1

Topic: php mail() issue

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version: 1.0
- Deployed with iRedMail Easy or the downloadable installer? Installer
- Linux/BSD distribution name and version: Debian 10 Buster
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Apache
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Problem:
Hosting several pages on apache web server with php-cgi and suexec/FastCGI
So every page runs under its own user.

If i use mail() function with php, it is possible to use any sender address, regardless if the domain is hosted, or if an corresponding mail account exists.

Example mail header:

Return-Path: <user1001@myhostname>
Delivered-To: mailbox@example.de
Received: from myhostname (localhost [127.0.0.1])
    by myhostname (Postfix) with ESMTP id 47wNzc0HdHz60CD
    for <amailbox@example.de>; Sun, 12 Jan 2020 05:29:48 +0100 (CET)
X-Virus-Scanned: Debian amavisd-new at myhostname
Received: from myhostname ([127.0.0.1])
    by myhostnamet (myhostname [127.0.0.1]) (amavisd-new, port 10024)
    with ESMTP id xAmX9qdoVW-t for <mailbox@example.de>;
    Sun, 12 Jan 2020 05:29:47 +0100 (CET)
Received: by myhostname (Postfix, from userid 1001)
    id 47wNzb5QrTz60CB; Sun, 12 Jan 2020 05:29:47 +0100 (CET)

The Return-Path shows the username from userid1001, which is the first hop:
Received: by myhostname (Postfix, from userid 1001)

How can i do the following:
- check if domain name is allowed for specific userid, if not discard (maybe with a database backend?)
- pipe the mail trough amavis so it gets DKIM signed
- remove or alter the return path

A domain lookup table for allowed sender domains trough local users would be a very nice addition, though

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: php mail() issue

The simplest and best solution is sending email with the php smtp library with smtp authentication.

3

Re: php mail() issue

Always useing SMTP auth is for sure the best solution, but preventing the use of mail() and thus forceing users to modify their code so it uses an smtp auth is not my desired solution here

4

Re: php mail() issue

currently, postfix seems to act like an open relay for all local users, and does not pipe outgoing mails trough amavis, nor do any authentication

5

Re: php mail() issue

Cthulhu wrote:

Always useing SMTP auth is for sure the best solution, but preventing the use of mail() and thus forceing users to modify their code so it uses an smtp auth is not my desired solution here

Enabling SMTP auth fixes all your issues.

Cthulhu wrote:

How can i do the following:
- check if domain name is allowed for specific userid, if not discard (maybe with a database backend?)
- pipe the mail trough amavis so it gets DKIM signed
- remove or alter the return path

- "check if domain name is allowed", you need to modify your code to query SQL db ("vmail.domain" and "vmail.alias_domain"). I suppose enabling smtp auth is simpler than achieving this?
- "pipe the mail through amavisd", you can enable the content filter for transport "pickup" in /etc/postfix/master.cf like this:

pickup ...
    -o content_filter=smtp-amavis:[127.0.0.1]:10026

- "remove or alter the return path", this could be fixed in the generated mail header.

6

Re: php mail() issue

Cthulhu wrote:

currently, postfix seems to act like an open relay for all local users, and does not pipe outgoing mails trough amavis, nor do any authentication

local users are allowed to submit email by default, this is not open rely. You can list allowed ones in postfix "authorized_submit_users":
http://www.postfix.org/postconf.5.html# … bmit_users

For the "nor do any authentication" part, please use smtp auth.

7

Re: php mail() issue

useing authorized_submit_users with an SQL lookup seems the way to go then, even if it is the hardest way to implement.
together with

pickup ...
    -o content_filter=smtp-amavis:[127.0.0.1]:10026

i could archive to pipe it to another amavis port for modified polices.

This will be not so easy to archive, but i will try and write a guide if it works.

I understand that iRedMail is designed to work as a pure mail server, but if you plan to combine it with webhosting, there is currently no implementation to maintain delivery by local users trough sendmail.

An very easy first implementation would be to create a lookup map, and just whitelist everything, then nothing changes, but makes it easy to modify it by just altering the database.