On 30/10/23 05:43, Robert Inder via Postfix-users wrote:
For 10 years now I've been running a Linux (CentOS 7) server, using
Postfix to handle mail for a handful of users.
Specifically, I'm running Postfix 2.2, because that is the most recent
version yum will fetch
from the current/default set of repositories.
CentOS 7 comes with Postfix 2.10.1. If you want to update to the latest
postfix in CentOS 7 you can get it from the ghettoforge repositories
(see: http://ghettoforge.org/index.php/Postfix3) which currently has
Postfix 3.8.1 for CentOS 7.
If you're really running 2.2 as you say, you would have to be running an
EOL operating system to be running such an old version of postfix.
CentOS 4 is the most recent version of CentOS which shipped with Postfix
2.2 and it went EOL in February of 2012. If you're running CentOS 4 then
you haven't gotten any updates for well over ten years and it will be
very full of several major security vulnerabilities, not just in postfix
but throughout your operating system.
Some users want to use GMail, so I have used an alias (in an aliases
file) to forward their mail to their GMail account, making
person at my.domain
an alias for
same_person at gmail.com <http://gmail.com>
Recently, users have told me they have discovered that mail has not
reached them because it was rejected by GMail.
The rejection mail I have seen says GMail rejected the message because
the IP address of my server did not pass
DKIM or SPF for the source of the email.
You have discovered one of the primary issues with forwarding mail. The
other one is that any SPAM that you inadvertently forward will be
attributed to your server and it can get blocklisted as a source of SPAM.
I have set up SPF for my domain, but I don't think that is relevant to
FORWARDING mail (is it?).
No, since you're forwarding mail with an envelope sender from other domains.
So I'm not sure what to do next.
My best recommendation is to allow POP3 retrieval of messages (dovecot,
courier, as well as several other agents offer POP3 services). Then
gmail has a setting where it can be configured to fetch messages via
POP3 from the connection. This should bypass all of the google SPAM
filters and allow retrieval into the user's mailbox directly without
having to forward.
Do I have to set up DKIM?
No, but it's now recommended to help with deliverability, as well as
several other things.
Can I do that with Postfix 2.2?
Milter support, which is generally what is used for DKIM signing, was
first introduced in Postfix 2.3, so probably not. If you're running
Postfix 2.10 then you'll be fine, although updating to 3.8.1 from
Ghettoforge would not be a bad idea. Also keep in mind that CentOS 7 is
very close to EOL as well (CentOS 7 is due to go EOL on 30 June of next
year), you should plan to migrate to a new OS now. If you want to stay
on the EL track I recommend Rocky Linux or Alma Linux as CentOS no
longer provides a stable Linux platform beyond CentOS 7.
Peter
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
