Implement SPF:SRS

Hi all,

I forward my private-domain mail to my gmail using MiaB, which works great and setting up MiaB was supersimple, almost too simple :slight_smile:
Now I’m not sure if this is the right place for feature requests, but here goes!

One thing I noticed is that Gmails SPF-check fails for pretty much any sender, because, well, the mail IS coming from my MiaB and not directly from the senders smtp-servers :slight_smile:

Now I don’t know how Gmail implements anything, so SRS might not even help.
Either way, I would think that having the ability to forward emails should entail the implementation of the SRS-part of SPF, Sender Rewriting Scheme - http://www.openspf.org/SRS.
According to above link there is a lib for Postfix - http://www.libsrs2.org/.

I’m sure this won’t be implemented tomorrow, but as SPF and DMARC-implementations are getting more and more restrictive, I feel that this should at least be on a roadmap for MiaB.

Anyway, thanks for a great “product”, really just works out of the box :slight_smile:

Maybe someone has implemented SRS underneath MiaB already or have another idea?

Hey,

Thanks.

It’s been a while since I’ve thought about SRS. But I think that would be the responsibility of the mail forwarder, which in your cases is the Dovecot sieve process, which handles mail filter rules (e.g. when set in Roundcube).

We can probably fix this by setting

sieve_redirect_envelope_from = recipient

http://wiki2.dovecot.org/Pigeonhole/Sieve/Configuration

If I understand the docs, that’ll put a valid envelope address into the forwarded message.

Thanks for replying! :slight_smile:

I thought the aliases/forwarding was handled in postfix because virtual-alias-maps.cf.
I’ll have a look and try that setting, have to find the correct dovecot/sieve-config :slight_smile:

Edit:
added the setting to 90-sieve.conf but couldn’t see any difference in the mail-headers of my testmail. :confused:

Just found this from Gmail - https://support.google.com/mail/answer/175365
From what I understand, I guess for forwarding to gmail, SRS isn’t such a good idea? :confused:

I don’t know, SRS seems like an on/off feature, not an on-for-some off-for-others kind of thing. Even then, that would make MiaB more “advanced” and not very novice-friendly.

I’m also thinking that we might be talking about 2 different things. I set up an alias in MiaB that forwards to my gmail, so no emails actually stay on MiaB. I’m not having mail stored on MiaB and then have a forwarding (redirect in Roundcube-speak) rule in the webmail-client (Roundcube).

So, in a way, I’m utilizing postfix to relay(?) an alias, but then Roundcube redirects should be doing SRS, i guess?
As you might have noticed, I’m not super knowledgeable around mail/SMTP. I do know some, but far from all.

I do know that my MiaB-box is not an open relay anyway, thanks to pflogsumm which gives a great summary of blocks/rejects :slight_smile:

Ahhh with an alias, I see.

Anyway, interesting. If Google recommends not changing the envelope from, then that’s that.

1 Like

This topic was automatically closed after 61 days. New replies are no longer allowed.

@JoshData I have reopened this topic as things have certainly changed over the past 8 years.

Today it is not possible to forward emails to gmail WITHOUT implementing SRS unlike what you concluded in October 2016.

Can we consider implementing this so that we can forward from the admin area directly with an alias without needing to create a sieve rule in Roundcube, which seemingly fails more and more?

https://doc.dovecot.org/configuration_manual/sieve/configuring_auto_forward_sender_address/

Seconding this. I’ve struggled for years to get message forwarding working correctly and briefly toyed with setting up PostSRSd with essentially no success. The only thing I’ve been able to do to get forwarding to work is by making use of Postfix’s generic map, which, while functional, is certainly not easy for the average user to set up or keep functional.

Either the external alias forwarding should be updated to work correctly with SRS, or the functionality should be removed entirely.

I’m not sure what is being suggested exactly, but anything to fix SRS is welcome.