How use pfix-srsd with multiple domains?

Fruneau / pfixtools

The pfixtools project is a collection of postfix-related tools. The pfixtools are written in C.

Other

26 stars 7 forks source link

How use pfix-srsd with multiple domains? #6

Closed fluo75 closed 11 years ago

fluo75 commented 11 years ago

Bonjour ;)

Thanks for this great tool. Is it possible to use pfix-srsd with many domains? For example, set more than one domain in /etc/default/pfix-srsd?

Regards,

David

Fruneau commented 11 years ago

Hi,

Currently pfix-srsd supports only a single domain. However, you can launch several instances of the daemon and use postfix' transport rules in order to dispatch the encoding/decoding jobs to those instances.

fluo75 commented 11 years ago

Thanks/Merci Florent ;)

David

ingenium13 commented 10 years ago

Sorry to resurrect this old thread, but can you point me in the right direction for how to actually use the transport rules to do this? Thanks.

Fruneau commented 10 years ago

Hi,

I haven't build complex postfix configuration for a while now, so I'm afraid I cannot only provide some theoretical advices (and there's probably better solutions).

My idea would be to have n + 1 different chains for the mails:

the main queue process the messages, and forward the mail to one of the other mail queue based on the domain of the sender
each queue only define the rewrite rule that will perform the rewrite by using the right instance of pfix-srsd

hheimbuerger commented 8 years ago

@ingenium13 @fluo75 If you have actually managed to implement this, I would be very thankful if you could share your configuration! Thanks!

hheimbuerger commented 8 years ago

@Fruneau Actually… is the FQDN that pfix-srsd expects as an argument the recipient domain (of the address to be rewritten, of which there could be multiple in a single postfix instance) or the mail server's hostname (myhostname in the postfix config)?

Fruneau commented 8 years ago

@hheimbuerger this is the domain used for SRS encoded addresses. This will be the domain of the envelop from of every outgoing email after SRS encoding.

hheimbuerger commented 8 years ago

@Fruneau So that is actually a problem then, if you want to forward mail from multiple different domains on the same mail server with pfix-srsd.

Fruneau commented 8 years ago

@hheimbuerger can you describe your use case?

hheimbuerger commented 8 years ago

@Fruneau I'm running a mail server (currently adaline/dockermail) which receives mail on three different domains (i.e. which is the MX for three different domains). It hosts no actual mailboxes, but rather redirects/forwards all incoming mail to Gmail.

Right now, this setup fails a lot of SPF checks in Gmail and Gmail complains a lot. It is my (limited) understanding that implementing SRS should improve this situation a bit.

I've managed to integrate pfix-srsd into this setup, but I don't yet understand which of my three domains I have to pass as the domain argument when running pfix-srsd.

Fruneau commented 8 years ago

@hheimbuerger you have to create a new domain or subdomain dedicated to SRS (something like "srs.yourdomain.com" or "bounces.yourdomain.com").

That domain you chose must be a dedicated one because you need to identify bounces coming back from the destination server and being able to route them to the SRS decoder in order to get back the original sender and thus forward the bounce back to the right user.

Moreover, that domain must be allowed as the output of your server so that gmail won't fail while checking SPF (I would highly advice adding a strict SPF rule on your SRS domain, this would ensure nobody else will try using that domain).

I hope this was clear enough.