3851357 That text is about relaying email: you originate a message, and use Postfix to ask a Microsoft email service to deliver that message to some recipient on the Internet. As documented at the link that you cite, Microsoft requires that the SMTP client is authorized to use the MAIL FROM domain. Let's say I send an email. I use: > mail from: and in the data (body) > From: Professional Legit Person That appears to be a different use case: you are not originating a message for some recipient on the Internet, instead you appear to be using Postfix to forward a message from the Internet to a Microsoft email service. For this, your best bet is to forward the message as an attachment, instead of inline. That is, create a new email message, from your email address, and attach the forwarded message as message/rfc822. I do this sporadically, using the 'forward' feature of a mail reader program. If you want to do this in some automated manner, perhaps Bill Cole has some tooling suggestions. Wietse Thanks Wietse. Not my use case. It's a simple store & forward MTA & the senders will always be local & authorized - that's already taken care of. I literally would like to know how to make it so that whatever the "mail from: " that was used is none of Microsoft's, or anyone else's, business, & if that's possible. But I'm also annoyed that I have to. ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] mask "mail from: " for Microsoft
re: https://techcommunity.microsoft.com/t5/exchange-team-blog/updated-requirements-for-smtp-relay-through-exchange-online/ba-p/3851357 Let's say I send an email. I use: > mail from: and in the data (body) > From: Professional Legit Person Looking at headers from Microsoft, they track 2 fields: smtp.mailfrom and header.from From what I can work out, they'll start to say that if smtp.mailfrom != header.from (in my example, spammer.com != innocent.pizza), Microsoft will bounce the email - even if authenticated etc. They seem very happy to spend our time, huh? (unless I have something wrong) I can & do use generic sender address masking successfully. In fact, in the above example, in reality, "innocent.pizza" is actually the hostname in most cases. generic is the wrong solution to my issue. Also masquerading won't work, because I can't guarantee who the "mail from: " that postfix includes will be. I don't agree with Microsoft's action here, & think many use cases would be broken if everyone did this, such as my forward from yahoo, & maybe mailing lists. My question is this: is there a way to hide the "mail from: " value from Microsoft & instead use the generic mapped sender instead? In my example, Microsoft would only ever see "innocent.pizza" and never "spammer.com" as if I'd originally done this instead, when I did not: > mail from: Sorry for the wordy question & feel free to just point me to what I should read if you know rather than explain. ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org