Postfix forwarding to Gmail and external Gmail SMTP.

Hi,

I'm trying to achieve the following:

1. Forward all incoming mails to my Gmail account via virtual alias. This is the guide: Setup mail forwarding in postfix on Ubuntu or Debian.

2. Send all outgoing mails via Gmail SMTP server. This is the guide: Configure Postfix to Send Mail Using an External SMTP Server.

The problem is that I can have only one of them but not both.

If I use Gmail SMTP, then all incoming mails get their original address overwritten like this:

" somebody@example.com" => [Postfix at my host] => " myuser@myhost.com" (in Gmail inbox)

Is it possible to configure Postfix, so it leaves forwarded e-mails intact and adds "myhost.com" only to mails, which originate from myhost.com?

Thanks.

This is my /etc/postfix/main.cf file:

# See /usr/share/postfix/main.cf.dist for a commented, more complete version

# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = no

# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = myhost.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = localhost.localdomain, localhost
relayhost = [smtp.gmail.com]:587
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all

# enable SASL authentication
smtp_sasl_auth_enable = yes
# disallow methods that allow anonymous authentication.
smtp_sasl_security_options = noanonymous
# where to find sasl_passwd
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
# Enable STARTTLS encryption
smtp_use_tls = yes
# where to find CA certificates
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt

# Forward all incoming mail.

# list of the domains, for which postfix is going to accept emails
virtual_alias_domains = myhost.com
# path to the file which contains mappings for e-mail addresses
virtual_alias_maps = hash:/etc/postfix/virtual

5 Replies

In following those two guides, I think Postfix should not be modifying any headers on messages that are forwarded. Is it possible for you to post a complete test message including headers showing the as-sent and as-received versions? (You will have to send the message from a different address.)

It may be that Gmail is modifying things itself.

@Vance:

It may be that Gmail is modifying things itself.

This. GMail always overwrites the From address with the sending account's e-mail address. Only way to change that is to change the sending account.

http://stackoverflow.com/questions/1778 … -in-django">http://stackoverflow.com/questions/17789673/how-to-change-reply-to-and-return-path-header-with-gmail-smtp-in-django

Thanks everybody for replies.

@masonm:

@Vance:

It may be that Gmail is modifying things itself.

This. GMail always overwrites the From address with the sending account's e-mail address. Only way to change that is to change the sending account.

http://stackoverflow.com/questions/1778 … -in-django">http://stackoverflow.com/questions/17789673/how-to-change-reply-to-and-return-path-header-with-gmail-smtp-in-django

masonm, thank you for the link. The mystery solved. This is exactly what I see. Via the StackOverflow page I found good explanation of the problem: Gmail Tampers with Outgoing Email.

I think Google does it deliberately, so users who want more sophisticated e-mail options buy their Google App service, which provides MX servers.

So far my solution is not to use Gmail SMTP servers. Apparently, postfix sends e-mails just fine. There was a problem with outlook.com initially, since they rejected all mails from my IP, but after contacting them they unblocked it. GMail, Yahoo users can receive my mails just fine.

The only small irritation is that Gmail softfails forwarded e-mails because Gmail tries to verify SPF record of my server with the sender address. But it's a well known problem.

Ah, I misunderstood the problem. To a degree, it is understandable that Gmail would set the "From:" address to the authenticated account, although "Sender:" would be more correct.

As you found, Postfix is perfectly capable of delivering mail on its own. Of course, any forwarding mail server will cause SPF to fail (rewriting headers is not a sane approach). DKIM-signed mail should pass through Postfix unmolested and Gmail seems to like it. For mail originating from your system, you can always add your Linode's hostname to your SPF entry, e.g. "a:foo.example.net" or to avoid extra DNS lookups, its IP(s), e.g. "ip4:11.22.33.44" or "ip6:1111:2222:3333::4".

@Vance:

For mail originating from your system, you can always add your Linode's hostname to your SPF entry, e.g. "a:foo.example.net" or to avoid extra DNS lookups, its IP(s), e.g. "ip4:11.22.33.44" or "ip6:1111:2222:3333::4".

Yes, this is what I did. Now all my mail looks good and accepted by Google without any problems. If I see any issues with the current setup I'll invest more time in the full blown DKIM config for my host.

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct