In my setup, I am using postfix for emails, I had configured my Virtualmin to use sender IP for outgoing emails (I follow this tutorial: https://www.virtualmin.com/documentation/email/dependent)
Now see the following result.
hostname = example.com (IP: 1.1.1.1) (rdns 1.1.1.1 > example.com (this hostname hosting multiple virtual domains on dedicated IP addresses.)
virtual domain = domain1.com (IP: 2.2.2.2) (rdns 2.2.2.2 > mail.domain1.com) (set up for dependent address)
When I send an email from this virtual domain, email header contains:
sent from: example.com.
It should contain:
sent from: domain1.com
Here is a piece of Header copied from Gmail:
Gmail give two different lines.
Received: from example.com (mail.domain1.com. [2.2.2.2])
Received: from example.com (unknown [1.1.1.1]) by example.com (Postfix) with ESMTPSA id 98XXXX46BD1 for example@gmail.com; Sat,
3 Nov 2018 18:23:36 +0100 (CET)
In www.mail-tester.com
I got this error:
Your IP address 2.2.2.2 is associated with the domain mail.domain1.com.
Nevertheless, your message appears to be sent from example.com
How should I correct this?
Any help will be greatly appreciated.
Can you post your main.cf file here?
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
appending .domain is the MUA’s job.
append_dot_mydomain = no
Uncomment the next line to generate “delayed mail” warnings
#delay_warning_time = 4h
readme_directory = no
TLS parameters
smtpd_tls_cert_file = /etc/postfix/postfix.cert.pem
smtpd_tls_key_file = /etc/postfix/postfix.key.pem
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
information on enabling SSL in the smtp client.
sender_dependent_default_transport_maps = hash:/etc/postfix/dependent
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = expertpk.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = $myhostname, expertpk.com, localhost.com, , localhost
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
virtual_alias_maps = hash:/etc/postfix/virtual
sender_bcc_maps = hash:/etc/postfix/bcc
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
home_mailbox = Maildir/
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = check_policy_service inet:127.0.0.1:10031 permit_mynetworks permit_sasl_authenticated reject_unauth_destination check_policy_service inet:127.0.0.1:10023
smtp_tls_security_level = dane
allow_percent_hack = no
smtpd_tls_CAfile = /etc/postfix/postfix.ca.pem
smtpd_tls_security_level = may
smtpd_tls_mandatory_ciphers = high
milter_default_action = accept
milter_protocol = 2
smtpd_milters = inet:localhost:8891
non_smtpd_milters = inet:localhost:8891
message_size_limit = 102400000
#smtpd_sender_restrictions = check_policy_service inet:127.0.0.1:10031
smtpd_end_of_data_restrictions = check_policy_service inet:127.0.0.1:10031
In main.cf, change anything that says expertpk.com to mail.domain1.com and restart postfix.
When postfix is greeting other mail servers it is saying it is expertpk.com, however your dns says it is mail.domain1.com. This raises all kinds of “spammy” flags at the other mailservers. Just set postfix to tell them it is actually mail1.domain1.com. Postfix and the other servers can deal with the fact that you are sending email addressed as from expertpk.com without postfix needing to pretend it is in that domain.
@noisemarine I have multiple domains eg mail.domain1.com, mail.domain2.com, mail.domain3.com
how can I achieve this for all virtual domains.
I had posted my main.cf file. Can you please review it to solve the issue?
I will post my main.cf file to see if that helps you in something…
# /etc/postfix/main.cf
Author: Marcelo Pavan
Dovecot version: 2.2.35
Postfix version: 3.2.5
Default
compatibility_level = 2
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
mail_owner = postfix
myhostname = mail.codebr.io
mydomain = codebr.io
inet_interfaces = all
inet_protocols = ipv4
mydestination = mail.codebr.io, web.codebr.io, ftp.codebr.io
unknown_local_recipient_reject_code = 550
mynetworks_style = host
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
ddd $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix32u-3.2.5/samples
readme_directory = /usr/share/doc/postfix32u-3.2.5/README_FILES
meta_directory = /etc/postfix
shlib_directory = /usr/lib64/postfix
Virtualmin
virtual_alias_maps = hash:/etc/postfix/virtual
sender_bcc_maps = hash:/etc/postfix/bcc
sender_dependent_default_transport_maps = hash:/etc/postfix/dependent
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
home_mailbox = Maildir/
mailbox_size_limit = 0
allow_percent_hack = no
milter_default_action = accept
milter_protocol = 2
smtpd_milters = inet:localhost:8891
non_smtpd_milters = inet:localhost:8891
SASL
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_security_options = noanonymous, noplaintext
smtpd_sasl_tls_security_options = noanonymous
smtpd_relay_restrictions =
permit_mynetworks
permit_sasl_authenticated
reject_unauth_destination
smtpd_recipient_restrictions =
permit_sasl_authenticated
permit_mynetworks
check_policy_service unix:/var/spool/postfix/postgrey/socket
reject_unauth_destination
reject_invalid_hostname
reject_non_fqdn_sender
reject_non_fqdn_recipient
reject_unknown_sender_domain
reject_unknown_recipient_domain
reject_unauth_pipelining
reject_unauth_destination
reject_rbl_client bl.spamcop.net
reject_rbl_client cbl.abuseat.org
reject_rbl_client zen.spamhaus.org
reject_rbl_client b.barracudacentral.org
permit
SSL
smtpd_use_tls = yes
smtpd_tls_security_level = may
smtp_tls_security_level = may
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/marcelorp/mail/mail.crt
smtpd_tls_key_file = /etc/marcelorp/mail/mail.key
smtpd_tls_mandatory_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1
smtpd_tls_protocols=!SSLv2,!SSLv3,!TLSv1,!TLSv1.1
smtpd_tls_mandatory_ciphers = medium
tls_medium_cipherlist = ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
master.conf
smtpd_reject_unlisted_recipient = no
milter_macro_daemon_name = ORIGINATING
End
Please, note that I’m using a updated version of postfix and dovecot. If you want to get an newer version I can explain how, but some other users did not recommend to install newer from non-oficial centos repository…and here I’m forcing an SSL connection to my SMTP service.
Another thing…if you can post you main.cf with a code formating to other users can help you and understand more your configuration settings…
My apologies. I misread your issue.
Does the file /etc/postfix/dependent contain any entries? If so, they should line up with entries in /etc/postfix/master.cf. Is that the case?
ie. “@domain1.com smtp_domain1:” should have an entry in master.cf like “smtp_domain1 unix - - n - - smtp -o smtp_bind_address=2.2.2.2”
Stupid question, but did you restart postfix after making your changes?