1

Topic: Individual User forward to external mail domain issue with SPF

==== Required information ====
- iRedMail version (check /etc/iredmail-release):  v2.2.2
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Web server (Apache or Nginx):Apache
- Linux/BSD distribution name and version: Redhat7
- Related log if you're reporting an issue:
====
Hi,


I set a local user for domain example1.com forward like this below in Redadmin Pro, so far working good. user2@externaldomain.com  can receive mail.

user1@example1.com --mail to-> user2example1.com --forward-to-> user2@externaldomain.com


However, when user2@externaldomain.com replied back to all, the Postfix maillog produced an output below, I extracted some critical part here


Apr  7 17:08:25 mailsvr1 postfix/smtpd[19243]: connect from unknown[10.121.17.3]
...
...
Apr  7 17:08:25 mailsvr1 postfix/cleanup[26730]: 581DB30BB000: info: header Subject: Re: test mail from unknown[10.121.17.3]; from=<user2@externaldomain.com> to=<user2example1.com> proto=ESMTP helo=<mailgate.example1.com>
...
...
Apr  7 17:08:25 mailsvr1 amavis[2296]: (02296-12) Passed CLEAN {RelayedInternal}, MYNETS/MYUSERS LOCAL [10.121.17.3]:17849 [52.133.145.17] <user2@externaldomain.com> -> <user2@externaldomain.com>, Queue-ID: 581DB30BB000, Message-ID: <HK0PR03MB30277E932756A1FEC76343CFE7C30@HK0PR03MB3027.apcprd03.prod.outlook.com>, mail_id: cixz3L_iVBtd, Hits: -, size: 13310, queued_as: 70FEE30BB006, dkim_sd=selector1-seikogroup-onmicrosoft-com:seikogroup.onmicrosoft.com, 91
Apr  7 17:08:25 mailsvr1 amavis[2113]: (02113-13) Passed CLEAN {RelayedInternal}, MYNETS/MYUSERS LOCAL [10.121.17.3]:17849 [52.133.145.17] <user2@externaldomain.com> -> <user1@example1.com>, Queue-ID: 581DB30BB000, Message-ID: <HK0PR03MB30277E932756A1FEC76343CFE7C30@HK0PR03MB3027.apcprd03.prod.outlook.com>, mail_id: xbVxDCYSjJa8, Hits: -, size: 13310, queued_as: 71D6030BB011, dkim_sd=selector1-seikogroup-onmicrosoft-com:seikogroup.onmicrosoft.com, 97 ms
...
...
...
pr  7 17:08:25 mailsvr1 postfix/pipe[29943]: 71D6030BB011: to=<user1@example1.com>, relay=dovecot, delay=0.03, delays=0.01/0/0/0.02, dsn=2.0.0, status=sent (delivered via dovecot service)
Apr  7 17:08:25 mailsvr1 postfix/qmgr[12562]: 71D6030BB011: removed
Apr  7 17:08:26 mailsvr1 postfix/smtp[28428]: 70FEE30BB006: to=<user2@externaldomain.com>, relay=mail-swp1.ddreams.jp[202.19.224.47]:25, delay=1.2, delays=0/0/0.6/0.59, dsn=5.0.0, status=bounced (host mail-swp1.ddreams.jp[202.19.224.47] said: 550 SPF (Sender Policy Framework) failed. (in reply to RCPT TO command))
Apr  7 17:08:26 mailsvr1 postfix/smtp[28428]: 70FEE30BB006: lost connection with mail-swp1.ddreams.jp[202.19.224.47] while sending DATA command
Apr  7 17:08:26 mailsvr1 postfix/bounce[4897]: 70FEE30BB006: sender non-delivery notification: A0BE230A4C5C

Apr  7 17:08:26 mailsvr1 postfix/qmgr[12562]: A0BE230A4C5C: from=<>, size=16082, nrcpt=1 (queue active)
Apr  7 17:08:26 mailsvr1 postfix/qmgr[12562]: 70FEE30BB006: removed
Apr  7 17:08:26 mailsvr1 postfix/pipe[27429]: A1B7530BB000: to=<postmaster@example1.com>, relay=dovecot, delay=0.02, delays=0/0/0/0.02, dsn=2.0.0, status=sent (delivered via dovecot service)
Apr  7 17:08:26 mailsvr1 postfix/qmgr[12562]: A1B7530BB000: removed
Apr  7 17:08:27 mailsvr1 postfix/smtp[28409]: A0BE230A4C5C: to=<user2@externaldomain.com>, relay=mail-swp1.ddreams.jp[202.19.224.47]:25, delay=0.86, delays=0/0/0.52/0.34, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 677EC3AC02C)


We have DNS server and have added SPF record for example1.com only, the problem only happen when user2@externaldomain.com reply back to user2example1.com and iRedMail forward to user2@externaldomain.com, it end up receiving  "550 SPF (Sender Policy Framework) failed." notification for user "user2@externaldomain.com"

Any idea?

Keen

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Individual User forward to external mail domain issue with SPF

You may need SRS:
https://docs.iredmail.org/srs.html

3

Re: Individual User forward to external mail domain issue with SPF

Thank you Zhang,

May I know mail forward enable in iRedadmin Pro, is actually using MAIL FROM:  the origin sender to forward email to the next recipient? so I am wonder if it is our local example1.com SPF problem or recipient externaldomain.com SPF problem

4

Re: Individual User forward to external mail domain issue with SPF

It uses the From: address.