Network and recognition

Dear guys, hi!

Could you please be kind advising me on some network related questions? :)

  1. I have Multiple domain on single IPv4 address. My idea is to set up my host identification not as a single FQDM that is set in HOSTNAME file in /etc but to be dynamically changing, for mail headers. For example, when I refer to a smtp to send mail on smtp.example1.com, on ip 1.1.1.1 I would want in email header Postfix set: Received: from host.example1.com (host.example1.com. [1.1.1.1]) When I refer to smtp.example2.com, then I wish the following could appear: Received: from host.example2.com (host.example2.com. [1.1.1.1]) All host.example1.com, host.example2.com and etc are having reversed zone setup. If you try them then you see that it's resolve to 1.1.1.1. I and rDNS when you enter 1.1.1.1 is resolved to only one main FQDM. In case Postfix sets the settings above it would be possible - then my question is how to do it? If it's simply done with recipients' server by sending rDNS check then I suppose there is not much I could do? Besides I have IPs 1.1.1.5, 1.1.1.6 and so on - is there a way for my Postfix use them in header as they are rDNS resolved to host.example5.com, host.example6.com respectively? Why Postfix tends to use my only 1.1.1.1 (Virtualmin's shared address) what about the one I just mentioned above (1.1.1.5, 1.1.1.6)?

  2. What is short name in /etc/hosts ? For example, 1.1.1.1 superhost5.example1.com SuperHost - that last SuperHost is said to be a short name? Where does it appear? I tried applying network configuration with so called short name and didn't notice any difference?

  3. Before GMail identified my IP as ipv6 now as I change something (I suppose after I don't setup free IPv6 addresses) it only shows ip4v? How does it work?

Sincerely, Ilia

Status: 
Active

Comments

Howdy -- the version of Postfix that ships with CentOS doesn't support what you're requesting.

Email goes out via the primary IP address on the server -- and the name that gets put into the headers is put there by the remote server... the name it puts in is the name it gets from the reverse DNS lookup of your primary IP address.

The short name listed in /etc/hosts is just an alias for the full name. That's only used on the local server, that's not seen elsewhere.

Regarding Gmail -- I'm not familiar with how their service detects one type of IP address or another. It's also possible that could be related to a change at your provider, or even with how Gmail performs that detection.

Ilia's picture
Submitted by Ilia on Mon, 05/27/2013 - 15:52

Your post made me really upset, Andrey!! And I started searching!! :D

After 3 hours of searching I have found out about that Postfix has beautiful smtp_bind_address function that could be parsed with regexp depending on the email address that is used as part of domain (domain.tld) when connecting to smtp.

Solution is not very hard but absolutely not documented.

Now if I send mail with domain1.com in the headers I have the correct IP address, fuly corresponding with the domain IP in BIND and host changes to the proper entry depending on the domain, where the mail sent from used when connection to SMTP!

What does it also do and what is MOST important? It gives you correct mapping for SPF records when you always get pass on your mail check, so your mail would never go to spam!!

Here is what GMail says now in headers:

Authentication-Results: mx.google.com;
       spf=pass (google.com: domain of administrator@domain.tld designates 1.2.3.4 as permitted sender) smtp.mail=administrator@domain.tld;
       dkim=pass header.i=@domain.tld

Please make this the part of Webmin easy setup and Webmin will rule even more!!

Please read more about it here, in case you need it, because it took 3 hours to find this article: http://www.kutukupret.com/2010/01/02/postfix-bind-sender-domain-to-dedic...

Best regards, Ilia

That article discusses how to setup the sender_dependent_default_transport_maps feature of Postfix.

Virtualmin does support that feature -- but sender_dependent_default_transport_maps is only available in Postfix 2.7, which doesn't ship with CentOS.

We never recommend using software from third party repositories, as we haven't tested it, we're unable to support it, and we frequently see problems with using non-default repositories.

However, details regarding Virtualmin's sender_dependent_default_transport_maps support is here:

https://www.virtualmin.com/documentation/email/dependent

Ilia's picture
Submitted by Ilia on Tue, 05/28/2013 - 06:42

Thank you, Andrey!

I have tried your solution and it doesn't work expected way - in headers nothing changes. Google SPF is neutral and not pass. I use my method.

I have last problem that I can't solve and may be you could advice me something!

When I connect via Thunderbird to my SMTP and send mail I have everything going as expected, in particular I'm talking about Message-ID string, which has corresponding domain name in it, example:

Message-ID: <51A487A6.7060208@DomainThatIsUsedInEmailAddress.com>

When I use Android mail I get this in Message-ID

Message-ID: <42cb4ce2-bfda-4bea-9386-b66a19c0703d@email.android.com>

When I use RoundCubeMail I have default domain with which I authenticate to IMAP/SMTP

Message-ID: <42cb4ce2-bfda-4bea-9386-b66a19c0703d@MyDefaultDomain.com>

Please help me to find out how to make it work just the RIGHT way, like Thunderbird!

Here is the log exmple:

1 thunderbird:

May 28 14:31:10 host postfix/smtpd[200519]: connect from unknown[10.10.10.2]
May 28 14:31:10 host postfix/smtpd[200519]: 9F159160060: client=unknown[10.10.10.2], sasl_method=PLAIN, sasl_username=MyDefaultDomain.ru
May 28 14:31:10 host postfix/cleanup[200523]: 9F159160060: message-id=<51A487A6.7060208@DomainThatIsUsedInEmailAddress.org>
May 28 14:31:10 host opendkim[186312]: 9F159160060: DKIM-Signature header added (s=default, d=DomainThatIsUsedInEmailAddress.org)
May 28 14:31:10 host postfix/qmgr[199737]: 9F159160060: from=<administrator@DomainThatIsUsedInEmailAddress.org>, size=645, nrcpt=1 (queue active)
May 28 14:31:10 host postfix/smtpd[200519]: disconnect from unknown[10.10.10.2]
May 28 14:31:11 host postfix-DomainThatIsUsedInEmailAddress.org/smtp[200708]: 9F159160060: to=<ilia@MyDefaultDomain.org>, relay=aspmx.l.google.com[173.194.71.26]:25, delay=0.78, delays=0.06/0/0.12/0.6, dsn=2.0.0, status=sent (250 2.0.0 OK 1369737128 e4si1742250lag.101 - gsmtp)
May 28 14:31:11 host postfix/qmgr[199737]: 9F159160060: removed

And Now Roundcubemail or Android mail which logs are the same in nature:

May 28 15:31:44 host postfix/smtpd[205991]: connect from host.MyDefaultDomain.ru[5.1.1.100]
May 28 15:31:44 host postfix/smtpd[205991]: 47398160060: client=host.MyDefaultDomain.ru[5.1.1.100], sasl_method=PLAIN, sasl_username=MyDefaultUserName.ru
May 28 15:31:44 host postfix/cleanup[205994]: 47398160060: message-id=<b7d4fc2a1aaf0983d5336b77cfe5fddb@MyDefaultUserName.ru>
May 28 15:31:44 host opendkim[186312]: 47398160060: DKIM-Signature header added (s=default, d=DomainThatIsUsedInEmailAddress.org)
May 28 15:31:44 host postfix/qmgr[204555]: 47398160060: from=<administrator@DomainThatIsUsedInEmailAddress.org>, size=646, nrcpt=1 (queue active)
May 28 15:31:44 host dovecot: imap-login: Login: user=<MyDefaultUserName.ru>, method=PLAIN, rip=2a00:ac10:c200:90:9030:a00a:ce0a:1e0f, lip=2a00:ac10:c200:90:9030:a00a:ce0a:1e0f, mpid=205997, TLS
May 28 15:31:44 host postfix/smtpd[205991]: disconnect from host.MyDefaultDomain.ru[5.1.1.100]

How to control Message-ID why is it different? How do I make it always be THunderbirdWay:

Message-ID: <51A487A6.7060208@DomainThatIsUsedInEmailAddress.com>

Thank a lot in advance for you help!!

Email clients typically generate their own Message-ID header, which is why they're often different.

Most email clients don't offer a way to change that.

We don't recommend trying to change the Message-ID header within Postfix, though it may be possible. But unfortunately we're not familiar with how to do that :-)

Ilia's picture
Submitted by Ilia on Tue, 05/28/2013 - 13:54

Oh, come on!! :)) If you SO knowledgeable guys, don't know it, then who knows??

I just get stuck with header_checks regular expressions, because the is the key place where you do it!! :D

I have manged to alter anything that is going after @ in message-id to my.dom but it's not what I exactly wanted, example of what I got so far:

/Message-ID:(.*)@(.*)>(.*)/ REPLACE Message-ID:$1@my.dom>$3

Now I'm trying to fetch field from that is in headers and grab the part that is after @, which is domain name.

Example of what I need in simple programming:

/From = $From

/Message-ID:(.*)@(.*)>(.*)/ REPLACE Message-ID:$1@$From>$3

So the message-id would look like:

Message-ID: <9c740906185e84e0848c1d056fdf92bd@domain.ltd> in case the sender is ilia@domain.ltd.

If I use other identity in my mail program, for example ilia@exampleDomain2.com., then the header would look like: Message-ID: <9c740906185e84e0848c1d056fdf92bd@exampleDomain2.com>

Please help me to finish it, I feel sick already! Jammie should know this in 1 minute? Could you please be kind asking? in case you're not in great relationships with regex ;)

Respectively, Ilia

Changing the message-id header can cause strange problems with email delivery, and isn't recommended.

Not only do we advise against it, but the question came up on the Postfix mailing list, and they advised against it :-)

That's not something we can assist with, but if you really want to look into how to change the message-id header, this Postfix mailing list discussion should be able to help:

http://thread.gmane.org/gmane.mail.postfix.user/223196/focus=223197

Ilia's picture
Submitted by Ilia on Tue, 05/28/2013 - 14:57

Message-ID is should not must!! :(

I feel going crazy over PCRE.

Easiest way is to /^Message-ID:/ IGNORE but it's not something I'd like to do.

Could you please provide me with more articles may be?

How to parse From field in headers_check?

P.S. Just found a bug over Networking module, will post it soon..

Unfortunately, how to change the message-id header isn't a Virtualmin question, and isn't something we'll be able to assist with.

However, you're welcome to post a question about that in the Forums.

A lot of experienced system administrators monitor the forums, and may be able to assist you with that.