Tangentially related but I'm having some issues related to email beeing refused by Gmail.
In my organization we have ~10 linux VM and they are all configured to send email to an exim MTA. For example monitoring stuff. The system mail name is set to vmName.srv.___domain.name (___domain.name is replaced by our actual ___domain and this resolve to a local address) so it's quite common to receive mail from [email protected]. This cause no issue when it's delivered to the local Cyrus server but when it's transfered to a Gmail address for some reason Gmail reject the email because the headers are bad.
I am considering rewriting the address to [email protected] in exim when receiving email from local VMs and I am wondering if this could be a bad idea.
I'm going to redo this mail server from scratch soon because it has been left untouched for something like 6 years. Some software was compiled on it with shared libraries which then were updated but the software was not recompiled. It's a dumpster fire and I'm actually surprised most of our emails seem to go through.
I would also add to the article that's it's a good idea to have some rate limit on outbound email, outbound email spam checks and to check that the user sending email has the right to use that address.
Quick question (as someone who doesn't manage email): why not using an external mail provider (like mailjet) ? Privacy concerns and/or internal mails that shouldn't get leaked ?
That server is at least 10 years old and quite custom. For example when an email is received the address is queried to an ldap and if it's a mailing list the email is sent to all the recipients of that mailing list which can be other mailing lists ! This goes on until an user address is found and then the email is delivered to the cyrus server.
Each user can also have many alternative addresses that map to an unique mailbox
Those mailings lists are used a lot internally and managed with internally developed tools. This make migrating to an external service difficult.
That's the classic example of some critical piece of infrastructure that nobody dare to touch because it works... until it doesn't anymore.
That's why we don't use external services to receive email. I'll consider using mailJet if setting up exim & related stuff correctly to send email in 2020 proves too painful.
In my organization we have ~10 linux VM and they are all configured to send email to an exim MTA. For example monitoring stuff. The system mail name is set to vmName.srv.___domain.name (___domain.name is replaced by our actual ___domain and this resolve to a local address) so it's quite common to receive mail from [email protected]. This cause no issue when it's delivered to the local Cyrus server but when it's transfered to a Gmail address for some reason Gmail reject the email because the headers are bad.
I am considering rewriting the address to [email protected] in exim when receiving email from local VMs and I am wondering if this could be a bad idea.
I'm going to redo this mail server from scratch soon because it has been left untouched for something like 6 years. Some software was compiled on it with shared libraries which then were updated but the software was not recompiled. It's a dumpster fire and I'm actually surprised most of our emails seem to go through.
I would also add to the article that's it's a good idea to have some rate limit on outbound email, outbound email spam checks and to check that the user sending email has the right to use that address.