1

Topic: Online Store allowed to send emails from same domain

Hi,

One of the domains hosted on our iRed Mail Server also runs an online store, which has the ability to send emails.   I've already sorted out the DNS / SPF record to allow this to work, so all good there.

However, the issue arrises when they try to send an email to a domain which is also on our mail server  (eg. themselves or me).  In this case, our mail server is rejecting the emails:

| <username@domain.nz>: host mx01.domain.nz[ip.address] said: 554 5.7.1
|    <username@domain.nz>: Recipient address rejected: SMTP AUTH is required for
|    users under this sender domain (in reply to RCPT TO command)


This is backed up by the mail logs on our server:

| mail postfix/smtpd[683]: connect from smtp2.shopify.com[104.196.182.217]
| mail postfix/smtpd[683]: NOQUEUE: reject: RCPT from smtp2.shopify.com[104.196.182.217]: 554 5.7.1
| <username@domain.nz>: Recipient address rejected: SMTP AUTH is required for users under this sender
| domain; from=<info@domain.nz> to=<username@domain.nz> proto=ESMTP helo=<smtp2.shopify.com>
| mail postfix/smtpd[683]: disconnect from smtp2.shopify.com[104.196.182.217] ehlo=2 starttls=1 mail=1
| rcpt=0/1 data=0/1 rset=1 quit=1 commands=6/8


What is the safest / best way to allow the shopify mail servers to be able to send emails to users on our mail server, where the 'from' domain is also on our server.

I'm thinking I need to get the list of IP addresses for their mail servers and whitelist them on our mail server so they don't need to authenticate  (but not open up relaying in the process).

thanks
Kent




==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version: iRedMail 0.9.9,  AdminPro: 3.9
- Deployed with: Downloadable installer
- Linux/BSD distribution name and version: Debian 10
- Store mail accounts in which backend: MySQL
- Web server: Apache
- Manage mail accounts with iRedAdmin-Pro: Yes
====

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Online Store allowed to send emails from same domain

I found this reference:  https://forum.iredmail.org/topic14387-s … -list.html

I've set up a SPF TXT record on both our public and internal dns servers.  We are running latest version of iRedMail and have checked that the default_settings.py has the setting = TRUE

I can get a list of IP's from the shop's SPF records  (there's about 20+ IPv4 addresses listed).

thanks
Kent.

3

Re: Online Store allowed to send emails from same domain

hi Kent,

Your last reply is not clear to me. Did you solve the issue or not?