Re: AW: Send email to one @domain.com via authenticated relay?
> "Joachim" == Joachim Lindenberg writes: > UCEProtect are gangsters, even the founder admits: > https://uceprotect.wtf/. You don´t want to do anything about it, > except you are located in Europe and can complain to their customers > and authorities violating GDPR. Yup, I wish I could do something about them since they are doing a disservice, but it's charter.net in the US who are really to blame here for blocking my IP by being lazy. This is why I hate the US telecoms market in alot of ways... > -Ursprüngliche Nachricht- > Von: owner-postfix-us...@postfix.org Im > Auftrag von John Stoffel > Gesendet: Freitag, 2. Dezember 2022 17:37 > An: Postfix users > Betreff: Send email to one @domain.com via authenticated relay? > Hi all, > I run my own domain @stoffel.org and I'm trying to fix a problem sending > email to @charter.net users, since Spectrum has blocked my Linode's ASN > number completely. My IP passes all the RBL blacklists their first line > support suggested I check, but I find my IP for mail.stoffel.org in the > UCEPROTECT-3 spam list. Nothing I can do about it. Running postfix 3.5.13 > Since I'm also a charter customer for my internet, I've got an email account > with them, so I'd like to just route all email for @charter.net addresses > through their transport. > Everything else should just route naturally to where ever the MX > record points. > My host also has dovecot for local virtual users, with postscreen and > spamassasin setup as well. > I tried setting up /etc/postfix/transport_maps like this: >charter.net [mobile.charter.net]:587 > But it started routing all my outgoing email through them, which isn't going > to work. So I'm missing something here. Do I need to setup a seperate > instance for sending email to @charter.net through an authenticated > connection? > I though about using relay_domains = charter.net, but I certainly don't want > anyone to be able to use my host to try and spam that domain. I really just > want SASL authenticated clients who send email from my stoffel.org domain to > be routed (and possibly have the from: > header re-written and a reply-to: header added) through an authenticated path > into charter.net. > I know this should be possible, just not finding the setting in my personal > mail archive of the list, or in google-foo. > $ postconf -nf > alias_database = hash:/etc/aliases > alias_maps = hash:/etc/aliases > append_dot_mydomain = no > biff = no > compatibility_level = 3.5 > disable_vrfy_command = yes > html_directory = /usr/share/doc/postfix/html > inet_interfaces = all > inet_protocols = ipv4 > local_recipient_maps = $virtual_mailbox_maps > message_size_limit = 5500 > milter_connect_macros = i j {daemon_name} v {if_name} _ > milter_default_action = accept > milter_mail_macros = i {mail_addr} {client_addr} {client_name} {auth_authen} > milter_protocol = 6 > mydestination = localhost > myhostname = mail.stoffel.org > mynetworks_style = host > myorigin = $myhostname > non_smtpd_milters = inet:127.0.0.1:8891 > postscreen_access_list = permit_mynetworks > postscreen_greet_action = enforce > readme_directory = /usr/share/doc/postfix > recipient_delimiter = + > sender_bcc_maps = hash:/etc/postfix/sender_bcc > smtp_sasl_password_maps = hash /etc/postfix/saslpass > smtp_tls_loglevel = 1 > smtp_tls_security_level = may > smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache > smtp_tls_wrappermode = yes > smtpd_banner = $myhostname ESMTP $mail_name > smtpd_client_restrictions = permit_mynetworks, reject_rbl_client > zen.spamhaus.org > smtpd_milters = inet:127.0.0.1:8891 > smtpd_recipient_restrictions = permit_mynetworks, > permit_sasl_authenticated, > reject_unauth_destination, check_sender_access > hash:/etc/postfix/local_domains > smtpd_tls_auth_only = yes > smtpd_tls_cert_file = /etc/letsencrypt/live/mail.stoffel.org/fullchain.pem > smtpd_tls_key_file = /etc/letsencrypt/live/mail.stoffel.org/privkey.pem > smtpd_tls_loglevel = 1 > smtpd_tls_received_header = yes > smtpd_tls_session_cache_database = > btree:${data_directory}/smtpd_scache > smtpd_use_tls = yes > spamass-dovecot_destination_recipient_limit = 1 > transport_maps = hash:/etc/postfix/transport_maps > virtual_alias_maps = hash:/etc/postfix/virtual-alias-maps > virtual_mailbox_domains = stoffel.org play.stoffel.org mail.stoffel.org > virtual_mailbox_maps = sqlite:/etc/postfix/virtual_users.cf > virtual_transport = spamass-dovecot > = > $ postconf -Mf > smtp inet n - n - 1 postscreen > smtpd pass - - n - - smtpd > dnsblogunix - - n - 0 dnsblog > tlsproxy unix - - n - 0 tlsproxy > sub
AW: Send email to one @domain.com via authenticated relay?
UCEProtect are gangsters, even the founder admits: https://uceprotect.wtf/. You don´t want to do anything about it, except you are located in Europe and can complain to their customers and authorities violating GDPR. Greetings, Joachim -Ursprüngliche Nachricht- Von: owner-postfix-us...@postfix.org Im Auftrag von John Stoffel Gesendet: Freitag, 2. Dezember 2022 17:37 An: Postfix users Betreff: Send email to one @domain.com via authenticated relay? Hi all, I run my own domain @stoffel.org and I'm trying to fix a problem sending email to @charter.net users, since Spectrum has blocked my Linode's ASN number completely. My IP passes all the RBL blacklists their first line support suggested I check, but I find my IP for mail.stoffel.org in the UCEPROTECT-3 spam list. Nothing I can do about it. Running postfix 3.5.13 Since I'm also a charter customer for my internet, I've got an email account with them, so I'd like to just route all email for @charter.net addresses through their transport. Everything else should just route naturally to where ever the MX record points. My host also has dovecot for local virtual users, with postscreen and spamassasin setup as well. I tried setting up /etc/postfix/transport_maps like this: charter.net [mobile.charter.net]:587 But it started routing all my outgoing email through them, which isn't going to work. So I'm missing something here. Do I need to setup a seperate instance for sending email to @charter.net through an authenticated connection? I though about using relay_domains = charter.net, but I certainly don't want anyone to be able to use my host to try and spam that domain. I really just want SASL authenticated clients who send email from my stoffel.org domain to be routed (and possibly have the from: header re-written and a reply-to: header added) through an authenticated path into charter.net. I know this should be possible, just not finding the setting in my personal mail archive of the list, or in google-foo. $ postconf -nf alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases append_dot_mydomain = no biff = no compatibility_level = 3.5 disable_vrfy_command = yes html_directory = /usr/share/doc/postfix/html inet_interfaces = all inet_protocols = ipv4 local_recipient_maps = $virtual_mailbox_maps message_size_limit = 5500 milter_connect_macros = i j {daemon_name} v {if_name} _ milter_default_action = accept milter_mail_macros = i {mail_addr} {client_addr} {client_name} {auth_authen} milter_protocol = 6 mydestination = localhost myhostname = mail.stoffel.org mynetworks_style = host myorigin = $myhostname non_smtpd_milters = inet:127.0.0.1:8891 postscreen_access_list = permit_mynetworks postscreen_greet_action = enforce readme_directory = /usr/share/doc/postfix recipient_delimiter = + sender_bcc_maps = hash:/etc/postfix/sender_bcc smtp_sasl_password_maps = hash /etc/postfix/saslpass smtp_tls_loglevel = 1 smtp_tls_security_level = may smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtp_tls_wrappermode = yes smtpd_banner = $myhostname ESMTP $mail_name smtpd_client_restrictions = permit_mynetworks, reject_rbl_client zen.spamhaus.org smtpd_milters = inet:127.0.0.1:8891 smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_sender_access hash:/etc/postfix/local_domains smtpd_tls_auth_only = yes smtpd_tls_cert_file = /etc/letsencrypt/live/mail.stoffel.org/fullchain.pem smtpd_tls_key_file = /etc/letsencrypt/live/mail.stoffel.org/privkey.pem smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache smtpd_use_tls = yes spamass-dovecot_destination_recipient_limit = 1 transport_maps = hash:/etc/postfix/transport_maps virtual_alias_maps = hash:/etc/postfix/virtual-alias-maps virtual_mailbox_domains = stoffel.org play.stoffel.org mail.stoffel.org virtual_mailbox_maps = sqlite:/etc/postfix/virtual_users.cf virtual_transport = spamass-dovecot = $ postconf -Mf smtp inet n - n - 1 postscreen smtpd pass - - n - - smtpd dnsblogunix - - n - 0 dnsblog tlsproxy unix - - n - 0 tlsproxy submission inet n - y - - smtpd -o syslog_name=postfix/submission -o smtpd_tls_security_level=encrypt -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject -o smtpd_sasl_type=dovecot -o smtpd_sasl_path=private/auth -o smtpd_sasl_security_options=noanonymous -o header_checks=regexp:/etc/postfix/header_checks -o smtpd_recipient_restrict