Subject: postfix: Please add a dpkg-reconfigure option to masquerade From when smarthosting
Date: Mon, 29 Aug 2022 13:55:00 -0500
Package: postfix
Version: 3.5.13-0+deb11u1
Severity: wishlist
Hello,
Many consumer ISPs won't relay outbound email unless it comes from the
email address associated with the account.
It would be nice if the Postfix pacakge had a configuration option so
that when a smarthost is used there is the option to masquerade
(envelope and regular header) the From address. This gives the
"ordinary user" the ability to send outbound emails, which lets cron
and other system daemons email notifications that might otherwise be
lost in the local mail spool. `reportbug` also works better when
outbound email is available, etc.
A sample debian/templates snippet:
----------<snip>---------------
Template: postfix/masquerade_from_address
Type: string
Default:
_Description: From address for all outbound mail:
Many consumer ISPs will not deliver outbound email unless it comes
from the email address(es) the ISP has assigned to the account. You may
designate one email address to be used as the From address in all
email sent from this system.
.
Leave this value blank to prevent masquerading of outbound From addresses.
.
This entry affects both the envelope and header From addresses.
----------<snip>---------------
You may also want to add the following paragraph to the bottom of
Template: postfix/relayhost
----------<snip>---------------
.
Many consumer ISPs require all email to go through a relay host under
their control. In these cases setting the relay host to your ISP's
server lets email reach the Internet.
----------<snip>---------------
Other options come to mind that would be useful when there's a
smarthost:
Using LMTP instead of SMTP. Although perhaps this is
already taken care of because the relayhost syntax allows the choice
of port. Maybe it wouldn't hurt to have the relayhost part of
debian/templates mention the SUBMISSION port, perhaps by example.
Configuring SASL authentication. But SASL seems like it could be a
nest-of-worms, unless ISPs have more-or-less standardized. (Is it
PLAIN over TLS or ....) The utility of going down this road is not
clear to me, although it can be "nice" to have something that holds
your hand when configuring. A simple initialization/use of a single
SASL username/password (as here:
https://www.linkedin.com/pulse/how-setup-postfix-relay-host-federico-panini)
could be nice. But only if it would mostly-work.
Regards,
Karl
-- System Information:
Debian Release: 11.4
APT prefers stable-security
APT policy: (500, 'stable-security'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 5.10.0-17-amd64 (SMP w/4 CPU threads)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages postfix depends on:
ii adduser 3.118
ii cpio 2.13+dfsg-4
ii debconf [debconf-2.0] 1.5.77
ii dpkg 1.20.11
ii e2fsprogs 1.46.2-2
ii libc6 2.31-13+deb11u3
ii libdb5.3 5.3.28+dfsg1-0.8
ii libicu67 67.1-7
ii libnsl2 1.3.0-2
ii libsasl2-2 2.1.27+dfsg-2.1+deb11u1
ii libssl1.1 1.1.1n-0+deb11u3
ii lsb-base 11.1.0
ii netbase 6.3
ii ssl-cert 1.1.0+nmu1
Versions of packages postfix recommends:
ii ca-certificates 20210119
ii python3 3.9.2-3
Versions of packages postfix suggests:
ii bsd-mailx [mail-reader] 8.1.2-0.20180807cvs-2
ii claws-mail [mail-reader] 3.17.8-1+b1
ii emacs-nox [mail-reader] 1:27.1+1-3.1
ii libsasl2-modules 2.1.27+dfsg-2.1+deb11u1
ii mailutils [mail-reader] 1:3.10-3+b1
pn postfix-cdb <none>
pn postfix-doc <none>
pn postfix-ldap <none>
pn postfix-lmdb <none>
pn postfix-mysql <none>
pn postfix-pcre <none>
pn postfix-pgsql <none>
ii postfix-sqlite 3.5.13-0+deb11u1
ii procmail 3.22-26+deb11u1
pn resolvconf <none>
ii sylpheed [mail-reader] 3.7.0-8
pn ufw <none>
-- debconf information excluded
On Monday, August 29, 2022 2:55:00 PM EDT Karl O. Pinc wrote:
> Package: postfix
> Version: 3.5.13-0+deb11u1
> Severity: wishlist
>
> Hello,
>
> Many consumer ISPs won't relay outbound email unless it comes from the
> email address associated with the account.
>
> It would be nice if the Postfix pacakge had a configuration option so
> that when a smarthost is used there is the option to masquerade
> (envelope and regular header) the From address. This gives the
> "ordinary user" the ability to send outbound emails, which lets cron
> and other system daemons email notifications that might otherwise be
> lost in the local mail spool. `reportbug` also works better when
> outbound email is available, etc.
This is not something that Postfix has the capability to do. I'd suggest using
vrfydmn milter to accomplish this, but it would be out of scope for anything
automatically configured by the Postfix package.
https://tracker.debian.org/pkg/vrfydmn
Scott K
Information stored
: Bug#1018736; Package postfix.
(Mon, 29 Aug 2022 20:09:02 GMT) (full text, mbox, link).
Acknowledgement sent
to "Karl O. Pinc" <[email protected]>:
Extra info received and filed, but not forwarded.
(Mon, 29 Aug 2022 20:09:02 GMT) (full text, mbox, link).
Subject: Re: Bug#1018736: postfix: Please add a dpkg-reconfigure option to
masquerade From when smarthosting
Date: Mon, 29 Aug 2022 14:59:13 -0500
On Mon, 29 Aug 2022 15:31:31 -0400
Scott Kitterman <[email protected]> wrote:
> > Many consumer ISPs won't relay outbound email unless it comes from
> > the email address associated with the account.
> >
> > It would be nice if the Postfix pacakge had a configuration option
> > so that when a smarthost is used there is the option to masquerade
> > (envelope and regular header) the From address. This gives the
> > "ordinary user" the ability to send outbound emails, which lets cron
> > and other system daemons email notifications that might otherwise be
> > lost in the local mail spool. `reportbug` also works better when
> > outbound email is available, etc.
>
> This is not something that Postfix has the capability to do.
Sure it does. How about a generic mapping that matches anything?
https://www.postfix.org/ADDRESS_REWRITING_README.html#generic
smtp_generic_maps = static:[email protected]
Of course this would only be asked about/configured if
a relayhost was already configured.
I'm sure I've done something like this before with stock postgres.
If not with a generic map then with a (regex?) transport map.
Regards,
Karl <[email protected]>
Free Software: "You don't pay back, you pay forward."
-- Robert A. Heinlein
On Monday, August 29, 2022 3:59:13 PM EDT Karl O. Pinc wrote:
> On Mon, 29 Aug 2022 15:31:31 -0400
>
> Scott Kitterman <[email protected]> wrote:
> > > Many consumer ISPs won't relay outbound email unless it comes from
> > > the email address associated with the account.
> > >
> > > It would be nice if the Postfix pacakge had a configuration option
> > > so that when a smarthost is used there is the option to masquerade
> > > (envelope and regular header) the From address. This gives the
> > > "ordinary user" the ability to send outbound emails, which lets cron
> > > and other system daemons email notifications that might otherwise be
> > > lost in the local mail spool. `reportbug` also works better when
> > > outbound email is available, etc.
> >
> > This is not something that Postfix has the capability to do.
>
> Sure it does. How about a generic mapping that matches anything?
> https://www.postfix.org/ADDRESS_REWRITING_README.html#generic
>
> smtp_generic_maps = static:[email protected]
>
> Of course this would only be asked about/configured if
> a relayhost was already configured.
>
> I'm sure I've done something like this before with stock postgres.
> If not with a generic map then with a (regex?) transport map.
I guess you could do it with a regex, but I still don't see it as a great
thing to provide as a default.
Scott K
Information stored
: Bug#1018736; Package postfix.
(Mon, 29 Aug 2022 20:51:04 GMT) (full text, mbox, link).
Acknowledgement sent
to "Karl O. Pinc" <[email protected]>:
Extra info received and filed, but not forwarded.
(Mon, 29 Aug 2022 20:51:04 GMT) (full text, mbox, link).
Subject: Re: Bug#1018736: postfix: Please add a dpkg-reconfigure option to
masquerade From when smarthosting
Date: Mon, 29 Aug 2022 15:46:43 -0500
On Mon, 29 Aug 2022 16:09:28 -0400
Scott Kitterman <[email protected]> wrote:
> On Monday, August 29, 2022 3:59:13 PM EDT Karl O. Pinc wrote:
> > On Mon, 29 Aug 2022 15:31:31 -0400
> >
> > Scott Kitterman <[email protected]> wrote:
> > > > Many consumer ISPs won't relay outbound email unless it comes
> > > > from the email address associated with the account.
> > > >
> > > > It would be nice if the Postfix pacakge had a configuration
> > > > option so that when a smarthost is used there is the option to
> > > > masquerade (envelope and regular header) the From address.
> > > > This gives the "ordinary user" the ability to send outbound
> > > > emails, which lets cron and other system daemons email
> > > > notifications that might otherwise be lost in the local mail
> > > > spool. `reportbug` also works better when outbound email is
> > > > available, etc.
> > How about a generic mapping that matches anything?
> > https://www.postfix.org/ADDRESS_REWRITING_README.html#generic
> >
> > smtp_generic_maps = static:[email protected]
> >
> > Of course this would only be asked about/configured if
> > a relayhost was already configured.
> >
> > I'm sure I've done something like this before with stock postgres.
> > If not with a generic map then with a (regex?) transport map.
>
> I guess you could do it with a regex, but I still don't see it as a
> great thing to provide as a default.
Is there something wrong with my smtp_generic_maps above?
(I'm curious.)
I do think it's a great thing to be able to have your system
send you an email, to an email address which you actually
use, to notify you of problems. But this seems, at present,
out of reach given the typical consumer's ISP's policy and
because the typical user does not want to get into the
weeds of configuring their local MTA. Installing and configuring
tends to finish as soon as the new Debian install boots.
Debconf would be an easy way to configure outbound email capability.
(It once was, before ISPs decide to filter spam on the outbound
side.)
If you disagree, ok. For me, email is the perfect "push
notification"; a reliable asyncronous communication directed to
a centralized hub I can poll to discover everything
something/someone thinks I need to know.
I'm not sure of the target audience here, and this is a larger
discussion, but if most of the Debian installations are
ordinary consumer desktops used by only moderately technical
people who prefer, say, web forums and text messages to email,
perhaps Debian should not be installing a MTA by default.
No reason to have an MTA if root's emails (etc.) are going
to sit in /var/mail, unread, forever. Not installing an MTA
would make OS installs that much simpler.
Thanks for your attention.
Regards,
Karl <[email protected]>
Free Software: "You don't pay back, you pay forward."
-- Robert A. Heinlein
Debbugs is free software and licensed under the terms of the GNU General
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.