ok this is fair as i always ask for the same info when other people are
unclear.
i have found various mapping functions via google none of which worked
or had no effect
rewriting email headers seems to be a work in progress internet wide as
everyone keep's changing stuff when forwarding an email is concerned.
it seems the email from address is being rewritten and replaced with the
delivery server's address.
the config is basic
I setup a seperate postfix instance to handle the forwarding issues as
the internet seems to have locked down how to handle popping emails from
external mail servers.
I wrote a python2 pop email --> smtp out on a dedicated private inside
server (that covers opening up postfix to what are considered security
issues)
simply put i send an email to : willsa...@aol.com from : p...@scom.ca
it gets delivered to aol as expected
i then bring it back via pop3 in python doing nothing other then
delivering to a local account
the receving email : how...@willsagriquipandfencing.ca
when received by the customer the from address has been modified to :
_____________________________________________________________________
Return-Path: <scom...@mail19.scom.ca>
Delivered-To: how...@willsagriquipandfencing.ca
Received: from mail.scom.ca (localhost [127.0.0.1])
by mail19.scom.ca (Postfix) with ESMTP id 5FA6C2E93E9
for <how...@willsagriquipandfencing.ca>; Sun, 13 Nov 2022 04:49:07
-0500 (EST)
Received-SPF: Pass (sender SPF authorized) identity=mailfrom;
client-ip=65.39.148.2; helo=elastic.scom.ca; envelope-from=p...@scom.ca;
receiver=how...@willsagriquipandfencing.ca
Received: from elastic.scom.ca (unknown [65.39.148.2])
by mail19.scom.ca (Postfix) with ESMTP id 35A382E93E7
for <how...@willsagriquipandfencing.ca>; Sun, 13 Nov 2022 04:48:53
-0500 (EST)
Received: from gateway.scom.ca (peer1-local.scom.ca [10.220.0.1])
by elastic.scom.ca (Postfix) with ESMTP id 261EC549A7
for <how...@willsagriquipandfencing.ca>; Sun, 13 Nov 2022 04:48:53
-0500 (EST)
Received: from 127.0.0.1
by atlas-production.v2-mail-prod1-gq1.omega.yahoo.com pod-id
atlas--production-gq1-595fb85565-v5mzh.gq1.yahoo.com with HTTP; Sun, 13
Nov 2022 09:45:51 +0000
X-Originating-Ip: [65.39.148.19]
Received: from 65.39.148.19 (EHLO mail19.scom.ca)
by 10.214.155.21 with SMTPs
(version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256);
Sun, 13 Nov 2022 09:45:51 +0000
Received: from mail.scom.ca (localhost [127.0.0.1])
by mail19.scom.ca (Postfix) with ESMTP id 2FD542E93E5
for <willsa...@aol.com>; Sun, 13 Nov 2022 04:45:50 -0500 (EST)
Received: from [10.0.0.5] (172-97-150-244.cpe.distributel.net
[172.97.150.244])
(Authenticated sender: p...@scom.ca)
by mail19.scom.ca (Postfix) with ESMTPSA id C09222E93E3
for <willsa...@aol.com>; Sun, 13 Nov 2022 04:45:33 -0500 (EST)
Content-Type: multipart/alternative;
boundary="------------VxCI3TnU0a1lkzr5Z3oiQkEt"
Message-ID: <beffded7-f67a-4986-b5d7-d3e3e2d2b...@scom.ca>
Date: Sun, 13 Nov 2022 04:45:35 -0500
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0)
Gecko/20100101
Thunderbird/102.0.2
Content-Language: en-US
To: willsa...@aol.com
From: Paul Kudla <scom...@mail19.scom.ca>
Subject: test to aol
_______________________________________________________________________
Note p...@scom.ca has been replaced with p...@mail19.scom.ca (the server
that did the final delivery)
and this is a know fetchmail reported issue via postfix
from : https://www.fetchmail.info/fetchmail-FAQ.html
O5. Why is fetched mail being logged with my name, not the real From
address?
Because logging is done based on the address indicated by the sending
SMTP's MAIL FROM, and some listeners are picky about that address.
Some SMTP listeners get upset if you try to hand them a MAIL FROM
address naming a different host than the originating site for your
connection. This is a feature, not a bug -- it's supposed to help
prevent people from forging mail with a bogus origin site. (RFC 1123
says you shouldn't do this exclusion...)
Since the originating site of a fetchmail delivery connection is
localhost, this effectively means these picky listeners will barf on any
MAIL FROM address fetchmail hands them with an @ in it!
Versions 2.1 and up try the header From address first and fall back to
the calling-user ID. So if your SMTP listener isn't picky, the log will
look right.
this is the config from the popping / smtp forwarding server elastic.scom.ca
all emails are sent internally on 10.220.0.0/16 network.
[04:39:24] elastic.scom.ca [root:0] /usr/local/etc/postfix
# postconf -n
command_directory = /usr/local/sbin
compatibility_level = 3
daemon_directory = /usr/local/libexec/postfix
data_directory = /var/db/postfix
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd
$daemon_directory/$process_name $process_id & sleep 5
html_directory = /usr/local/share/doc/postfix
inet_interfaces = 127.0.0.1 10.220.0.7
inet_protocols = ipv4
mail_owner = postfix
mailq_path = /usr/local/bin/mailq
manpage_directory = /usr/local/man
meta_directory = /usr/local/libexec/postfix
myhostname = elastic.scom.ca
mynetworks = 127.0.0.0/8 10.220.0.0/16
mynetworks_style = host
newaliases_path = /usr/local/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = /usr/local/share/doc/postfix
sample_directory = /usr/local/etc/postfix
sendmail_path = /usr/local/sbin/sendmail
setgid_group = maildrop
shlib_directory = /usr/local/lib/postfix
unknown_local_recipient_reject_code = 550
this is the config from mail18 & mail19 (they are identical fyi)
this seems to be where the remapping of the from address is being done ?
[04:40:43] mail18.scom.ca [root:0] /usr/home/postfix/config
# postconf -n -c /usr/home/postfix/config
alias_database = hash:/usr/home/postfix/config/aliases
alias_maps = pgsql:/usr/home/postfix/config/pgsql-aliases.cf
broken_sasl_auth_clients = yes
command_directory = /usr/local/sbin
compatibility_level = 2
config_directory = /usr/home/postfix/config
daemon_directory = /usr/local/libexec/postfix
data_directory = /var/db/postfix
debug_peer_level = 9
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5
default_process_limit = 1000
delay_warning_time = 1h
disable_vrfy_command = yes
dovecot_destination_recipient_limit = 1
header_checks = regexp:/usr/home/postfix/config/header_checks
html_directory = /usr/local/share/doc/postfix
inet_interfaces = all
inet_protocols = ipv4
local_destination_concurrency_limit = 500
local_recipient_maps =
mail_owner = postfix
mailbox_size_limit = 0
mailbox_transport = dovecot
maillog_file = /var/log/postfix.in
mailq_path = /usr/local/bin/mailq
manpage_directory = /usr/local/man
max_idle = 30s
max_use = 200
message_size_limit = 1000000000
meta_directory = /usr/local/libexec/postfix
mydestination = pgsql:/usr/home/postfix/config/pgsql-mydestination.cf
mydomain = mail18.scom.ca
myhostname = mail18.scom.ca
mynetworks = 127.0.0.0/8 65.39.148.0/26 10.220.0.0/16 10.227.0.0/16
10.221.0.0/16 10.230.0.2/32
mynetworks_style = host
myorigin = $mydomain
newaliases_path = /usr/local/bin/newaliases
policyd-spf_time_limit = 3600s
queue_directory = /usr/home/postfix
queue_run_delay = 3000s
readme_directory = /usr/local/share/doc/postfix
recipient_delimiter = +
relay_domains = $mydestination
resolve_numeric_domain = yes
sample_directory = /usr/local/etc/postfix
sendmail_path = /usr/local/sbin/sendmail
setgid_group = maildrop
shlib_directory = /usr/local/lib/postfix
smtp_tls_CApath = /etc/ssl/certs
smtp_tls_chain_files = /etc/ssl/.scom.ca
smtp_tls_loglevel = 2
smtp_tls_security_level = may
smtp_tls_session_cache_database =
btree:${queue_directory}/scache/smtp_scache
smtp_tls_session_cache_timeout = 3600
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name
smtpd_client_connection_count_limit = 500
smtpd_client_restrictions = permit_mynetworks,
permit_sasl_authenticated, reject_unauth_pipelining, permit
smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated,
reject_unknown_reverse_client_hostname, reject_invalid_hostname,
reject_rbl_client bl.spamcop.net, reject_non_fqdn_hostname, permit
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated, reject_unauth_destination,
check_policy_service unix:private/policyd-spf, permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_path = smtpd
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = cyrus
smtpd_tls_CApath = /etc/ssl/certs
smtpd_tls_ask_ccert = yes
smtpd_tls_auth_only = no
smtpd_tls_chain_files = /etc/ssl/.scom.ca
smtpd_tls_exclude_ciphers = aNULL, LOW, EXP, MEDIUM, ADH, AECDH, MD5,
DSS, ECDSA, CAMELLIA128, 3DES, CAMELLIA256, RSA+AES, eNULL
smtpd_tls_loglevel = 2
smtpd_tls_mandatory_protocols = !SSLv2,!SSLv3,!TLSv1
smtpd_tls_protocols = !SSLv2,!SSLv3,!TLSv1
smtpd_tls_req_ccert = no
smtpd_tls_security_level = may
smtpd_tls_session_cache_database =
btree:${queue_directory}/scache/smtpd_scache
smtpd_tls_session_cache_timeout = 86400
smtpd_use_tls = yes
soft_bounce = yes
strict_rfc821_envelopes = yes
tls_server_sni_maps = hash:/usr/home/postfix/config/sni
transport_maps = hash:/usr/home/postfix/config/transport
unknown_local_recipient_reject_code = 550
virtual_transport = dovecot
thanks for looking at this, hope i gave enough detail this time around.
Happy Sunday !!!
Thanks - paul
Paul Kudla
Scom.ca Internet Services <http://www.scom.ca>
004-1009 Byron Street South
Whitby, Ontario - Canada
L1N 4S3
Toronto 416.642.7266
Main 1.866.411.7266
Fax 1.888.892.7266
Email p...@scom.ca
On 11/12/2022 12:34 PM, Bill Cole wrote:
On 2022-11-12 at 11:53:06 UTC-0500 (Sat, 12 Nov 2022 11:53:06 -0500)
Paul Kudla <p...@scom.ca>
is rumored to have said:
Ok I am popping email from an external server (aol etc)
Using an unnamed tool with unspecified config...
i get the proper email from address in the header's and resend all
works ok if i am popping local email
ie t...@scom.ca --> p...@scom.ca postfix lets it go as is
when i get an external email with x...@aol.com (for example)
postfix replaces the from address in the header with
scom...@mail18.scom.ca
Are you sure it is Postfix? Why?
Show the relevant config and log lines, as is urged in the
documentarioin when asking questiuons here. No one here is telepathic or
clairvoyant.
I understand why but it messes up the customer when replying ???
If you really understood why, you'd fix it yourself.
Simply put how do i preserve the headers when popping from a foreign
server
Fix your Postfix config, probably.
Unfortunately, NO ONE here knows how to help you because you didn't
share your config.
if there is a way to do this locally great as i would rather leave the
security feature in tact
What "security feature" would that be? One that rewrites your mail
incorrectly? Seems like a bug to me...
i am running this through a python email program and sending via the
sendmail library
i am running multiple servers so i can program an inside one to bypass
this if nessesary
otherwise how do i just turn off the 'from' address getting mangled?
Remove or repair whatever Postfix config YOU have which is doing that.
There are multiple possibilities.
We can only guess which rewriting mechanism you have configured your
server to use to rewrite From headers in your email with your domain.
