1

Topic: Own domain mail account and ISP mail account

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.2.1
- Deployed with iRedMail Easy or the downloadable installer? No
- Linux/BSD distribution name and version: Ubuntu 18.04 LTS
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MySQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

I would like to configure iRedMail for a mail account of my own domain (let's call it 'me@mydomain.com') and for a mail account (POP3) provided by my ISP (let's call it 'me@isp.com').

I would be grateful for feedback if the following approach would be correct:

- in iredadmin, I should add 2 domains: the one I own (mydomain.com) and the one from my ISP (isp.com) and configure the user accounts in the respective domains.

- for the mail account of my own domain, I should make the necessary DNS configurations (A, MX, SPF, DKIM, DMARC).

- for the mail account provided by my ISP: for retrieving, I should install fetchmail or getmail and configure accordingly; for sending, I should configure sender dependent relay host (Setup relayhost)

Is that about right?

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Own domain mail account and ISP mail account

Only one mistake in first step. You should NOT create isp.com.
Otherwise all emails you sent TO <someone>@isp.com will go to your own server, not the real ISP mail server.

3 (edited by AGI 2020-07-01 05:48:18)

Re: Own domain mail account and ISP mail account

Many thanks for your reply, good thing I asked :-o

So, under my own domain, should I then only create one user (myfirstname.mylastname@mydomain.com)?

How does iRedMail keep the mails from my 2 accounts (myfirstname.mylastname@mydomain.com and myfirstname.mylastname@isp.com) apart ?

4

Re: Own domain mail account and ISP mail account

Or should I create under mydomain.com a second user with an arbitrary name, let's say ispmail@mydomain.com and then configure getmail and a sender dependent relay host for that user?

5

Re: Own domain mail account and ISP mail account

The steps in your first post is ok except the issue i pointed in my first reply.

6

Re: Own domain mail account and ISP mail account

I understood the part of not creating an isp.com domain.

As I am new to all of this, I just wanted to confirm that I have to create in mydomain.com 2 users:

1) e.g. myfirstname.mylastname@mydomain.com as a mail account for my own domain

2) e.g. ispmail@mydomain.com in order to have a separate mailbox for my ISP mail account. My ISP only provides POP3 mail accounts (with a limited mailbox size) and I would like to have access to my ISP mail account from any device => my interest of having these messages in my own IMAP server. I also don't want to have these messages mixed up with messages in my new myfirstname.mylastname@mydomain.com mail account.

7

Re: Own domain mail account and ISP mail account

AGI wrote:

As I am new to all of this, I just wanted to confirm that I have to create in mydomain.com 2 users:

Your 2 points are correct.

8

Re: Own domain mail account and ISP mail account

Many thanks for your help (and patience wink ). Bought you some coffee smile

9

Re: Own domain mail account and ISP mail account

So, in order to host the mails of my e-mail account provided by my ISP (myfirstname.mylastname@isp.com), I created in iredadmin a second user under my domain: isp.mail@mydomain.eu . Mails are retrieved from my ISP’s POP3 server via Getmail, following this how-to posted in the forum.

My last missing piece of the puzzle is how to send mails as ‘myfirstname.mylastname@isp.com’ via my ISP smtp server. In contrast to my other account ‘myfirstname.mylastname@mydomain.eu’, where I want that messages are sent as ‘myfirstname.mylastname@mydomain.eu’ in the FROM field, the mails sent under the user account isp.mail@mydomain.eu should be sent as ‘myfirstname.mylastname@isp.com’.

As far as I understand, there are 2 possibilities:

1) I put ‘myfirstname.mylastname@isp.com’ as the e-mail address in the e-mail client. I'm not sure whether the security settings in iRedMail allow for ‘impersonating’ another e-mail address?

2) I use the postfix address rewriting function with ‘smtp_generic_maps’. According to the postfix documentation, the address rewriting does not take place when sending mails internally, i.e. from isp.mail@mydomain.eu to myfirstname.mylastname@mydomain.eu.

What would be the way to go?

10

Re: Own domain mail account and ISP mail account

1) is ok.
2) Check this tutorial: https://docs.iredmail.org/errors.html#r … e-username

11

Re: Own domain mail account and ISP mail account

Thanks.

When going for option 1) where I just put ‘myfirstname.mylastname@isp.com’ as the e-mail address in the e-mail client, I also need to add the line

ALLOWED_LOGIN_MISMATCH_SENDERS = ['isp.mail@mydomain.eu']

in /opt/iredapd/settings.py , right?

This is at least what I observed when replacing 'isp.mail@mydomain.eu' by 'myfirstname.mylastname@isp.com' in Roundcube under 'Settings>Identities'. As long as I hadn't made the change in settings.py, Roundcube complained about the sender not being same as the SMTP authenticate username.

12

Re: Own domain mail account and ISP mail account

I now got Roundcube working for my ISP mail (with the change in /opt/iredapd/settings.py and changing the identity in Roundcube under Settings>Identities), as well as SOGo (by changing SOGoMailCustomFromEnabled = NO; to YES in /etc/sogo/sogo.conf, which allows to change the identity of the isp.mail@mydomain.eu user in SOGo under Settings>Mail>IMAP accounts).

Now I'm still stuck with Outlook 2019 for my outgoing ISP mail. I configured the Exchange ActiveSync account in Outlook with the following settings:

E-mail address: myfirstname.mylastname@isp.com
Mail server: mail.mydomain.eu
User Name: isp.mail@mydomain.eu
Password: password for isp.mail@mydomain.eu

But when trying to send mail it is rejected by Spamhaus and I see the following in the details.txt attachment to 'Undelivered mail returned to sender':

Reporting-MTA: dns; mail.mydomain.eu
X-Postfix-Queue-ID: 4B3tFx3xR9zFq9
X-Postfix-Sender: rfc822; isp.mail@mydomain.eu
Arrival-Date: Sat, 11 Jul 2020 16:53:41 +0200 (CEST)

Final-Recipient: rfc822; myfirstname.mylastname@hotmail.com
Original-Recipient: rfc822;myfirstname.mylastname@hotmail.com
Action: failed
Status: 5.7.1
Remote-MTA: dns; hotmail-com.olc.protection.outlook.com
Diagnostic-Code: smtp; 550 5.7.1 Service unavailable, Client host
    [my public IP address] blocked using Spamhaus. To request removal from this list
    see https://www.spamhaus.org/query/ip/83.222.41.203 (AS3130).
    [DB5EUR03FT032.eop-EUR03.prod.protection.outlook.com]

It still seems to be sending from 'isp.mail@mydomain.eu' instead of 'myfirstname.mylastname@isp.com'.

In SOGo, it works fine.

Is there still some setting somewhere in ActiveSync I am missing?

13

Re: Own domain mail account and ISP mail account

Your (public) IP address is blocked by spamhaus - a famous DNSBL service vendor.
Please follow the link to request the removal:
https://www.spamhaus.org/query/ip/83.222.41.203

14

Re: Own domain mail account and ISP mail account

From what I've read, it's pretty much a lost cause to get off Spamhaus' PBL list when you have a dynamic IP address.

But in my opinion, that's beside the point, because I think that the reason my outgoing mail is being blocked is that it is sent via my SMTP server (mail.mydomain.eu) instead of my ISP's SMTP server. I'm having this issue only with Outlook; it's working fine with Roundcube and SOGo.

So, to recap, what I did is the following:

1) in /etc/postfix/main.cf , I added the following:

smtp_sasl_password_maps = hash:/etc/postfix/sasl_password
smtp_sasl_auth_enable = yes
smtp_sasl_mechanism_filter = login
smtp_sasl_security_options = noanonymous
smtp_sender_dependent_authentication = yes

2) in /etc/postfix/sasl_password , I've put the following:

# this relay via Gmail is to circumvent that my outgoing mail from 'myfirstname.mylastname@mydomain.eu' is blocked by Spamhaus; this is working fine, my mail is sent as 'myfirstname.mylastname@mydomain.eu', but via the Gmail SMTP server.
myfirstname.mylastname@mydomain.eu myfirstname.mylastname@gmail.com:password
# this relay is to send my ISP mail via my ISP SMTP server
myfirstname.mylastname@isp.com ISP_accountname:ISP_password

3) made the following changes in MySQL (MariaDB):

USE vmail;
INSERT INTO sender_relayhost (account, relayhost) VALUES ('myfirstname.mylastname@mydomain.eu', '[smtp.gmail.com]:587');
INSERT INTO sender_relayhost (account, relayhost) VALUES ('myfirstname.mylastname@isp.com', '[smtp.isp.com]:587');

4) in /opt/iredapd/settings.py , I've added the following line:

ALLOWED_LOGIN_MISMATCH_SENDERS = ['isp.mail@mydomain.eu']

5) when logged in as 'isp.mail@mydomain.eu' in Roundcube, I changed my identity to myfirstname.mylastname@isp.com under Settings>Identities ; sending as myfirstname.mylastname@isp.com via my ISP SMTP server works fine.

6) in /etc/sogo/sogo.conf, I've changed:

‘SOGoMailCustomFromEnabled = NO;’ to ‘SOGoMailCustomFromEnabled = YES;’

7) when logged in as 'isp.mail@mydomain.eu' in SOGo, I changed my identity to myfirstname.mylastname@isp.com under Settings>Mail>IMAP accounts ; sending as myfirstname.mylastname@isp.com via my ISP SMTP server works fine.

8) In Outlook 2019, I created an Exchange ActiveSync account with the following settings:

E-mail address: myfirstname.mylastname@isp.com
Mail server: mail.mydomain.eu
User Name: isp.mail@mydomain.eu
Password: password for isp.mail@mydomain.eu

Sending as myfirstname.mylastname@isp.com via my ISP SMTP server doesn't work sad . It seems for some reason still sending as 'isp.mail@mydomain.eu' via my own SMTP server.

15

Re: Own domain mail account and ISP mail account

Please resend one testing email with Outlook, then show us the full + original log lines in Postfix log file (/var/log/maillog) for troubleshooting. It's hard to help without detailed log.

16

Re: Own domain mail account and ISP mail account

This is the postfix log when sending via Outlook 2019:

Jul 13 22:05:14 mail postfix/postscreen[100089]: CONNECT from [127.0.0.1]:39198 to [127.0.0.1]:25
Jul 13 22:05:14 mail postfix/postscreen[100089]: WHITELISTED [127.0.0.1]:39198
Jul 13 22:05:14 mail postfix/smtpd[100090]: connect from mail.mydomain.eu[127.0.0.1]
Jul 13 22:05:14 mail postfix/smtpd[100090]: 4B5F4V423pzBXP: client=mail.mydomain.eu[127.0.0.1]
Jul 13 22:05:14 mail postfix/cleanup[100094]: 4B5F4V423pzBXP: message-id=<000001d65950$eba08670$c2e19350$@internet.lu>
Jul 13 22:05:14 mail postfix/qmgr[2607]: 4B5F4V423pzBXP: from=<isp.mail@mydomain.eu>, size=2715, nrcpt=1 (queue active)
Jul 13 22:05:14 mail postfix/smtpd[100090]: disconnect from mail.mydomain.eu[127.0.0.1] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Jul 13 22:05:14 mail postfix/10025/smtpd[100099]: connect from mail.mydomain.eu[127.0.0.1]
Jul 13 22:05:14 mail postfix/10025/smtpd[100099]: 4B5F4V61mGzG18: client=mail.mydomain.eu[127.0.0.1]
Jul 13 22:05:14 mail postfix/cleanup[100094]: 4B5F4V61mGzG18: message-id=<000001d65950$eba08670$c2e19350$@internet.lu>
Jul 13 22:05:14 mail postfix/10025/smtpd[100099]: disconnect from mail.mydomain.eu[127.0.0.1] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Jul 13 22:05:14 mail postfix/qmgr[2607]: 4B5F4V61mGzG18: from=<isp.mail@mydomain.eu>, size=3969, nrcpt=1 (queue active)
Jul 13 22:05:14 mail amavis[54776]: (54776-01) Passed CLEAN {RelayedInternal}, MYNETS LOCAL [127.0.0.1]:39198 ESMTP/ESMTP <isp.mail@mydomain.eu> -> <firstname_lastname@hotmail.com>, (), Queue-ID: 4B>
Jul 13 22:05:14 mail postfix/amavis/smtp[100095]: 4B5F4V423pzBXP: to=<firstname_lastname@hotmail.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.36, delays=0.07/0.02/0.01/0.26, dsn=2.0.0, status=sen>
Jul 13 22:05:14 mail postfix/qmgr[2607]: 4B5F4V423pzBXP: removed
Jul 13 22:05:15 mail postfix/smtp[100100]: 4B5F4V61mGzG18: to=<firstname_lastname@hotmail.com>, relay=hotmail-com.olc.protection.outlook.com[104.47.18.97]:25, delay=0.49, delays=0.01/0.02/0.44/0.01,>
Jul 13 22:05:15 mail postfix/smtp[100100]: 4B5F4V61mGzG18: lost connection with hotmail-com.olc.protection.outlook.com[104.47.18.97] while sending RCPT TO
Jul 13 22:05:15 mail postfix/cleanup[100094]: 4B5F4W2XZHzG0h: message-id=<4B5F4W2XZHzG0h@mail.mydomain.eu>
Jul 13 22:05:15 mail postfix/bounce[100102]: 4B5F4V61mGzG18: sender non-delivery notification: 4B5F4W2XZHzG0h
Jul 13 22:05:15 mail postfix/qmgr[2607]: 4B5F4W2XZHzG0h: from=<>, size=6494, nrcpt=1 (queue active)
Jul 13 22:05:15 mail postfix/qmgr[2607]: 4B5F4V61mGzG18: removed
Jul 13 22:05:15 mail postfix/pipe[100103]: 4B5F4W2XZHzG0h: to=<isp.mail@mydomain.eu>, relay=dovecot, delay=0.14, delays=0.02/0.01/0/0.11, dsn=2.0.0, status=sent (delivered via dovecot service)
Jul 13 22:05:15 mail postfix/qmgr[2607]: 4B5F4W2XZHzG0h: removed

For reference, this is the postfix log when sending via SOGo using the same user account 'isp.mail@mydomain.eu' (=working scenario):

Jul 13 21:59:54 mail postfix/postscreen[99435]: CONNECT from [127.0.0.1]:38814 to [127.0.0.1]:25
Jul 13 21:59:54 mail postfix/postscreen[99435]: WHITELISTED [127.0.0.1]:38814
Jul 13 21:59:54 mail postfix/smtpd[99228]: connect from mail.mydomain.eu[127.0.0.1]
Jul 13 21:59:54 mail postfix/smtpd[99228]: 4B5DyL2kjlzFkj: client=mail.mydomain.eu[127.0.0.1]
Jul 13 21:59:54 mail postfix/cleanup[99803]: 4B5DyL2kjlzFkj: message-id=<663-5f0cbd00-1-6a885f80@27523639>
Jul 13 21:59:54 mail postfix/smtpd[99228]: disconnect from mail.mydomain.eu[127.0.0.1] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Jul 13 21:59:54 mail postfix/qmgr[2607]: 4B5DyL2kjlzFkj: from=<firstname.lastname@internet.lu>, size=1088, nrcpt=1 (queue active)
Jul 13 21:59:54 mail postfix/10025/smtpd[99812]: connect from mail.mydomain.eu[127.0.0.1]
Jul 13 21:59:54 mail postfix/10025/smtpd[99812]: 4B5DyL5ZcWzFjw: client=mail.mydomain.eu[127.0.0.1]
Jul 13 21:59:54 mail postfix/cleanup[99803]: 4B5DyL5ZcWzFjw: message-id=<663-5f0cbd00-1-6a885f80@27523639>
Jul 13 21:59:54 mail postfix/10025/smtpd[99812]: disconnect from mail.mydomain.eu[127.0.0.1] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Jul 13 21:59:54 mail postfix/qmgr[2607]: 4B5DyL5ZcWzFjw: from=<firstname.lastname@internet.lu>, size=2336, nrcpt=1 (queue active)
Jul 13 21:59:54 mail amavis[54777]: (54777-01) Passed CLEAN {RelayedInternal}, MYNETS LOCAL [127.0.0.1]:38814 ESMTP/ESMTP <firstname.lastname@internet.lu> -> <firstname_lastname@hotmail.com>, (), Queue->
Jul 13 21:59:54 mail postfix/amavis/smtp[99808]: 4B5DyL2kjlzFkj: to=<firstname_lastname@hotmail.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.46, delays=0.05/0.01/0.01/0.39, dsn=2.0.0, status=sent>
Jul 13 21:59:54 mail postfix/qmgr[2607]: 4B5DyL2kjlzFkj: removed
Jul 13 21:59:54 mail postfix/smtp[99813]: 4B5DyL5ZcWzFjw: to=<firstname_lastname@hotmail.com>, relay=smtp.internet.lu[195.218.24.11]:587, delay=0.06, delays=0.01/0.02/0.02/0.01, dsn=2.0.0, status=se>
Jul 13 21:59:54 mail postfix/qmgr[2607]: 4B5DyL5ZcWzFjw: removed
Jul 13 22:00:26 mail postfix/postscreen[99435]: CONNECT from [103.133.111.210]:65260 to [10.0.0.1]:25
Jul 13 22:00:26 mail postfix/postscreen[99435]: PASS OLD [103.133.111.210]:65260
Jul 13 22:00:26 mail postfix/smtpd[99228]: connect from unknown[103.133.111.210]

Thanks in advance for your help.

17

Re: Own domain mail account and ISP mail account

AGI wrote:

This is the postfix log when sending via Outlook 2019:

All Postfix log lines indicate the client is "127.0.0.1", are you running Outlook on the server? If not, then  the log lines may be wrong.

18

Re: Own domain mail account and ISP mail account

No, I'm running Outlook on a desktop computer, which is even in a different VLAN than the server.

HTTPS access (with Let's Encrypt certificate) to the mail.mydomain.eu host is done via reverse proxy (HAPROXY) running on a pfSense firewall.

19

Re: Own domain mail account and ISP mail account

But the log lines you pasted shows only 127.0.0.1. Could you please try again and extract correct log lines?

20

Re: Own domain mail account and ISP mail account

I'm sorry, I tried again, but the log is still showing 127.0.0.1. It does work though perfectly with SOGo and Roundcube (tried from external networks also), just not with Outlook.

When looking through the SOGo documentation, I saw the 'SOGoMailCustomEmail' parameter at the user level. Does Outlook need perhaps this parameter in order to take the 'myfirstname.mylastname@isp.com' address instead of 'isp.mail@mydomain.eu' when sending mail? I don't see this parameter in the MariaDB database though for the 'isp.mail@mydomain.eu' user.

21

Re: Own domain mail account and ISP mail account

AGI wrote:

When looking through the SOGo documentation, I saw the 'SOGoMailCustomEmail' parameter at the user level. Does Outlook need perhaps this parameter in order to take the 'myfirstname.mylastname@isp.com' address instead of 'isp.mail@mydomain.eu' when sending mail?

No.

IP "127.0.0.1" doesn't make any sense to me if Outlook is running on your pc/laptop, it must be another IP address.
Also, do you enable SMTP authentication in Outlook?

22

Re: Own domain mail account and ISP mail account

ZhangHuangbin wrote:

IP "127.0.0.1" doesn't make any sense to me if Outlook is running on your pc/laptop, it must be another IP address.

I understand, but that's what the log file shows; I also don't know why.

ZhangHuangbin wrote:

Also, do you enable SMTP authentication in Outlook?

I know that one can set this when setting up the account as an IMAP account in Outlook, but when setting up the account as an Exchange ActiveSync account I don't find this setting.

23

Re: Own domain mail account and ISP mail account

- There's still login required when you setup as Exchange account. Could you please double check?
- Any related error in SOGo log file?

There're two other solutions which should work for you:

*) First

- Follow this tutorial, setup additional smtp port (let's say it's 2525) used by only SOGo: https://docs.iredmail.org/additional.smtp.port.html
- Update SOGo config file to use port 2525 for smtp service.

2) Second

If you have valid ssl cert for your server hostname, upgrade SOGo to the latest nightly build, use "smtp://<server-hostname>:587/?tls=YES" as SMTP server address.

More details:

The latest SOGo nightly build supports SMTP auth through port 587 (TLS) or 465 (SSL, not enabled by iRedMail by default), but it always verifies the cert, so you cannot use "smtp://127.0.0.1:587/?tls=YES" as SMTP server address (because no one can get a cert for "127.0.0.1"). So you have to use either an insecure smtp connection, or a secure connection with valid ssl cert.

FYI:

- Search "SOGoSMTPServer" in this unreleased document, it applies to nightly build: https://github.com/inverse-inc/sogo/blo … e.asciidoc
- Check the issues reported or tracked by me:

https://sogo.nu/bugs/view.php?id=31
https://sogo.nu/bugs/view.php?id=5078

24

Re: Own domain mail account and ISP mail account

I downloaded the latest SOGo nightly build, but when I replace

SOGoSMTPServer = 127.0.0.1;

by

SOGoSMTPServer = smtp://mail.mydomain.eu:587/?tls=YES;

in /etc/sogo/sogo.conf , I get 'Bad Gateway' when trying to access https://mail.mydomain.eu/sogo . I have a valid Let's Encrypt cert for the 'mail.mydomain.eu' domain but it's installed on my pfSense firewall via ACME and incoming connections are forwarded to the mail host via reverse proxy (HAPROXY); perhaps the error is related to that.

I'll keep on monitoring https://sogo.nu/bugs/view.php?id=5078 where you suggested the solution

smtp://127.0.0.1:587/?tls=YES&verify_cert=NO

In the meantime, I'll use SOGo or Roundcube instead of Outlook when I have to send a mail from my ISP mail account.