Re: [qmailtoaster] forwarding to gmail address fails because of hard spf check

[Peter Peltonen]

Hi,

I don't know which email/headers caused it as I had to get the server up
and running as fast as possible. That was just my guess for the cause after
googling a bit.

Some kind of a monitoring script might work as a workaround like Philip
suggested: try to detect the error, rename srs_domain, wait for a while,
rename srs_domain back

What would be the best way to monitor the log file, any recommendations?

The best solution would be if someone knowledgeable enough could fix the
patch: if the error is encountered, the problem msg would be skipped for
SRS processing instead of logging and trying again.

Best,
Peter


On Fri, Feb 24, 2023 at 4:24 AM あいざわひろし  wrote:

> Hi Peter,
>
> What kind of malformed header cause it?
>
> I wonder whether I can drop such mail in
> /var/qmail/alias/.qmail-srs-default .
> --
> AIZAWA Hiroshi
>
> 2023年2月23日(木) 20:32 Peter Peltonen :
> >
> > Ok good.
> >
> > I actually ran into a SRS related problem yesterday: i think a malformed
> headers in spam msg caused to SRS to fail which put my qmail send process
> in a loop with error
> >
> > No user in SRS0 address
> >
> > Qmail spawned more and more processes until my server got unresponsive
> and I had to reboot the server. After qmail had started, the same thing
> happened again.
> >
> > I had to disable SRS to get everything working.
> >
> > Very unfortunate, everything had worked so well until now.
> >
> > Peter
> >
> > to 23. helmik. 2023 klo 11.38 あいざわひろし  kirjoitti:
> >>
> >> Hi guys
> >>
> >> Thanks to this thread, gmail.com now receives forwarded message from
> >> my mailserver .
> >>
> >> I noticed that mx.google.com says 'spf=neutral' in the header
> >> ARC-Authentication-Results
> >> I created  SPF record for domain srs (in this example, srs.xyz.com)
> and now
> >> mx.google.com says 'spf=pass'.
> >>
> >> I think it is better to make the spf record for srs domain.
> >>
> >> --
> >> AIZAWA Hiroshi
> >>
> >> 2023年1月3日(火) 18:23 Peter Peltonen :
> >> >
> >> > Googling "srs qmailtoaster" gave me this link:
> >> >
> >> >
> http://wiki.qmailtoaster.net/index.php/Configuring_SRS_on_Toaster_1.03-1.3.13%2B
> >> >
> >> > which does not work, it seems qmailtoaster.com should be used
> instead of .net
> >> >
> >> > Okay now we have the instructions I guess I could try to test it, I
> have a spare registered domain I could test with. Does this sound ok
> procedure:
> >> >
> >> > setup domain xyz.com with SPF with hard fail (-all) and the toaster
> as the MX
> >> > send email from xyz.com to GMail through our toaster: should pass ok
> >> > setup forwarding from xyz.com to GMail
> >> > send email to xyz.com: should fail because GMail does not accept
> >> > setup SRS at toaster:
> >> >
> >> > create NS record for domain srs.xyz.com with MX pointing to our
> toaster
> >> > echo srs.xyz.com > /var/qmail/control/srs_domain
> >> > mkpasswd -l 32 > /var/qmail/control/srs_secrets
> >> > mkpasswd -l 32 >> /var/qmail/control/srs_secrets
> >> > (repeat mkpasswd as many times you need, not sure how many is really
> needed?)
> >> > echo 7 > /var/qmail/control/srs_maxage
> >> > echo 8 > /var/qmail/control/srs_hashlength
> >> > qmailctl restart
> >> > echo srs.xyz.com >> /var/qmail/control/rcpthosts
> >> > echo srs.xyz.com:srs >> /var/qmail/control/virtualdomains
> >> > echo "| /var/qmail/bin/srsfilter" >
> /var/qmail/alias/.qmail-srs-default
> >> > (ownershp of other alias files on my server are user alias group
> nofiles, so probably this should be changed to the same?)
> >> >
> >> > send email to xyz.com: should pass ok
> >> >
> >> >
> >> > What do you think Angus?
> >> >
> >> > Best,
> >> > Peter
> >> >
> >> >
> >> > On Mon, Jan 2, 2023 at 7:52 PM Angus McIntyre 
> wrote:
> >> >>
> >> >>
> >> >>
> >> >> Peter Peltonen wrote on 1/2/23 11:57 AM:
> >> >> > Some of my toaster users have their email forwarded to Gmail ...
> Some
> >> >> > googling around tells me that SRS could be the solution for this
> >> >> > problem.
> >> >> >
> >> >> > There is info on this at Qmailtoaster Wiki, but the site seems to
> be
> >> >> > somehow broken.
> >> >>
> >> >> Which page are you looking at, and in what way does it seem broken?
> >> >>
> >> >>
> >> >>
> http://wiki.qmailtoaster.com/index.php/Configuring_SRS_on_Toaster_1.03-1.3.13%2B
> >> >>
> >> >> currently loads fine for me, and looks as if it has good information.
> >> >>
> >> >> I should stress that I haven't tried this yet. I didn't know about
> SRS
> >> >> until you posted this (thank you!) but I'm having the same issue as
> you
> >> >> and it sounds as if this might be just what I need.
> >> >>
> >> >> Would anyone who's actually implemented this care to comment?
> >> >>
> >> >> Angus
> >> >>
> >> >>
> >> >> -
> >> >> To unsubscribe, e-mail:
> qmailtoaster-list-unsubscr...@qmailtoaster.com
> >> >> For additional commands, e-mail:
> qmailtoaster-list-h...@qmailtoaster.com
> >> >>
> >>
> >> 

Re: [qmailtoaster] forwarding to gmail address fails because of hard spf check

[あいざわひろし]

Hi Peter,

What kind of malformed header cause it?

I wonder whether I can drop such mail in /var/qmail/alias/.qmail-srs-default .
--
AIZAWA Hiroshi

2023年2月23日(木) 20:32 Peter Peltonen :
>
> Ok good.
>
> I actually ran into a SRS related problem yesterday: i think a malformed 
> headers in spam msg caused to SRS to fail which put my qmail send process in 
> a loop with error
>
> No user in SRS0 address
>
> Qmail spawned more and more processes until my server got unresponsive and I 
> had to reboot the server. After qmail had started, the same thing happened 
> again.
>
> I had to disable SRS to get everything working.
>
> Very unfortunate, everything had worked so well until now.
>
> Peter
>
> to 23. helmik. 2023 klo 11.38 あいざわひろし  kirjoitti:
>>
>> Hi guys
>>
>> Thanks to this thread, gmail.com now receives forwarded message from
>> my mailserver .
>>
>> I noticed that mx.google.com says 'spf=neutral' in the header
>> ARC-Authentication-Results
>> I created  SPF record for domain srs (in this example, srs.xyz.com) and now
>> mx.google.com says 'spf=pass'.
>>
>> I think it is better to make the spf record for srs domain.
>>
>> --
>> AIZAWA Hiroshi
>>
>> 2023年1月3日(火) 18:23 Peter Peltonen :
>> >
>> > Googling "srs qmailtoaster" gave me this link:
>> >
>> > http://wiki.qmailtoaster.net/index.php/Configuring_SRS_on_Toaster_1.03-1.3.13%2B
>> >
>> > which does not work, it seems qmailtoaster.com should be used instead of 
>> > .net
>> >
>> > Okay now we have the instructions I guess I could try to test it, I have a 
>> > spare registered domain I could test with. Does this sound ok procedure:
>> >
>> > setup domain xyz.com with SPF with hard fail (-all) and the toaster as the 
>> > MX
>> > send email from xyz.com to GMail through our toaster: should pass ok
>> > setup forwarding from xyz.com to GMail
>> > send email to xyz.com: should fail because GMail does not accept
>> > setup SRS at toaster:
>> >
>> > create NS record for domain srs.xyz.com with MX pointing to our toaster
>> > echo srs.xyz.com > /var/qmail/control/srs_domain
>> > mkpasswd -l 32 > /var/qmail/control/srs_secrets
>> > mkpasswd -l 32 >> /var/qmail/control/srs_secrets
>> > (repeat mkpasswd as many times you need, not sure how many is really 
>> > needed?)
>> > echo 7 > /var/qmail/control/srs_maxage
>> > echo 8 > /var/qmail/control/srs_hashlength
>> > qmailctl restart
>> > echo srs.xyz.com >> /var/qmail/control/rcpthosts
>> > echo srs.xyz.com:srs >> /var/qmail/control/virtualdomains
>> > echo "| /var/qmail/bin/srsfilter" > /var/qmail/alias/.qmail-srs-default
>> > (ownershp of other alias files on my server are user alias group nofiles, 
>> > so probably this should be changed to the same?)
>> >
>> > send email to xyz.com: should pass ok
>> >
>> >
>> > What do you think Angus?
>> >
>> > Best,
>> > Peter
>> >
>> >
>> > On Mon, Jan 2, 2023 at 7:52 PM Angus McIntyre  wrote:
>> >>
>> >>
>> >>
>> >> Peter Peltonen wrote on 1/2/23 11:57 AM:
>> >> > Some of my toaster users have their email forwarded to Gmail ... Some
>> >> > googling around tells me that SRS could be the solution for this
>> >> > problem.
>> >> >
>> >> > There is info on this at Qmailtoaster Wiki, but the site seems to be
>> >> > somehow broken.
>> >>
>> >> Which page are you looking at, and in what way does it seem broken?
>> >>
>> >>
>> >> http://wiki.qmailtoaster.com/index.php/Configuring_SRS_on_Toaster_1.03-1.3.13%2B
>> >>
>> >> currently loads fine for me, and looks as if it has good information.
>> >>
>> >> I should stress that I haven't tried this yet. I didn't know about SRS
>> >> until you posted this (thank you!) but I'm having the same issue as you
>> >> and it sounds as if this might be just what I need.
>> >>
>> >> Would anyone who's actually implemented this care to comment?
>> >>
>> >> Angus
>> >>
>> >>
>> >> -
>> >> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
>> >> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
>> >>
>>
>> -
>> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
>> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
>>

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] forwarding to gmail address fails because of hard spf check

[Philip Nix Guru]

Hello Peter

The issue you had yesterday is something that never got fixed

I ran into that already in 2013


I d suggest monitoring /var/log/qmail/send/current

(make a cron script) and if you trigger the error just rename 
/var/qmail/control/srs_domain to /var/qmail/control/srs_domain.alert or 
whatever


so you wont break your server ..


Regards

-Philip



On 2/23/23 12:02, Peter Peltonen wrote:

Ok good.

I actually ran into a SRS related problem yesterday: i think a 
malformed headers in spam msg caused to SRS to fail which put my qmail 
send process in a loop with error


No user in SRS0 address

Qmail spawned more and more processes until my server got unresponsive 
and I had to reboot the server. After qmail had started, the same 
thing happened again.


I had to disable SRS to get everything working.

Very unfortunate, everything had worked so well until now.

Peter

to 23. helmik. 2023 klo 11.38 あいざわひろし  
kirjoitti:


Hi guys

Thanks to this thread, gmail.com  now receives
forwarded message from
my mailserver .

I noticed that mx.google.com  says
'spf=neutral' in the header
ARC-Authentication-Results
I created  SPF record for domain srs (in this example, srs.xyz.com
) and now
mx.google.com  says 'spf=pass'.

I think it is better to make the spf record for srs domain.

--
AIZAWA Hiroshi

2023年1月3日(火) 18:23 Peter Peltonen :
>
> Googling "srs qmailtoaster" gave me this link:
>
>

http://wiki.qmailtoaster.net/index.php/Configuring_SRS_on_Toaster_1.03-1.3.13%2B
>
> which does not work, it seems qmailtoaster.com
 should be used instead of .net
>
> Okay now we have the instructions I guess I could try to test
it, I have a spare registered domain I could test with. Does this
sound ok procedure:
>
> setup domain xyz.com  with SPF with hard fail
(-all) and the toaster as the MX
> send email from xyz.com  to GMail through our
toaster: should pass ok
> setup forwarding from xyz.com  to GMail
> send email to xyz.com : should fail because
GMail does not accept
> setup SRS at toaster:
>
> create NS record for domain srs.xyz.com 
with MX pointing to our toaster
> echo srs.xyz.com  >
/var/qmail/control/srs_domain
> mkpasswd -l 32 > /var/qmail/control/srs_secrets
> mkpasswd -l 32 >> /var/qmail/control/srs_secrets
> (repeat mkpasswd as many times you need, not sure how many is
really needed?)
> echo 7 > /var/qmail/control/srs_maxage
> echo 8 > /var/qmail/control/srs_hashlength
> qmailctl restart
> echo srs.xyz.com  >>
/var/qmail/control/rcpthosts
> echo srs.xyz.com:srs >> /var/qmail/control/virtualdomains
> echo "| /var/qmail/bin/srsfilter" >
/var/qmail/alias/.qmail-srs-default
> (ownershp of other alias files on my server are user alias group
nofiles, so probably this should be changed to the same?)
>
> send email to xyz.com : should pass ok
>
>
> What do you think Angus?
>
> Best,
> Peter
>
>
> On Mon, Jan 2, 2023 at 7:52 PM Angus McIntyre 
wrote:
>>
>>
>>
>> Peter Peltonen wrote on 1/2/23 11:57 AM:
>> > Some of my toaster users have their email forwarded to Gmail
... Some
>> > googling around tells me that SRS could be the solution for this
>> > problem.
>> >
>> > There is info on this at Qmailtoaster Wiki, but the site
seems to be
>> > somehow broken.
>>
>> Which page are you looking at, and in what way does it seem broken?
>>
>>
>>

http://wiki.qmailtoaster.com/index.php/Configuring_SRS_on_Toaster_1.03-1.3.13%2B
>>
>> currently loads fine for me, and looks as if it has good
information.
>>
>> I should stress that I haven't tried this yet. I didn't know
about SRS
>> until you posted this (thank you!) but I'm having the same
issue as you
>> and it sounds as if this might be just what I need.
>>
>> Would anyone who's actually implemented this care to comment?
>>
>> Angus
>>
>>
>>
-
>> To unsubscribe, e-mail:
qmailtoaster-list-unsubscr...@qmailtoaster.com
>> For additional commands, e-mail:
qmailtoaster-list-h...@qmailtoaster.com
>>

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail:
qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] forwarding to gmail address fails because of hard spf check

[Peter Peltonen]

Ok good.

I actually ran into a SRS related problem yesterday: i think a malformed
headers in spam msg caused to SRS to fail which put my qmail send process
in a loop with error

No user in SRS0 address

Qmail spawned more and more processes until my server got unresponsive and
I had to reboot the server. After qmail had started, the same thing
happened again.

I had to disable SRS to get everything working.

Very unfortunate, everything had worked so well until now.

Peter

to 23. helmik. 2023 klo 11.38 あいざわひろし  kirjoitti:

> Hi guys
>
> Thanks to this thread, gmail.com now receives forwarded message from
> my mailserver .
>
> I noticed that mx.google.com says 'spf=neutral' in the header
> ARC-Authentication-Results
> I created  SPF record for domain srs (in this example, srs.xyz.com) and
> now
> mx.google.com says 'spf=pass'.
>
> I think it is better to make the spf record for srs domain.
>
> --
> AIZAWA Hiroshi
>
> 2023年1月3日(火) 18:23 Peter Peltonen :
> >
> > Googling "srs qmailtoaster" gave me this link:
> >
> >
> http://wiki.qmailtoaster.net/index.php/Configuring_SRS_on_Toaster_1.03-1.3.13%2B
> >
> > which does not work, it seems qmailtoaster.com should be used instead
> of .net
> >
> > Okay now we have the instructions I guess I could try to test it, I have
> a spare registered domain I could test with. Does this sound ok procedure:
> >
> > setup domain xyz.com with SPF with hard fail (-all) and the toaster as
> the MX
> > send email from xyz.com to GMail through our toaster: should pass ok
> > setup forwarding from xyz.com to GMail
> > send email to xyz.com: should fail because GMail does not accept
> > setup SRS at toaster:
> >
> > create NS record for domain srs.xyz.com with MX pointing to our toaster
> > echo srs.xyz.com > /var/qmail/control/srs_domain
> > mkpasswd -l 32 > /var/qmail/control/srs_secrets
> > mkpasswd -l 32 >> /var/qmail/control/srs_secrets
> > (repeat mkpasswd as many times you need, not sure how many is really
> needed?)
> > echo 7 > /var/qmail/control/srs_maxage
> > echo 8 > /var/qmail/control/srs_hashlength
> > qmailctl restart
> > echo srs.xyz.com >> /var/qmail/control/rcpthosts
> > echo srs.xyz.com:srs >> /var/qmail/control/virtualdomains
> > echo "| /var/qmail/bin/srsfilter" > /var/qmail/alias/.qmail-srs-default
> > (ownershp of other alias files on my server are user alias group
> nofiles, so probably this should be changed to the same?)
> >
> > send email to xyz.com: should pass ok
> >
> >
> > What do you think Angus?
> >
> > Best,
> > Peter
> >
> >
> > On Mon, Jan 2, 2023 at 7:52 PM Angus McIntyre  wrote:
> >>
> >>
> >>
> >> Peter Peltonen wrote on 1/2/23 11:57 AM:
> >> > Some of my toaster users have their email forwarded to Gmail ... Some
> >> > googling around tells me that SRS could be the solution for this
> >> > problem.
> >> >
> >> > There is info on this at Qmailtoaster Wiki, but the site seems to be
> >> > somehow broken.
> >>
> >> Which page are you looking at, and in what way does it seem broken?
> >>
> >>
> >>
> http://wiki.qmailtoaster.com/index.php/Configuring_SRS_on_Toaster_1.03-1.3.13%2B
> >>
> >> currently loads fine for me, and looks as if it has good information.
> >>
> >> I should stress that I haven't tried this yet. I didn't know about SRS
> >> until you posted this (thank you!) but I'm having the same issue as you
> >> and it sounds as if this might be just what I need.
> >>
> >> Would anyone who's actually implemented this care to comment?
> >>
> >> Angus
> >>
> >>
> >> -
> >> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> >> For additional commands, e-mail:
> qmailtoaster-list-h...@qmailtoaster.com
> >>
>
> -
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
>
>

Re: [qmailtoaster] forwarding to gmail address fails because of hard spf check

[あいざわひろし]

Hi guys

Thanks to this thread, gmail.com now receives forwarded message from
my mailserver .

I noticed that mx.google.com says 'spf=neutral' in the header
ARC-Authentication-Results
I created  SPF record for domain srs (in this example, srs.xyz.com) and now
mx.google.com says 'spf=pass'.

I think it is better to make the spf record for srs domain.

--
AIZAWA Hiroshi

2023年1月3日(火) 18:23 Peter Peltonen :
>
> Googling "srs qmailtoaster" gave me this link:
>
> http://wiki.qmailtoaster.net/index.php/Configuring_SRS_on_Toaster_1.03-1.3.13%2B
>
> which does not work, it seems qmailtoaster.com should be used instead of .net
>
> Okay now we have the instructions I guess I could try to test it, I have a 
> spare registered domain I could test with. Does this sound ok procedure:
>
> setup domain xyz.com with SPF with hard fail (-all) and the toaster as the MX
> send email from xyz.com to GMail through our toaster: should pass ok
> setup forwarding from xyz.com to GMail
> send email to xyz.com: should fail because GMail does not accept
> setup SRS at toaster:
>
> create NS record for domain srs.xyz.com with MX pointing to our toaster
> echo srs.xyz.com > /var/qmail/control/srs_domain
> mkpasswd -l 32 > /var/qmail/control/srs_secrets
> mkpasswd -l 32 >> /var/qmail/control/srs_secrets
> (repeat mkpasswd as many times you need, not sure how many is really needed?)
> echo 7 > /var/qmail/control/srs_maxage
> echo 8 > /var/qmail/control/srs_hashlength
> qmailctl restart
> echo srs.xyz.com >> /var/qmail/control/rcpthosts
> echo srs.xyz.com:srs >> /var/qmail/control/virtualdomains
> echo "| /var/qmail/bin/srsfilter" > /var/qmail/alias/.qmail-srs-default
> (ownershp of other alias files on my server are user alias group nofiles, so 
> probably this should be changed to the same?)
>
> send email to xyz.com: should pass ok
>
>
> What do you think Angus?
>
> Best,
> Peter
>
>
> On Mon, Jan 2, 2023 at 7:52 PM Angus McIntyre  wrote:
>>
>>
>>
>> Peter Peltonen wrote on 1/2/23 11:57 AM:
>> > Some of my toaster users have their email forwarded to Gmail ... Some
>> > googling around tells me that SRS could be the solution for this
>> > problem.
>> >
>> > There is info on this at Qmailtoaster Wiki, but the site seems to be
>> > somehow broken.
>>
>> Which page are you looking at, and in what way does it seem broken?
>>
>>
>> http://wiki.qmailtoaster.com/index.php/Configuring_SRS_on_Toaster_1.03-1.3.13%2B
>>
>> currently loads fine for me, and looks as if it has good information.
>>
>> I should stress that I haven't tried this yet. I didn't know about SRS
>> until you posted this (thank you!) but I'm having the same issue as you
>> and it sounds as if this might be just what I need.
>>
>> Would anyone who's actually implemented this care to comment?
>>
>> Angus
>>
>>
>> -
>> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
>> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
>>

-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] forwarding to gmail address fails because of hard spf check

[Peter Peltonen]

Actually, I think I was wrong:

Even though I had not configured SRS for a particular domain, I can see
from the headers of the message forwarded to Gmail that it used the SRS
setup for the domain configured in /var/qmail/control/srs_domain

And adding multiple domains to /var/qmail/control/srs_domain does not seem
to do anything: the first domain listed there is always used.

If someone else tries this out, please correct me if I'm wrong!

Best,
Peter

On Fri, Jan 13, 2023 at 3:11 PM Peter Peltonen 
wrote:

> Hi Andreas,
>
> Unfortunately it needs to be done for every domain that forwards email
> outside the toaster.
>
> Best,
> Peter
>
> On Wed, Jan 4, 2023 at 11:08 PM Andreas  wrote:
>
>> Hi Peter,
>>
>> Did you do that for every domain separatly or once just for the server?
>>
>> Andreas
>>
>> Am 04.01.23 um 18:18 schrieb Peter Peltonen:
>>
>> Okay I tested this setup and it seems to work, mail gets through and I
>> get spf=pass for it in Gmail.
>>
>> The only difference to the procedure I posted earlier were:
>>
>> - needed to add srs.xyz.com to morercpthosts and not to rcpthosts as I
>> have more than 50 domains hosted
>> - at the end I ran qmailctl cdb and qmailctl restart, not sure if needed
>>
>> Best,
>> Peter
>>
>>
>>
>> On Tue, Jan 3, 2023 at 11:22 AM Peter Peltonen 
>> wrote:
>>
>>> Googling "srs qmailtoaster" gave me this link:
>>>
>>>
>>> http://wiki.qmailtoaster.net/index.php/Configuring_SRS_on_Toaster_1.03-1.3.13%2B
>>>
>>> which does not work, it seems qmailtoaster.com should be used instead
>>> of .net
>>>
>>> Okay now we have the instructions I guess I could try to test it, I have
>>> a spare registered domain I could test with. Does this sound ok procedure:
>>>
>>>
>>>- setup domain xyz.com with SPF with hard fail (-all) and the
>>>toaster as the MX
>>>- send email from xyz.com to GMail through our toaster: should pass
>>>ok
>>>- setup forwarding from xyz.com to GMail
>>>- send email to xyz.com: should fail because GMail does not accept
>>>- setup SRS at toaster:
>>>
>>>
>>>1. create NS record for domain srs.xyz.com with MX pointing to our
>>>toaster
>>>2. echo srs.xyz.com > /var/qmail/control/srs_domain
>>>3. mkpasswd -l 32 > /var/qmail/control/srs_secrets
>>>4. mkpasswd -l 32 >> /var/qmail/control/srs_secrets
>>>5. (repeat mkpasswd as many times you need, not sure how many is
>>>really needed?)
>>>6. echo 7 > /var/qmail/control/srs_maxage
>>>7. echo 8 > /var/qmail/control/srs_hashlength
>>>8. qmailctl restart
>>>9. echo srs.xyz.com >> /var/qmail/control/rcpthosts
>>>10. echo srs.xyz.com:srs >> /var/qmail/control/virtualdomains
>>>11. echo "| /var/qmail/bin/srsfilter" >
>>>/var/qmail/alias/.qmail-srs-default
>>>(ownershp of other alias files on my server are user alias group
>>>nofiles, so probably this should be changed to the same?)
>>>
>>>
>>>- send email to xyz.com: should pass ok
>>>
>>>
>>> What do you think Angus?
>>>
>>> Best,
>>> Peter
>>>
>>>
>>> On Mon, Jan 2, 2023 at 7:52 PM Angus McIntyre  wrote:
>>>


 Peter Peltonen wrote on 1/2/23 11:57 AM:
 > Some of my toaster users have their email forwarded to Gmail ... Some
 > googling around tells me that SRS could be the solution for this
 > problem.
 >
 > There is info on this at Qmailtoaster Wiki, but the site seems to be
 > somehow broken.

 Which page are you looking at, and in what way does it seem broken?



 http://wiki.qmailtoaster.com/index.php/Configuring_SRS_on_Toaster_1.03-1.3.13%2B

 currently loads fine for me, and looks as if it has good information.

 I should stress that I haven't tried this yet. I didn't know about SRS
 until you posted this (thank you!) but I'm having the same issue as you
 and it sounds as if this might be just what I need.

 Would anyone who's actually implemented this care to comment?

 Angus


 -
 To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
 For additional commands, e-mail:
 qmailtoaster-list-h...@qmailtoaster.com


>>

Re: [qmailtoaster] forwarding to gmail address fails because of hard spf check

[Peter Peltonen]

Hi Andreas,

Unfortunately it needs to be done for every domain that forwards email
outside the toaster.

Best,
Peter

On Wed, Jan 4, 2023 at 11:08 PM Andreas  wrote:

> Hi Peter,
>
> Did you do that for every domain separatly or once just for the server?
>
> Andreas
>
> Am 04.01.23 um 18:18 schrieb Peter Peltonen:
>
> Okay I tested this setup and it seems to work, mail gets through and I get
> spf=pass for it in Gmail.
>
> The only difference to the procedure I posted earlier were:
>
> - needed to add srs.xyz.com to morercpthosts and not to rcpthosts as I
> have more than 50 domains hosted
> - at the end I ran qmailctl cdb and qmailctl restart, not sure if needed
>
> Best,
> Peter
>
>
>
> On Tue, Jan 3, 2023 at 11:22 AM Peter Peltonen 
> wrote:
>
>> Googling "srs qmailtoaster" gave me this link:
>>
>>
>> http://wiki.qmailtoaster.net/index.php/Configuring_SRS_on_Toaster_1.03-1.3.13%2B
>>
>> which does not work, it seems qmailtoaster.com should be used instead of
>> .net
>>
>> Okay now we have the instructions I guess I could try to test it, I have
>> a spare registered domain I could test with. Does this sound ok procedure:
>>
>>
>>- setup domain xyz.com with SPF with hard fail (-all) and the toaster
>>as the MX
>>- send email from xyz.com to GMail through our toaster: should pass ok
>>- setup forwarding from xyz.com to GMail
>>- send email to xyz.com: should fail because GMail does not accept
>>- setup SRS at toaster:
>>
>>
>>1. create NS record for domain srs.xyz.com with MX pointing to our
>>toaster
>>2. echo srs.xyz.com > /var/qmail/control/srs_domain
>>3. mkpasswd -l 32 > /var/qmail/control/srs_secrets
>>4. mkpasswd -l 32 >> /var/qmail/control/srs_secrets
>>5. (repeat mkpasswd as many times you need, not sure how many is
>>really needed?)
>>6. echo 7 > /var/qmail/control/srs_maxage
>>7. echo 8 > /var/qmail/control/srs_hashlength
>>8. qmailctl restart
>>9. echo srs.xyz.com >> /var/qmail/control/rcpthosts
>>10. echo srs.xyz.com:srs >> /var/qmail/control/virtualdomains
>>11. echo "| /var/qmail/bin/srsfilter" >
>>/var/qmail/alias/.qmail-srs-default
>>(ownershp of other alias files on my server are user alias group
>>nofiles, so probably this should be changed to the same?)
>>
>>
>>- send email to xyz.com: should pass ok
>>
>>
>> What do you think Angus?
>>
>> Best,
>> Peter
>>
>>
>> On Mon, Jan 2, 2023 at 7:52 PM Angus McIntyre  wrote:
>>
>>>
>>>
>>> Peter Peltonen wrote on 1/2/23 11:57 AM:
>>> > Some of my toaster users have their email forwarded to Gmail ... Some
>>> > googling around tells me that SRS could be the solution for this
>>> > problem.
>>> >
>>> > There is info on this at Qmailtoaster Wiki, but the site seems to be
>>> > somehow broken.
>>>
>>> Which page are you looking at, and in what way does it seem broken?
>>>
>>>
>>>
>>> http://wiki.qmailtoaster.com/index.php/Configuring_SRS_on_Toaster_1.03-1.3.13%2B
>>>
>>> currently loads fine for me, and looks as if it has good information.
>>>
>>> I should stress that I haven't tried this yet. I didn't know about SRS
>>> until you posted this (thank you!) but I'm having the same issue as you
>>> and it sounds as if this might be just what I need.
>>>
>>> Would anyone who's actually implemented this care to comment?
>>>
>>> Angus
>>>
>>>
>>> -
>>> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
>>> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
>>>
>>>
>

Re: [qmailtoaster] forwarding to gmail address fails because of hard spf check

[Philip Nix Guru]

Hello

when you manually add a  domain to morercpthosts

simply run /var/qmail/bin/qmail-newmrh

If you use graylisting you can add this :

mkdir /var/spamdyke/graylist/domain_name
chown -R vpopmail:vchkpw  /var/spamdyke/graylist/domain_name

Regards

-P



On 1/4/23 22:06, Andreas wrote:
No, no need to rebuild cdb nor restart the server when adding domains 
or aliasdomains

at least when you add them through ~vpopmail/bin/adddomain  ...


Andreas

Am 04.01.23 um 18:38 schrieb Peter Peltonen:

Thanks Jeff for the info.

Do you know if qmailctl cdb / restart is needed when adding info to 
rcpthosts, morercpthosts or virtualdomains?


Best,
Peter

On Wed, Jan 4, 2023 at 7:24 PM Jeff Koch  
wrote:


Peter - I don't think it matters whether the domain is added to
rcpthosts or morercpthosts - the toaster will generally add
additional domains to morercpthosts but it should work fine
either way.

Jeff

On 1/4/2023 12:18 PM, Peter Peltonen wrote:

Okay I tested this setup and it seems to work, mail gets through
and I get spf=pass for it in Gmail.

The only difference to the procedure I posted earlier were:

- needed to add srs.xyz.com  to
morercpthosts and not to rcpthosts as I have more than 50
domains hosted
- at the end I ran qmailctl cdb and qmailctl restart, not sure
if needed

Best,
Peter



On Tue, Jan 3, 2023 at 11:22 AM Peter Peltonen
 wrote:

Googling "srs qmailtoaster" gave me this link:


http://wiki.qmailtoaster.net/index.php/Configuring_SRS_on_Toaster_1.03-1.3.13%2B

which does not work, it seems qmailtoaster.com
 should be used instead of .net

Okay now we have the instructions I guess I could try to
test it, I have a spare registered domain I could test with.
Does this sound ok procedure:

  * setup domain xyz.com  with SPF with hard
fail (-all) and the toaster as the MX
  * send email from xyz.com  to GMail
through our toaster: should pass ok
  * setup forwarding from xyz.com  to GMail
  * send email to xyz.com : should fail
because GMail does not accept
  * setup SRS at toaster:

 1. create NS record for domain srs.xyz.com
 with MX pointing to our toaster
 2. echo srs.xyz.com  >
/var/qmail/control/srs_domain
 3. mkpasswd -l 32 > /var/qmail/control/srs_secrets
 4. mkpasswd -l 32 >> /var/qmail/control/srs_secrets
 5. (repeat mkpasswd as many times you need, not sure how
many is really needed?)
 6. echo 7 > /var/qmail/control/srs_maxage
 7. echo 8 > /var/qmail/control/srs_hashlength
 8. qmailctl restart
 9. echo srs.xyz.com  >>
/var/qmail/control/rcpthosts
10. echo srs.xyz.com:srs >> /var/qmail/control/virtualdomains
11. echo "| /var/qmail/bin/srsfilter" >
/var/qmail/alias/.qmail-srs-default
(ownershp of other alias files on my server are user
alias group nofiles, so probably this should be changed
to the same?)

  * send email to xyz.com : should pass ok


What do you think Angus?

Best,
Peter


On Mon, Jan 2, 2023 at 7:52 PM Angus McIntyre
 wrote:



Peter Peltonen wrote on 1/2/23 11:57 AM:
> Some of my toaster users have their email forwarded to
Gmail ... Some
> googling around tells me that SRS could be the
solution for this
> problem.
>
> There is info on this at Qmailtoaster Wiki, but the
site seems to be
> somehow broken.

Which page are you looking at, and in what way does it
seem broken?



http://wiki.qmailtoaster.com/index.php/Configuring_SRS_on_Toaster_1.03-1.3.13%2B

currently loads fine for me, and looks as if it has good
information.

I should stress that I haven't tried this yet. I didn't
know about SRS
until you posted this (thank you!) but I'm having the
same issue as you
and it sounds as if this might be just what I need.

Would anyone who's actually implemented this care to
comment?

Angus



-
To unsubscribe, e-mail:
qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail:
qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] forwarding to gmail address fails because of hard spf check

[Andreas]

Hi Peter,

Did you do that for every domain separatly or once just for the server?

Andreas

Am 04.01.23 um 18:18 schrieb Peter Peltonen:
Okay I tested this setup and it seems to work, mail gets through and I 
get spf=pass for it in Gmail.


The only difference to the procedure I posted earlier were:

- needed to add srs.xyz.com  to morercpthosts and 
not to rcpthosts as I have more than 50 domains hosted

- at the end I ran qmailctl cdb and qmailctl restart, not sure if needed

Best,
Peter



On Tue, Jan 3, 2023 at 11:22 AM Peter Peltonen 
 wrote:


Googling "srs qmailtoaster" gave me this link:


http://wiki.qmailtoaster.net/index.php/Configuring_SRS_on_Toaster_1.03-1.3.13%2B

which does not work, it seems qmailtoaster.com
 should be used instead of .net

Okay now we have the instructions I guess I could try to test it,
I have a spare registered domain I could test with. Does this
sound ok procedure:

  * setup domain xyz.com  with SPF with hard fail
(-all) and the toaster as the MX
  * send email from xyz.com  to GMail through our
toaster: should pass ok
  * setup forwarding from xyz.com  to GMail
  * send email to xyz.com : should fail because
GMail does not accept
  * setup SRS at toaster:

 1. create NS record for domain srs.xyz.com 
with MX pointing to our toaster
 2. echo srs.xyz.com  >
/var/qmail/control/srs_domain
 3. mkpasswd -l 32 > /var/qmail/control/srs_secrets
 4. mkpasswd -l 32 >> /var/qmail/control/srs_secrets
 5. (repeat mkpasswd as many times you need, not sure how many is
really needed?)
 6. echo 7 > /var/qmail/control/srs_maxage
 7. echo 8 > /var/qmail/control/srs_hashlength
 8. qmailctl restart
 9. echo srs.xyz.com  >>
/var/qmail/control/rcpthosts
10. echo srs.xyz.com:srs >> /var/qmail/control/virtualdomains
11. echo "| /var/qmail/bin/srsfilter" >
/var/qmail/alias/.qmail-srs-default
(ownershp of other alias files on my server are user alias
group nofiles, so probably this should be changed to the same?)

  * send email to xyz.com : should pass ok


What do you think Angus?

Best,
Peter


On Mon, Jan 2, 2023 at 7:52 PM Angus McIntyre  wrote:



Peter Peltonen wrote on 1/2/23 11:57 AM:
> Some of my toaster users have their email forwarded to Gmail
... Some
> googling around tells me that SRS could be the solution for
this
> problem.
>
> There is info on this at Qmailtoaster Wiki, but the site
seems to be
> somehow broken.

Which page are you looking at, and in what way does it seem
broken?



http://wiki.qmailtoaster.com/index.php/Configuring_SRS_on_Toaster_1.03-1.3.13%2B

currently loads fine for me, and looks as if it has good
information.

I should stress that I haven't tried this yet. I didn't know
about SRS
until you posted this (thank you!) but I'm having the same
issue as you
and it sounds as if this might be just what I need.

Would anyone who's actually implemented this care to comment?

Angus


-
To unsubscribe, e-mail:
qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail:
qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] forwarding to gmail address fails because of hard spf check

[Andreas]

No, no need to rebuild cdb nor restart the server when adding domains or 
aliasdomains

at least when you add them through ~vpopmail/bin/adddomain  ...


Andreas

Am 04.01.23 um 18:38 schrieb Peter Peltonen:

Thanks Jeff for the info.

Do you know if qmailctl cdb / restart is needed when adding info to 
rcpthosts, morercpthosts or virtualdomains?


Best,
Peter

On Wed, Jan 4, 2023 at 7:24 PM Jeff Koch  
wrote:


Peter - I don't think it matters whether the domain is added to
rcpthosts or morercpthosts - the toaster will generally add
additional domains to morercpthosts but it should work fine either
way.

Jeff

On 1/4/2023 12:18 PM, Peter Peltonen wrote:

Okay I tested this setup and it seems to work, mail gets through
and I get spf=pass for it in Gmail.

The only difference to the procedure I posted earlier were:

- needed to add srs.xyz.com  to
morercpthosts and not to rcpthosts as I have more than 50 domains
hosted
- at the end I ran qmailctl cdb and qmailctl restart, not sure if
needed

Best,
Peter



On Tue, Jan 3, 2023 at 11:22 AM Peter Peltonen
 wrote:

Googling "srs qmailtoaster" gave me this link:


http://wiki.qmailtoaster.net/index.php/Configuring_SRS_on_Toaster_1.03-1.3.13%2B

which does not work, it seems qmailtoaster.com
 should be used instead of .net

Okay now we have the instructions I guess I could try to test
it, I have a spare registered domain I could test with. Does
this sound ok procedure:

  * setup domain xyz.com  with SPF with hard
fail (-all) and the toaster as the MX
  * send email from xyz.com  to GMail through
our toaster: should pass ok
  * setup forwarding from xyz.com  to GMail
  * send email to xyz.com : should fail
because GMail does not accept
  * setup SRS at toaster:

 1. create NS record for domain srs.xyz.com
 with MX pointing to our toaster
 2. echo srs.xyz.com  >
/var/qmail/control/srs_domain
 3. mkpasswd -l 32 > /var/qmail/control/srs_secrets
 4. mkpasswd -l 32 >> /var/qmail/control/srs_secrets
 5. (repeat mkpasswd as many times you need, not sure how
many is really needed?)
 6. echo 7 > /var/qmail/control/srs_maxage
 7. echo 8 > /var/qmail/control/srs_hashlength
 8. qmailctl restart
 9. echo srs.xyz.com  >>
/var/qmail/control/rcpthosts
10. echo srs.xyz.com:srs >> /var/qmail/control/virtualdomains
11. echo "| /var/qmail/bin/srsfilter" >
/var/qmail/alias/.qmail-srs-default
(ownershp of other alias files on my server are user
alias group nofiles, so probably this should be changed
to the same?)

  * send email to xyz.com : should pass ok


What do you think Angus?

Best,
Peter


On Mon, Jan 2, 2023 at 7:52 PM Angus McIntyre
 wrote:



Peter Peltonen wrote on 1/2/23 11:57 AM:
> Some of my toaster users have their email forwarded to
Gmail ... Some
> googling around tells me that SRS could be the solution
for this
> problem.
>
> There is info on this at Qmailtoaster Wiki, but the
site seems to be
> somehow broken.

Which page are you looking at, and in what way does it
seem broken?



http://wiki.qmailtoaster.com/index.php/Configuring_SRS_on_Toaster_1.03-1.3.13%2B

currently loads fine for me, and looks as if it has good
information.

I should stress that I haven't tried this yet. I didn't
know about SRS
until you posted this (thank you!) but I'm having the
same issue as you
and it sounds as if this might be just what I need.

Would anyone who's actually implemented this care to comment?

Angus



-
To unsubscribe, e-mail:
qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail:
qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] forwarding to gmail address fails because of hard spf check

[Peter Peltonen]

Thanks Jeff for the info.

Do you know if qmailctl cdb / restart is needed when adding info to
rcpthosts, morercpthosts or virtualdomains?

Best,
Peter

On Wed, Jan 4, 2023 at 7:24 PM Jeff Koch  wrote:

> Peter - I don't think it matters whether the domain is added to rcpthosts
> or morercpthosts - the toaster will generally add additional domains to
> morercpthosts but it should work fine either way.
>
> Jeff
>
> On 1/4/2023 12:18 PM, Peter Peltonen wrote:
>
> Okay I tested this setup and it seems to work, mail gets through and I get
> spf=pass for it in Gmail.
>
> The only difference to the procedure I posted earlier were:
>
> - needed to add srs.xyz.com to morercpthosts and not to rcpthosts as I
> have more than 50 domains hosted
> - at the end I ran qmailctl cdb and qmailctl restart, not sure if needed
>
> Best,
> Peter
>
>
>
> On Tue, Jan 3, 2023 at 11:22 AM Peter Peltonen 
> wrote:
>
>> Googling "srs qmailtoaster" gave me this link:
>>
>>
>> http://wiki.qmailtoaster.net/index.php/Configuring_SRS_on_Toaster_1.03-1.3.13%2B
>>
>> which does not work, it seems qmailtoaster.com should be used instead of
>> .net
>>
>> Okay now we have the instructions I guess I could try to test it, I have
>> a spare registered domain I could test with. Does this sound ok procedure:
>>
>>
>>- setup domain xyz.com with SPF with hard fail (-all) and the toaster
>>as the MX
>>- send email from xyz.com to GMail through our toaster: should pass ok
>>- setup forwarding from xyz.com to GMail
>>- send email to xyz.com: should fail because GMail does not accept
>>- setup SRS at toaster:
>>
>>
>>1. create NS record for domain srs.xyz.com with MX pointing to our
>>toaster
>>2. echo srs.xyz.com > /var/qmail/control/srs_domain
>>3. mkpasswd -l 32 > /var/qmail/control/srs_secrets
>>4. mkpasswd -l 32 >> /var/qmail/control/srs_secrets
>>5. (repeat mkpasswd as many times you need, not sure how many is
>>really needed?)
>>6. echo 7 > /var/qmail/control/srs_maxage
>>7. echo 8 > /var/qmail/control/srs_hashlength
>>8. qmailctl restart
>>9. echo srs.xyz.com >> /var/qmail/control/rcpthosts
>>10. echo srs.xyz.com:srs >> /var/qmail/control/virtualdomains
>>11. echo "| /var/qmail/bin/srsfilter" >
>>/var/qmail/alias/.qmail-srs-default
>>(ownershp of other alias files on my server are user alias group
>>nofiles, so probably this should be changed to the same?)
>>
>>
>>- send email to xyz.com: should pass ok
>>
>>
>> What do you think Angus?
>>
>> Best,
>> Peter
>>
>>
>> On Mon, Jan 2, 2023 at 7:52 PM Angus McIntyre  wrote:
>>
>>>
>>>
>>> Peter Peltonen wrote on 1/2/23 11:57 AM:
>>> > Some of my toaster users have their email forwarded to Gmail ... Some
>>> > googling around tells me that SRS could be the solution for this
>>> > problem.
>>> >
>>> > There is info on this at Qmailtoaster Wiki, but the site seems to be
>>> > somehow broken.
>>>
>>> Which page are you looking at, and in what way does it seem broken?
>>>
>>>
>>>
>>> http://wiki.qmailtoaster.com/index.php/Configuring_SRS_on_Toaster_1.03-1.3.13%2B
>>>
>>> currently loads fine for me, and looks as if it has good information.
>>>
>>> I should stress that I haven't tried this yet. I didn't know about SRS
>>> until you posted this (thank you!) but I'm having the same issue as you
>>> and it sounds as if this might be just what I need.
>>>
>>> Would anyone who's actually implemented this care to comment?
>>>
>>> Angus
>>>
>>>
>>> -
>>> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
>>> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
>>>
>>>
>

Re: [qmailtoaster] forwarding to gmail address fails because of hard spf check

[Jaime Lerner]

Thank you for testing this! I am going to try it also. 

On 2023-01-04 12:18 pm, Peter Peltonen wrote:

> Okay I tested this setup and it seems to work, mail gets through and I get 
> spf=pass for it in Gmail.  
> 
> The only difference to the procedure I posted earlier were: 
> 
> - needed to add srs.xyz.com [1] to morercpthosts and not to rcpthosts as I 
> have more than 50 domains hosted 
> - at the end I ran qmailctl cdb and qmailctl restart, not sure if needed 
> 
> Best, 
> Peter 
> 
> On Tue, Jan 3, 2023 at 11:22 AM Peter Peltonen  
> wrote: 
> Googling "srs qmailtoaster" gave me this link: 
> 
> http://wiki.qmailtoaster.net/index.php/Configuring_SRS_on_Toaster_1.03-1.3.13%2B
>  
> 
> which does not work, it seems qmailtoaster.com [2] should be used instead of 
> .net 
> 
> Okay now we have the instructions I guess I could try to test it, I have a 
> spare registered domain I could test with. Does this sound ok procedure:  
> 
> * setup domain xyz.com [3] with SPF with hard fail (-all) and the toaster as 
> the MX
> * send email from xyz.com [3] to GMail through our toaster: should pass ok
> * setup forwarding from xyz.com [3] to GMail
> * send email to xyz.com [3]: should fail because GMail does not accept
> * setup SRS at toaster:
> 
> * create NS record for domain srs.xyz.com [4] with MX pointing to our toaster
> * echo srs.xyz.com [4] > /var/qmail/control/srs_domain
> * mkpasswd -l 32 > /var/qmail/control/srs_secrets
> * mkpasswd -l 32 >> /var/qmail/control/srs_secrets
> * (repeat mkpasswd as many times you need, not sure how many is really 
> needed?)
> * echo 7 > /var/qmail/control/srs_maxage
> * echo 8 > /var/qmail/control/srs_hashlength
> * qmailctl restart
> * echo srs.xyz.com [4] >> /var/qmail/control/rcpthosts
> * echo srs.xyz.com:srs >> /var/qmail/control/virtualdomains
> 
> * echo "| /var/qmail/bin/srsfilter" > /var/qmail/alias/.qmail-srs-default
> (ownershp of other alias files on my server are user alias group nofiles, so 
> probably this should be changed to the same?) 
> 
> * send email to xyz.com [3]: should pass ok
> 
> What do you think Angus? 
> 
> Best, 
> Peter 
> 
> On Mon, Jan 2, 2023 at 7:52 PM Angus McIntyre  wrote: 
> 
> Peter Peltonen wrote on 1/2/23 11:57 AM:
>> Some of my toaster users have their email forwarded to Gmail ... Some
>> googling around tells me that SRS could be the solution for this 
>> problem.
>> 
>> There is info on this at Qmailtoaster Wiki, but the site seems to be 
>> somehow broken.
> 
> Which page are you looking at, and in what way does it seem broken?
> 
> http://wiki.qmailtoaster.com/index.php/Configuring_SRS_on_Toaster_1.03-1.3.13%2B
> 
> currently loads fine for me, and looks as if it has good information.
> 
> I should stress that I haven't tried this yet. I didn't know about SRS
> until you posted this (thank you!) but I'm having the same issue as you
> and it sounds as if this might be just what I need.
> 
> Would anyone who's actually implemented this care to comment?
> 
> Angus
> 
> -
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
 

Links:
--
[1] http://srs.xyz.com/
[2] http://qmailtoaster.com
[3] http://xyz.com
[4] http://srs.xyz.com

Re: [qmailtoaster] forwarding to gmail address fails because of hard spf check

[Jeff Koch]

Peter - I don't think it matters whether the domain is added to 
rcpthosts or morercpthosts - the toaster will generally add additional 
domains to morercpthosts but it should work fine either way.


Jeff

On 1/4/2023 12:18 PM, Peter Peltonen wrote:
Okay I tested this setup and it seems to work, mail gets through and I 
get spf=pass for it in Gmail.


The only difference to the procedure I posted earlier were:

- needed to add srs.xyz.com  to morercpthosts and 
not to rcpthosts as I have more than 50 domains hosted

- at the end I ran qmailctl cdb and qmailctl restart, not sure if needed

Best,
Peter



On Tue, Jan 3, 2023 at 11:22 AM Peter Peltonen 
 wrote:


Googling "srs qmailtoaster" gave me this link:


http://wiki.qmailtoaster.net/index.php/Configuring_SRS_on_Toaster_1.03-1.3.13%2B

which does not work, it seems qmailtoaster.com
 should be used instead of .net

Okay now we have the instructions I guess I could try to test it,
I have a spare registered domain I could test with. Does this
sound ok procedure:

  * setup domain xyz.com  with SPF with hard fail
(-all) and the toaster as the MX
  * send email from xyz.com  to GMail through our
toaster: should pass ok
  * setup forwarding from xyz.com  to GMail
  * send email to xyz.com : should fail because
GMail does not accept
  * setup SRS at toaster:

 1. create NS record for domain srs.xyz.com 
with MX pointing to our toaster
 2. echo srs.xyz.com  >
/var/qmail/control/srs_domain
 3. mkpasswd -l 32 > /var/qmail/control/srs_secrets
 4. mkpasswd -l 32 >> /var/qmail/control/srs_secrets
 5. (repeat mkpasswd as many times you need, not sure how many is
really needed?)
 6. echo 7 > /var/qmail/control/srs_maxage
 7. echo 8 > /var/qmail/control/srs_hashlength
 8. qmailctl restart
 9. echo srs.xyz.com  >>
/var/qmail/control/rcpthosts
10. echo srs.xyz.com:srs >> /var/qmail/control/virtualdomains
11. echo "| /var/qmail/bin/srsfilter" >
/var/qmail/alias/.qmail-srs-default
(ownershp of other alias files on my server are user alias
group nofiles, so probably this should be changed to the same?)

  * send email to xyz.com : should pass ok


What do you think Angus?

Best,
Peter


On Mon, Jan 2, 2023 at 7:52 PM Angus McIntyre  wrote:



Peter Peltonen wrote on 1/2/23 11:57 AM:
> Some of my toaster users have their email forwarded to Gmail
... Some
> googling around tells me that SRS could be the solution for
this
> problem.
>
> There is info on this at Qmailtoaster Wiki, but the site
seems to be
> somehow broken.

Which page are you looking at, and in what way does it seem
broken?



http://wiki.qmailtoaster.com/index.php/Configuring_SRS_on_Toaster_1.03-1.3.13%2B

currently loads fine for me, and looks as if it has good
information.

I should stress that I haven't tried this yet. I didn't know
about SRS
until you posted this (thank you!) but I'm having the same
issue as you
and it sounds as if this might be just what I need.

Would anyone who's actually implemented this care to comment?

Angus


-
To unsubscribe, e-mail:
qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail:
qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] forwarding to gmail address fails because of hard spf check

[Peter Peltonen]

Okay I tested this setup and it seems to work, mail gets through and I get
spf=pass for it in Gmail.

The only difference to the procedure I posted earlier were:

- needed to add srs.xyz.com to morercpthosts and not to rcpthosts as I have
more than 50 domains hosted
- at the end I ran qmailctl cdb and qmailctl restart, not sure if needed

Best,
Peter



On Tue, Jan 3, 2023 at 11:22 AM Peter Peltonen 
wrote:

> Googling "srs qmailtoaster" gave me this link:
>
>
> http://wiki.qmailtoaster.net/index.php/Configuring_SRS_on_Toaster_1.03-1.3.13%2B
>
> which does not work, it seems qmailtoaster.com should be used instead of
> .net
>
> Okay now we have the instructions I guess I could try to test it, I have a
> spare registered domain I could test with. Does this sound ok procedure:
>
>
>- setup domain xyz.com with SPF with hard fail (-all) and the toaster
>as the MX
>- send email from xyz.com to GMail through our toaster: should pass ok
>- setup forwarding from xyz.com to GMail
>- send email to xyz.com: should fail because GMail does not accept
>- setup SRS at toaster:
>
>
>1. create NS record for domain srs.xyz.com with MX pointing to our
>toaster
>2. echo srs.xyz.com > /var/qmail/control/srs_domain
>3. mkpasswd -l 32 > /var/qmail/control/srs_secrets
>4. mkpasswd -l 32 >> /var/qmail/control/srs_secrets
>5. (repeat mkpasswd as many times you need, not sure how many is
>really needed?)
>6. echo 7 > /var/qmail/control/srs_maxage
>7. echo 8 > /var/qmail/control/srs_hashlength
>8. qmailctl restart
>9. echo srs.xyz.com >> /var/qmail/control/rcpthosts
>10. echo srs.xyz.com:srs >> /var/qmail/control/virtualdomains
>11. echo "| /var/qmail/bin/srsfilter" >
>/var/qmail/alias/.qmail-srs-default
>(ownershp of other alias files on my server are user alias group
>nofiles, so probably this should be changed to the same?)
>
>
>- send email to xyz.com: should pass ok
>
>
> What do you think Angus?
>
> Best,
> Peter
>
>
> On Mon, Jan 2, 2023 at 7:52 PM Angus McIntyre  wrote:
>
>>
>>
>> Peter Peltonen wrote on 1/2/23 11:57 AM:
>> > Some of my toaster users have their email forwarded to Gmail ... Some
>> > googling around tells me that SRS could be the solution for this
>> > problem.
>> >
>> > There is info on this at Qmailtoaster Wiki, but the site seems to be
>> > somehow broken.
>>
>> Which page are you looking at, and in what way does it seem broken?
>>
>>
>>
>> http://wiki.qmailtoaster.com/index.php/Configuring_SRS_on_Toaster_1.03-1.3.13%2B
>>
>> currently loads fine for me, and looks as if it has good information.
>>
>> I should stress that I haven't tried this yet. I didn't know about SRS
>> until you posted this (thank you!) but I'm having the same issue as you
>> and it sounds as if this might be just what I need.
>>
>> Would anyone who's actually implemented this care to comment?
>>
>> Angus
>>
>>
>> -
>> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
>> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
>>
>>

Re: [qmailtoaster] forwarding to gmail address fails because of hard spf check

[Peter Peltonen]

Googling "srs qmailtoaster" gave me this link:

http://wiki.qmailtoaster.net/index.php/Configuring_SRS_on_Toaster_1.03-1.3.13%2B

which does not work, it seems qmailtoaster.com should be used instead of
.net

Okay now we have the instructions I guess I could try to test it, I have a
spare registered domain I could test with. Does this sound ok procedure:


   - setup domain xyz.com with SPF with hard fail (-all) and the toaster as
   the MX
   - send email from xyz.com to GMail through our toaster: should pass ok
   - setup forwarding from xyz.com to GMail
   - send email to xyz.com: should fail because GMail does not accept
   - setup SRS at toaster:


   1. create NS record for domain srs.xyz.com with MX pointing to our
   toaster
   2. echo srs.xyz.com > /var/qmail/control/srs_domain
   3. mkpasswd -l 32 > /var/qmail/control/srs_secrets
   4. mkpasswd -l 32 >> /var/qmail/control/srs_secrets
   5. (repeat mkpasswd as many times you need, not sure how many is really
   needed?)
   6. echo 7 > /var/qmail/control/srs_maxage
   7. echo 8 > /var/qmail/control/srs_hashlength
   8. qmailctl restart
   9. echo srs.xyz.com >> /var/qmail/control/rcpthosts
   10. echo srs.xyz.com:srs >> /var/qmail/control/virtualdomains
   11. echo "| /var/qmail/bin/srsfilter" >
   /var/qmail/alias/.qmail-srs-default
   (ownershp of other alias files on my server are user alias group
   nofiles, so probably this should be changed to the same?)


   - send email to xyz.com: should pass ok


What do you think Angus?

Best,
Peter


On Mon, Jan 2, 2023 at 7:52 PM Angus McIntyre  wrote:

>
>
> Peter Peltonen wrote on 1/2/23 11:57 AM:
> > Some of my toaster users have their email forwarded to Gmail ... Some
> > googling around tells me that SRS could be the solution for this
> > problem.
> >
> > There is info on this at Qmailtoaster Wiki, but the site seems to be
> > somehow broken.
>
> Which page are you looking at, and in what way does it seem broken?
>
>
>
> http://wiki.qmailtoaster.com/index.php/Configuring_SRS_on_Toaster_1.03-1.3.13%2B
>
> currently loads fine for me, and looks as if it has good information.
>
> I should stress that I haven't tried this yet. I didn't know about SRS
> until you posted this (thank you!) but I'm having the same issue as you
> and it sounds as if this might be just what I need.
>
> Would anyone who's actually implemented this care to comment?
>
> Angus
>
>
> -
> To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
> For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
>
>

Re: [qmailtoaster] forwarding to gmail address fails because of hard spf check

[xaf]

Peter Peltonen a écrit le 02/01/2023 à 17:57 :
> Some of my toaster users have their email forwarded to Gmail.
>
> Earlier this has worked fine, but now there have a been a couple of following 
> cases:
>
> 1) user from external domain abc.com  with hard SPF fail 
> policy sends an email to xyz.com  that is hosted on my toaster
>
> 2) my toaster tries forward the email to gmail but fails: Gmail complains 
> with 550-5.7.26 that the sending domain abc.com  fails the 
> hard SPF check
>
> Some googling around tells me that SRS could be the solution for this problem.
>
> There is info on this at Qmailtoaster Wiki, but the site seems to be somehow 
> broken. 
>
> All pointers how to move forward from here are welcome.
>
> Best,
> Peter

Did not tried SRS yet,
but add in a dot qmail file
|NEWSENDER=$RECIPIENT /var/qmail/bin/forward "x...@yyy.com"
that will do the trick.

xaf


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com

Re: [qmailtoaster] forwarding to gmail address fails because of hard spf check

[Angus McIntyre]

Peter Peltonen wrote on 1/2/23 11:57 AM:
> Some of my toaster users have their email forwarded to Gmail ... Some
> googling around tells me that SRS could be the solution for this 
> problem.
> 
> There is info on this at Qmailtoaster Wiki, but the site seems to be 
> somehow broken.

Which page are you looking at, and in what way does it seem broken?


http://wiki.qmailtoaster.com/index.php/Configuring_SRS_on_Toaster_1.03-1.3.13%2B

currently loads fine for me, and looks as if it has good information.

I should stress that I haven't tried this yet. I didn't know about SRS
until you posted this (thank you!) but I'm having the same issue as you
and it sounds as if this might be just what I need.

Would anyone who's actually implemented this care to comment?

Angus


-
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com