1

Topic: Catchall Exception - Forward all except postmaster for domain

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version: 1.4.0, iRedAPD: 1.5
- Deployed with self-installer
- Linux Version: Ubuntu 20.04.3 LTS (Kernel 5.4.0-91-generic, fully updated)
- Backend: MariaDB (MySQL)
- Web server: Nginx
- iRedAdmin-Pro: NO
====

Hello iRed Forum / 你好莊主任,

I run a successful iRedMail server, with multiple domains, with SPF / DKIM / DMARC. I am very familiar with Linux, DNS, SQL, but only a little familiar with postfix and dovecot. Thank you for building this wonderful software package to tie it all together! I have searched the forum and docs, and cannot find this topic.

I am curious about creating an EXCEPTION for catch-all for a domain.

Reason: Current dmarc for client domain (example "client.com") has RUA and RUF for my administrative domain (example "admin.com"): rua=mailto:postmaster@admin.com.

The client needs catch-all as they use a number of addresses and have the occasional misspelling.

However, I do not need them recieving dmarc reports.
But I believe having the RUA go to my admin domain is negatively impacting their deliverability.

I have tested with another domain ("personal.com") where the RUA / RUF is the same domain: mailto:postmaster@personal.com, and I have no problems with email delivery to any major domain.

I want to set the RUA for client.com to postmaster@client.com, but carve an exception to the catch-all for this.

My testing indicates that the vmail forwardings do not care about order; if I insert a row above their catch-all, it still will send to their catch-all address and not stop processing directives.

I have looked into postfix specific header rewriting:
http://www.postfix.org/ADDRESS_REWRITING_README.html
... but I am not sure about what to implement (canonical rewrite, address masquerade, virtual aliasing).
I am also not sure if those settings will preempt / prevent the iRedMail / vmail / iRedAPD from also handling the catch-all setup.

Any insight would be greatly appreciated and of course coffee will be donated smile
Otherwise I may have time this month to spin up a second test server and tinker with a spare domain.

I think this capability may make an excellent addition to iRedMail-Pro, but I understand that may be a long-term goal and require a little re-engineering of the mail flow process.

Thank you anyone who sees this or has any ideas!

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Catchall Exception - Forward all except postmaster for domain

Update:

I researched RUA mismatch, which led me to the RFC for this:
https://www.rfc-editor.org/rfc/rfc7489#section-7.1

I had to update my "admin.com" domain with *._report._dmarc record, in order for "client.com" (and other domains I had pointing to admin.com for RUA/RUF) to properly validate. (I used mxtoolbox dmarc lookup.)

That should handle the deliverability issue.

But still, a catch-all exception might be useful for other reasons.

Thank you.