-
-
Notifications
You must be signed in to change notification settings - Fork 830
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support for SRS #328
Comments
That would be an interesting feature for aliases and forwards indeed. No idea how soon we could support it though. |
It would greatly diminish the risk of the forwarding MTA to be marked as Spammer. |
Is this still valid, especially in conjunction with DKIM/DMARC? Edit: https://fastmail.blog/2016/12/24/spf-dkim-dmarc/
Seems this is superseded by DMARC |
A completely different approach would be to use a podop map and generate the srs in the admin container instead of running postsrs. It has the advantage of being compatible with replicated setups. If @jbmolle can adjust the pr, we can probably merge it. Otherwise I'd go for the podop map instead. How do you feel about contributing it if I try and guide you through it? |
Hi @oli-ver, hi @kaiyou , |
I planned on setting up a nee dev environment tonight. Let's try and make this my first issue. Postfix sender and recipient canonical maps should be bound to admin through podop, and rewriting will be implemented using pysrs from https://pythonhosted.org/milter/pysrs.html as it seems not to be the best but most supported lib. |
Just pushed the commit above, that should do most of the lifting work for SRS. Any feedback is welcome before I open the PR. |
@kaiyou Looks pretty straightforward. I will try to get a dev environment up and running on the weekend, perhaps I can have a closer look how this works when sending mails. |
@kaiyou I tested the feature with a dev server I just set up (I hope without mistakes). I think these are the relevant header parts:
Is it correct like that? Unfortunately I cannot test forwarding to mail addresses of other servers because my development machine does not have a static IP and SPAMHAUS has an entry for the IP range that is only temporarily assigned by my DSL provider. Other mail servers bounce the mail because of that. |
It looks correct, thank you for the testing :) of course I cannot verify the hashes without the secret key, but let's assume those are correct. I will open the PR right away. |
See https://en.wikipedia.org/wiki/Sender_Rewriting_Scheme and https://github.com/roehling/postsrsd
The text was updated successfully, but these errors were encountered: