search

LemmyNet / lemmy-ansible

A docker deploy for ansible
GNU Affero General Public License v3.0
248 stars 92 forks source link

Unable to get postfix/smtp to use a different smtp authentication user then `noreply@{{ domain }}` #214

Closed Sakrecoer closed 8 months ago

Sakrecoer commented 9 months ago

I'm trying to use an external SMTP for transactional emails as some of the biggest mail providers like google or microsoft don't even put unauthenticated mails into spam anymore and just rejects them.

For this i have tried to leverage config.hjson 

  email: {
    smtp_server: "mail.dyne.org:465"
    smtp_login: "smtp-derpelini@dyne.org"
    smtp_password: "peekaboo"
    smtp_from_address: "'Dyne Lemmy' <noreply@dyne.org>"
    tls_type: "tls"
  }

But it won't pickup on the from address (which remains noreply@{{ domain }} and does not authenticate. Mails go out alright though, and they're received by any mail provider that isn't google or outlook.

So, I tried to set Postfix variables, as some users report successfully in https://github.com/LemmyNet/lemmy/issues/3348

postfix_env_vars:
  - POSTFIX_myhostname: "dyne.org"
      # enable auth
  - POSTFIX_smtp_sasl_auth_enable: "yes"
  - POSTFIX_smtp_sasl_password_maps: "static:smtp-derpelini@dyne.org:peekaboo"
  - POSTFIX_smtp_sasl_security_options: "noanonymous"
  - POSTFIX_smtp_use_tls: "yes"
  - POSTFIX_relayhost: "mail.dyne.org:465"
  - POSTFIX_smtp_tls_wrappermode: "yes"
  - POSTFIX_smtp_tls_security_level: "encrypt"

Mails still work (for none-googlesoft inboxes), still not authenticated and sent from noreply@{{ domain }}

Here's the postfix log:

postfix_1  | Starting Postfix Mail Transport Agent: postfix.
postfix_1  | 2024-01-10T16:25:25.569610+00:00 e659191c62e2 rsyslogd:  [origin software="rsyslogd" swVersion="8.1901.0" x-pid="135" x-info="https://www.rsyslog.com"] start
postfix_1  | 2024-01-10T16:26:03.295348+00:00 e659191c62e2 postfix/smtpd[140]: connect from feddyneorg_lemmy_1.feddyneorg_default[172.19.0.4]
postfix_1  | 2024-01-10T16:26:03.301995+00:00 e659191c62e2 postfix/smtpd[142]: connect from feddyneorg_lemmy_1.feddyneorg_default[172.19.0.4]
postfix_1  | 2024-01-10T16:26:03.305218+00:00 e659191c62e2 postfix/smtpd[140]: 4A7F2127843: client=feddyneorg_lemmy_1.feddyneorg_default[172.19.0.4]
postfix_1  | 2024-01-10T16:26:03.348241+00:00 e659191c62e2 postfix/cleanup[144]: 4A7F2127843: message-id=<6f6d6f97-2486-4853-90a1-751ee957ad4d@fed.dyne.org>
postfix_1  | 2024-01-10T16:26:03.349388+00:00 e659191c62e2 postfix/qmgr[137]: 4A7F2127843: from=<noreply@fed.dyne.org>, size=1370, nrcpt=1 (queue active)
postfix_1  | 2024-01-10T16:26:03.349935+00:00 e659191c62e2 postfix/smtpd[142]: disconnect from feddyneorg_lemmy_1.feddyneorg_default[172.19.0.4] ehlo=1 quit=1 commands=2
postfix_1  | 2024-01-10T16:26:03.350053+00:00 e659191c62e2 postfix/smtpd[140]: disconnect from feddyneorg_lemmy_1.feddyneorg_default[172.19.0.4] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
postfix_1  | 2024-01-10T16:26:04.960558+00:00 e659191c62e2 postfix/smtp[145]: 4A7F2127843: to=<derp+lkslkdf@dyne.org>, relay=mail.dyne.org[185.121.208.66]:465, delay=1.7, delays=0.05/0.03/1.2/0.43, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 81E06740081)

What am i missing? How do i get this baby to get approval from it's SMTP parent? Deep inside i want to believe this is a feature, because it filters out googlesoft mail provider. It should feel problematic for googlsoft users to use googlesoft. But to free my fellow derps from the iron grip of bablyon network :tm: , i also need to reach out a hand...

Please help!

PS. I love lemmy devs :purple_heart:

Sakrecoer commented 8 months ago

I am officially black bellt in derp-fu! \o/

The above postfix settings work FINE! The address is still noreply@fed.dyne.org but who cares if they are authenticated: babylon network is recieving them all right!

Closing.