On 1/3/24 15:44, Bill Cole wrote:

Indeed: your solution is known as "SRS" (Sender Rewriting Scheme) and it has multiple implementations. If you forward mail, you will break SPF unless you fix the envelope sender so that it uses a domainĀ  that permits the example.org server to send for it.

OR, you could instead deliver to a POP mailbox locally and have users fetch from there instead of simply forwarding mail to them. This also avoids a completely distinct problem of places like GMail deciding that your org's mail server is a spamming service because it is forwarding spam. If users POP their mail instead of having it forwarded via SMTP, that does not happen.

Thanks for the advice on SRS - I have set it up and it's mostly working. At least GMail accepts the emails, although it seems to be failing DKIM and DMARC tests. I'm digging into what, if anything, can be done to make PostSRSd fix this issue.

Many thanks for your help, it's genuinely appreciated!

Thomas

Reply via email to