On Sun, Sep 29, 2019 at 09:50:12PM +0200, Jaroslaw Rafa wrote:
> Is it possible to somehow use a script in place of the lookup table for
> transport_maps ? Thus I could write a script that checks the MX and returns
> the appropriate result.
http://www.postfix.org/socketmap_table.5.html
> > There are further complications, since some of these domains could
> > use non-standard names (in their own domains) for the Gmail MX
> > hosts, or just names owned by Google that you might not be aware
> > of. For example, you may not yet be aware of mx[1234].smtp.goog
> > as additional (DNSSEC signed) Gmail MX hosts.
>
> Thanks for pointing that out, do you know of any other such names?
A quick (partial) search through my DNSSEC survey database for names that
resolve into one Google's address block, turns up many MX hosts that CNAME
to:
ghs.google.com
ghs4.google.com
ghs46.google.com
ghs6.google.com
aspmx.l.google.com
alt2.aspmx.l.google.com
alt4.aspmx.l.google.com
googlemail.l.google.com
googlemail-imap.l.google.com
mail.google.com
ghs.googlehosted.com
ghs4.googlehosted.com
ghs46.googlehosted.com
ghs6.googlehosted.com
aspmx3.googlemail.com
aspmx5.googlemail.com
or use less familiar Google-owned names such as:
alt0.aspmx.l.google.com
alt1.aspmx.l.google.com
alt10.aspmx.l.google.com
alt14.aspmx.l.google.com
alt21.aspmx.l.google.com
alt31.aspmx.l.google.com
alt41.aspmx.l.google.com
alt5.aspmx.l.google.com
alt7.aspmx.l.google.com
alt1.gmail-smtp-in.l.google.com
alt2.gmail-smtp-in.l.google.com
gmail-smtp-in.l.google.com
alt1.gmr-smtp-in.l.google.com
alt4.gmr-smtp-in.l.google.com
googlemail.l.google.com
alt2.aspmx2.googlemail.com
aspmx2.googlemail.com
alt3.aspmx3.googlemail.com
alt1.aspmx5.googlemail.com
mx1.smtp.goog
mx2.smtp.goog
mx3.smtp.goog
mx4.smtp.goog
(so you'd at least have to CNAME expand the MX hosts) and some that
resolve directly into Google's IP space:
external-google-mx.samspin.net
though often not actually working SMTP servers. Reliably detecting
a Google-operated SMTP server may be non-trivial.
> > I would not recommend this "solution". Instead find a way to send
> > email that Gmail will not routinely consider to be junk.
>
> If only I could find a way to send mail to Gmail without having it marked as
> spam, I would certainly do it! But I couldn't.
Get a new Internet provider with a new address?
> The only thing I can't do is I cannot completely avoid
> forwarding mail to Gmail accounts, because there are some addresses on my
> server that need to be kept as forwarding addresses after people moved to
> Gmail; but as I see from server logs, very small number of messages is
> coming to these addresses and gets forwarded to Gmail.
And yet these, can poison your server's reputation. Instead of
forwarding reject the mail with a message that contains the new
address. See the "relocated_maps" parameter.
--
Viktor.
