1 (edited by LaurentM 2024-11-15 22:16:15)

Topic: Closed: Cannot send emails to other domains with FORGED sender

Hello,

I am running iRedMail server v1.7.1 on debian 10 Buster.
This is running on MariaDB SQL server using apache server for web interface.
I am using SOGo as webmail interface.

I have deployed on a different site a Synology NAS server on which I use Pingvin Share to be able to share files internally.

To send emails using Pingvin Share, I have created the user 'noreply@mydomain.com' with which I can send and receive emails internally and externally without problems using the SOGo webmail.

When I wanted to use this user with Pingvin Share, I was firtly unable to use this user to login to my SMTP server as it was not using smtp authentication.
I have followed tutorial 'Allow some user to send email without smtp authentication' in the iRedMail document index to be able to connect the user to the mail server via Pingvin Share.
This part works successfully, I can send a test email or share a file on my local domain.

But, when I try to send shares to users on other domains, I get the SMTP error 554 5.7.1 Relay access denied.
The trace in the mail.log file is:

postfix/smtpd[2657]: connect from m-y-i-p.subs.proxad.net[m.y.i.p]
postfix/smtpd[2657]: discarding EHLO keywords: CHUNKING
postfix/smtpd[2657]: Anonymous TLS connection established from m-y-i-p.subs.proxad.net[m.y.i.p]: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
postfix/smtpd[2657]: discarding EHLO keywords: CHUNKING
postfix/smtpd[2657]: NOQUEUE: reject: RCPT from m-y-i-p.subs.proxad.net[m.y.i.p]: 554 5.7.1 <myemail@example.com>: Relay access denied; from=<noreply@mydomain.com> to=<myemail@example.com> proto=ESMTP helo=<[127.0.0.1]>
postfix/smtpd[2657]: lost connection after RCPT from m-y-i-p.subs.proxad.net[m.y.i.p]

Does someone have a clue on what I can do in my SMTP configuration to have this FORGED sender to be able to send emails to other domains without SMTP authentication ?

Thanks for your help,
Laurent

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Closed: Cannot send emails to other domains with FORGED sender

How about try to get smtp authentication working? This is the best and easiest way to solve the issue.

3

Re: Closed: Cannot send emails to other domains with FORGED sender

I would have like too but the way the Pingvin Share application is made, you cannot set SMTP authentication on it.
That's why I had to make the 'noreply' user a forged sender, to be able to connect to the SMTP server on the other site and a different domain.

The strange thing is that this user can send emails from the SMTP server domain to all users in this domain without problems.

I was thinking of settings in postfix for this user to have sender relay activated.
Can I set a relay server for this user and set it to the local SMTP server ?
Do you think it will be possible to connect internally to the same SMTP server but with the correct credentials in this case by using another user for this purpose ?

4

Re: Closed: Cannot send emails to other domains with FORGED sender

ZhangHuangbin,

I was dumb on this thing, you made me think correctly.
Instead of using port 25 which is what is proposed by default on the Pingvin Share configuration part, I modified it to 587 with the correct credentials for the 'noreply' user and all works now.

I was completely out of my mind not to think about this port number to change for the SMTP authentification using STARTTLS.

Thank you for your light on this issue.

I close the case now.