authorize multiple domains to send via send-only Postfix server

Jerome

4/30/24, 4:07 PM

A rails application is sending an email to postfix for processing with From: do-not-reply@some_domain.top returning an error:

[ActionMailer::MailDeliveryJob] [fa3df6b5-72a4-4a57-a5f8-ef7a98e4d8a9] 
Error performing ActionMailer::MailDeliveryJob (Job ID: fa3df6b5-72a4-4a57-a5f8-ef7a98e4d8a9) 
from GoodJob(default) in 2613.2ms:  
Net::SMTPFatalError (551 5.7.1 Not authorised to send from this header address

Thus /etc/postfix/main.cf needs proper set-up. Presently:

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
append_dot_mydomain = no
readme_directory = no
compatibility_level = 2
   # TLS parameters
smtpd_tls_cert_file=/etc/letsencrypt/live/sandbox.domain.club/fullchain.pem
smtpd_tls_key_file=/etc/letsencrypt/live/sandbox.domain.club/privkey.pem
smtpd_tls_security_level=may

smtp_tls_CApath=/etc/ssl/certs
smtp_tls_security_level=may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache


smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = sandbox.domain.club
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = localhost.$myhostname, localhost, $myhostname

relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all

The plurality of cases complicates the understanding of documentation and/or references.

There are two issues at hand.

there are multiple from issuers with their own domains (all are covered by SPF, DKIM and DMARC)
there are multiple certificates issued across these domains. to be honest, even the existing reference is wrong as letsencrypt went and re-wrote the cert to sandbox.domain.club-0001 but that is easily fixable

How can postfix be configured to use from domains for, say, some_domain.top, sandbox.domain.club, twirlingaround.com ?

*note: a possible avenue indicated here was attempted, however the postfix server would not start because of a previous binding to 127.0.0.1 I surmise this is because of the different setting in main.cf for inet_interfaces.

1 + 0

postfix

ruby-on-rails

Score:0

Server

Jerome

5/1/24, 5:51 AM

This question had little to do with postfix, as only

masquerade_domains =  some_domain.top sandbox.domain.club twirlingaround.com

was added as a security measure.

The problem was a rails configuration one. The config/environment/[acting_environment].rb file needs to be set as:

  config.action_mailer.delivery_method = :sendmail
  config.action_mailer.smtp_settings = {
    openssl_verify_mode: 'none'
  }

+ 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: authorize multiple domains to send via send-only Postfix server

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.