📝 Preliminary Checks

• I tried searching for an existing issue and followed the debugging docs advice, but still need assistance.

👀 What Happened?

This is more of a question about relay server setup than a bug.

I am testing docker-mailserver on a home machine. It uses a postfix server on aws (mail2.example.com) as a relay. Since port 25 is blocked by Comcast, communication is done over port 587. In particular:

mail2@example.com ------ 587 --- > mail@example.com

mail2 forwards to mail using the user relay@example.com which has been added to postfix-accounts.cf (and the password is known to mail2 via sasl_password).

Assume an email is received by mail2, say for myself at cfis@example.com, and is forwarded to mail. That results in this error in the log:

docker-mailserver-59cc9899d4-lfnbn postfix/submission/smtpd[3078]: NOQUEUE: reject: RCPT from mail2.example.com[x.x.x.x]: 553 5.7.1 <root@mail2.example.com>: Sender address rejected: not owned by user relay@example.com; from=<root@mail2.example.com> to=<cfis@example.com> proto=ESMTP helo=<mail2.example.com>

This is caused by the inclusion of reject_authenticated_sender_login_mismatch in mua_sender_restrictions.

If I override mua_sender_restrictions to remove reject_authenticated_sender_login_mismatch, then the relay user delivers the email to the correct account without error.

However, is there a better way to set this up? I want ports 465 and 587 to require authentication, so mail2 has to login as some user. And port 25 is blocked by comcast. I figured this would be a common issue, but an internet search revealed people with the same issue but without clear guidance on the best solution.

Thanks!

👟 Reproduction Steps

No response

🐋 DMS Version

v13.3.1

💻 Operating System and Architecture

Fedora

⚙️ Container configuration files

This is using Kubernetes, see https://github.com/cfis/docker-mailserver-helm

📜 Relevant log output

No response

Improvements to this form?

No response