[Novalug] Internet email servers (maybe off topic)

Wed Oct 21 11:03:31 EDT 2009

Again a disclaimer: I am no mail expert and this is my first attempt at setting up a legitimate SMTP outbound host to the internet.....

And another note.... I have already set up DNS, rDNS, and an SPF record for my host vger.cadencequest.com with IP 66.95.81.102.

And in response to your response......
Which MTA do you recommend once I can get a Linux box doing this work instead of IIS/SMTP? Postfix or Exim?

Do you know if either of these can drop the private IP and masquerade as the first sender. Take a look at this header when I send mail to my hosting provider (they use Exchange):

Message-ID: <4ADE3E57.10204 at cadencequest.com>
Date: Tue, 20 Oct 2009 18:48:55 -0400
From: Testing <testing at cadencequest.com>
User-Agent: Thunderbird 2.0.0.23 (Windows/20090812)
MIME-Version: 1.0
To: <bsaxe at cadencequest.com>
Subject: test from inside to mx logic
Content-Type: text/plain; charset="ISO-8859-1"; format=flowed
Content-Transfer-Encoding: 7bit
X-MS-Exchange-Organization-SenderIdResult: SoftFail
Received-SPF: SoftFail (AUSP01MHUB01.collaborationhost.net: domain of
 transitioning testing at cadencequest.com discourages use of 10.1.1.132 as
 permitted sender)
X-MS-Exchange-Organization-SCL: 5
X-MS-Exchange-Organization-PCL: 2
X-MS-Exchange-Organization-Antispam-Report: DV:3.3.5705.600;SID:SenderIDStatus SoftFail;OrigIP:10.1.1.132

I want to avoid this:
SoftFail;OrigIP:10.1.1.132

I don't know why this receiving server is using the MUA sender as the OrigIP. It seems the source IP is what I would expect: X-SOURCE-IP: [66.95.81.102], but it is using OrigIP for the SPF check. Maybe the admin of this server has configured their SFP checker incorrectly?

When I send the same mail to gmail or yahoo, it uses my internet facing server with IP of 66.95.81.102 and passes SPF just fine, which is what I expected to happen. 

I want the MTA to make it look like the original sender is always my mail server with the public IP address if this is possible.

TIA,
  Brandon

--- On Tue, 10/20/09, James Ewing Cottrell 3rd <JECottrell3 at Comcast.NET> wrote:

> From: James Ewing Cottrell 3rd <JECottrell3 at Comcast.NET>
> Subject: Re: [Novalug] Internet email servers (maybe off topic)
> To: "Brandon Saxe" <brandon20va at yahoo.com>
> Cc: novalug at calypso.tux.org, "Nick Danger" <nick at hackermonkey.com>
> Date: Tuesday, October 20, 2009, 1:02 PM
> Make your Smart Hosts a pair of Linux
> Boxes, one for inbound, one for outbound, each backing the
> other up. You don't need to run SMTP Auth inside your LAN.
> And the Linux Host shouldn't rewrite any Headers, even if it
> does SMTP Auth to your ISP's relays.
> 
> Never Let a M$ MTA talk to the Internet.
> 
> JIM
> 
> Brandon Saxe wrote:
> > I wish I could do that, but it doesn't seem to work
> that way. When I set up the IIS SMTP relay the way it is
> currently, it only allows to send email from one address.
> > 
> > I have a mailbox set up on the provider with address
> noreply at domain.com.
> This is also the user name for SMTP-AUTH. When I send emails
> to this relay, the FROM: mail address also has to be noreply at domain.com
> (same as the primary email on the mailbox) or else the auth
> rejects the mail.
> > 
> > I want to be able to send mail from multiple email
> addresses such as:
> > -noreply at domain.com
> > -backupserver at domain.com
> > -support at domain.com
> > -so on and so forth.
> > 
> > Currently, the only supported address is noreply at domain.com
> because that is the addresss associated to the smtp-auth
> account. My company's provider seems to be pretty lame so
> far in helping me with this. In fact, they don't even
> support my using this mailbox as a relay account as it is.
> Of course, I only chatted with first level support. If I
> can't get resolution I'll be forced to talk to some
> management.
> > 
> > Any other thoughts/ideas?
> > 
> > Thanks!
> > 
> > --- On Tue, 10/13/09, Nick Danger <nick at hackermonkey.com>
> wrote:
> > 
> >> From: Nick Danger <nick at hackermonkey.com>
> >> Subject: Re: [Novalug] Internet email servers
> (maybe off topic)
> >> To: novalug at calypso.tux.org
> >> Date: Tuesday, October 13, 2009, 8:19 PM
> >> On Tue, 13 Oct 2009 16:56:07 -0700
> >> (PDT)
> >> Brandon Saxe <brandon20va at yahoo.com>
> >> wrote:
> >> 
> >>> Are my assumptions correct? Will this work? Is
> there a
> >> better way
> >>> (aside from my dumping my provider or hosting
> mail
> >> myself)?
> >> 
> >> Cant you just set up a single host on your lan to
> be a
> >> smart relay?
> >> That host would accept the email from all the
> other hosts
> >> on your lan
> >> (including those old ones that cant do smtp-auth)
> then the
> >> smart host
> >> would send all the mail via smtp-auth through your
> current
> >> provider.
> >> 
> >> How would that work?
> >> 
> >> Nick
> >> _______________________________________________
> >> Novalug mailing list
> >> Novalug at calypso.tux.org
> >> http://calypso.tux.org/mailman/listinfo/novalug
> >> 
> > _______________________________________________
> > Novalug mailing list
> > Novalug at calypso.tux.org
> > http://calypso.tux.org/mailman/listinfo/novalug
> > 
> > 
> >
> ------------------------------------------------------------------------
> > 
> > 
> > No virus found in this incoming message.
> > Checked by AVG - www.avg.com Version: 8.5.421 / Virus
> Database: 270.14.12/2431 - Release Date: 10/12/09 13:01:00
> > 
> 
> 