Hi,

One of the domains hosted on our iRed Mail Server also runs an online store, which has the ability to send emails.   I've already sorted out the DNS / SPF record to allow this to work, so all good there.

However, the issue arrises when they try to send an email to a domain which is also on our mail server  (eg. themselves or me).  In this case, our mail server is rejecting the emails:

| <username@domain.nz>: host mx01.domain.nz[ip.address] said: 554 5.7.1
|    <username@domain.nz>: Recipient address rejected: SMTP AUTH is required for
|    users under this sender domain (in reply to RCPT TO command)

This is backed up by the mail logs on our server:

| mail postfix/smtpd[683]: connect from smtp2.shopify.com[104.196.182.217]
| mail postfix/smtpd[683]: NOQUEUE: reject: RCPT from smtp2.shopify.com[104.196.182.217]: 554 5.7.1
| <username@domain.nz>: Recipient address rejected: SMTP AUTH is required for users under this sender
| domain; from=<info@domain.nz> to=<username@domain.nz> proto=ESMTP helo=<smtp2.shopify.com>
| mail postfix/smtpd[683]: disconnect from smtp2.shopify.com[104.196.182.217] ehlo=2 starttls=1 mail=1
| rcpt=0/1 data=0/1 rset=1 quit=1 commands=6/8

What is the safest / best way to allow the shopify mail servers to be able to send emails to users on our mail server, where the 'from' domain is also on our server.

I'm thinking I need to get the list of IP addresses for their mail servers and whitelist them on our mail server so they don't need to authenticate  (but not open up relaying in the process).

thanks
Kent

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version: iRedMail 0.9.9,  AdminPro: 3.9
- Deployed with: Downloadable installer
- Linux/BSD distribution name and version: Debian 10
- Store mail accounts in which backend: MySQL
- Web server: Apache
- Manage mail accounts with iRedAdmin-Pro: Yes
====