I have a VPS with MIAB in a free country. It has 2 domains added to it: main and alias. Everything is working fine.
But there is one country whose government is trying to block all data centers that don’t want to cooperate with it. So I want to configure a mail server relaying incoming mails to the domain alias inside this country. It should relay incoming emails to the MIAB. I only need incoming emails to the domain alias from there.
For this purpose I installed Postfix on a separate VPS with this configuration:
mynetworks = 127.0.0.0/8
myhostname = mx.aliasdomain.com
mydomain = aliasdomain.com
myorigin = $mydomain
mydestination = localhost
relay_domains = aliasdomain.com
transport_maps = hash:/etc/postfix/transport
inet_interfaces = all
inet_protocols = ipv4
smtpd_banner = $myhostname ESMTP
biff = no
smtpd_helo_required = yes
disable_vrfy_command = yes
smtpd_recipient_restrictions =
permit_mynetworks,
reject_unauth_destination
maillog_file = /var/log/mail.log
smtpd_use_tls = yes
smtpd_tls_cert_file = /etc/letsencrypt/live/mx.aliasdomain.com/fullchain.pem
smtpd_tls_key_file = /etc/letsencrypt/live/mx.aliasdomain.com/privkey.pem
/etc/postfix/transport:
aliasdomain.com smtp:[box.maindomain.com]
I also added its IP to mynetworks on MIAB. In the domain alias I changed the MX record, specifying the address of the second VPS (relay).
Emails sent to the domain alias come to MIAB, but end up in spam because the SPF check always fails.
How to solve this problem? Maybe I chose the wrong way to bypass mail blocking?