On Thu, 12 Sep 2019 at 05:14, John Regan <jregan...@gmail.com> wrote:
> Hi, > > I have a postfix-3.2.6 system that acts as a mail server and pop/imap > using dovecot for a small domain. The problem is that people are > increasingly using it as a relay to a personal account, such as Gmail and > Yahoo. > > This is resulting in the receiving system rejecting the message due to SPF > failing. > > Sep 11 22:03:06 email postfix/smtp[1187]: 33AA3962A9648: to=< > u...@example.com>, orig_to=<u...@origdomain.com>, relay= > mx0.digitalwest.net[72.29.183.105]:25, delay=2.7, delays=0.05/0/1.5/1.1, > dsn=5.0.0, status=bounced (host mx0.digitalwest.net[72.29.183.105] said: > 550-[SPF] 44.104.18.100 is not allowed to send mail from mchat.booking.com. > 550-Message blocked - Please check settings. See 550 > http://support.digitalwest.net/KB/a163/550-spf-not-allowed-to-send-mail.aspx > (in reply to RCPT TO command)) > > Is my only option here to do something like SRS or can this be fixed > another way? > I'm puzzled - you mention gmail and yahoo but the example you give is for digitalwest. They appear to be blocking based purely on SPF (their information link does not seem to work) - gmail does not do this and I doubt yahoo do it either. The situation which will cause problems when relaying to gmail or to yahoo is blocking based on DMARC where the sender domain has set a p=reject policy but doesn't add a DKIM signature header. Another problem you may face is that if you are relaying too much spam into gmail your server might be blacklisted.
