I’ve set a general rule for a user to “deliver to inbox” and to forward all incoming mail to a gmail account
Because a strange delay on sending forwarded email to gmail inbox I’ve read the headers of messages they deliver and found this
Received-SPF: softfail (google.com: domain of transitioning
sender_name@sender_domain.com does not designate nnn.nnn.nnn.nnn as
permitted sender) client-ip=nnn.nnn.nnn.nnn;
Authentication-Results: mx.google.com;
spf=softfail (google.com: domain of transitioning sender_name@sender_domain.com does not designate nnn.nnn.nnn.nnn as
permitted sender) smtp.mail=sender_name@sender_domain.com
where nnn.nnn.nnn.nnn is my server IP
It is true that “sender_name@sender_domain.com does not designate nnn.nnn.nnn.nnn as permitted sender”
But I am not sending mails in name or him, I’m just forwarding a mail he sent to me.
It seems that there’s a problem with the header Postfix creates when forwarding incoming mails.
Unfortunately, it doesn’t matter what’s going on behind the scenes – if your server initiates a connection to another server in order to send an email (whether it’s being forwarded or not) – your server is considered a sending server.
If that domain is setup to use SPF, you’ll need to add your server’s IP address as an allowed sender.
That’s actually a feature – otherwise, a server could “fake” an email being forwarded, thus bypassing SPF.
It is the purpose of SPF to limit the IP addresses that are allowed to send mail from a certain domain. If the domain of the email you are forwarding has SPF enabled, you have to have your mail server IP listed at the domain’s SPF record, there’s no way around that. Anything else would defeat the whole purpose of SPF and you could once more send email (and spam) from any faked domain you want.
A possible solution would be rewriting the headers to indicate the mail is *from" you (I.e. a domain on your server), and put a notice in the headers or body that it’s a forward from someone else. I’d need to do some research though how to achieve that with Postfix.
You gave me a clue on my other recent question about to only forward some incoming mails from server: procmail
The same link you suggested contains
Q: I know how to forward a message using an ! action, but that doesn't let me modify the message I forward. Is there a way to do that?
A: Typically, you want to add or change a header. This sounds like formail. The only thing that remains then is to actually send it off. You can of course filter first and then send (see next question), but you might as well do both in one fell swoop (unless you also want the modified message in your normal mail stream; again, see the next question for more).
If formail won’t do the modifications you want, you are of course to replace it with whatever you fancy. The basic pattern is the same, anyway: pipe to the program which “fixes” the message, then pipe the results to Sendmail.
If the results don’t contain suitable headers, or might contain e.g. your own address, you should take care to tell Sendmail explicitly who to send it to, rather than rely on sendmail -t.
I never have worked on procmail settings.
Would this sample be enough or should I care on something else using Postfix?
Thank you
This works good. All incoming mail whose From contains aaa, bbb or ccc is forwarded to that gmail account and no softfail error is in mail header.
If I not misunderstand
-I “X-Loop: user@gmail.com” adds this header
and
! ^X-Loop: user@gmail.com prevents looping if a bounce occurs. Mail headers containing user@gmail.com are not forwarded
The problem is I also get in my server (not in gmail) a second “undeliverable mail”
The mail system
<"^X-Loop:"@my-name-server.com> (expanded from <"^X-Loop:">): unknown user:
“^x-loop:”
I dont know what to correct to avoid that.
Thank you
I also saw that squirrelmail filters to move some incoming mail to custom dirs must be deleted.
They are executed before .procmailrc rules so I had to add that rule in that script.
Since in Procmail the matching lines are perl regular expressions, the right syntax for your purpose (if you intend to forward everything that contains “aaa”, “bbb” or “ccc” anywhere in the sender address) would be:
* ^From: .*(aaa|bbb|ccc).*
Alternatives need to be in round brackets, and don’t put and spaces between the pipes.