Forwarded mail blocked by Sendgrid due to verified Sender Identity error

Discussion in 'Installation/Configuration' started by Richard Bignell, Jan 23, 2025.

Tags:
  1. Richard Bignell

    Richard Bignell New Member

    Hi,

    Hoping someone can help. Ive been using ISPConfig for years and love it. Im trying to do something that in the GUI took seconds but its not working.

    I have contacted sendgrid but got a very generic answer (attached below)

    I encountered a '550 The from address does not match a verified Sender Identity' error when trying to send an email. I would like assistance on resolving this issue as I need to verify the email address or domain to ensure successful email deliveries.

    Im using ispconfig for some friends to forward emails. ispconfig recieves the email and postfix forwards it but sendgrid is seeing the original source email in the header and blocking the send. I either need to configure postfix to rewrite the FROM but still show the original source. or allow these through sendgrid somehow.

    Can you advise of the most scalable way to do this as ispconfig out of the box doesnt seem to be working for any forwarded mail when sendgrid is the relay. Attached are my main.cf and master.cf from postfix. (sensitive email information removed with ....)

    I just want to add forwards for any email and have them work as ive added all my domains to sendgrid and verified i own the DNS.

    ERROR:

    Jan 22 08:58:54 ispconfig postfix/smtp[876835]: AA5BD180733: to=<....@....>, orig_to=<....@....>, relay=smtp.sendgrid.net[52.57.139.126]:587, delay=0.86, delays=0.01/0.01/0.68/0.15, dsn=5.0.0, status=bounced (host smtp.sendgrid.net[52.57.139.126] said: 550 The from address does not match a verified Sender Identity. Mail cannot be sent until this error is resolved. Visit https://sendgrid.com/docs/for-developers/sending-email/sender-identity/ to see the Sender Identity requirements (in reply to end of DATA command))


    Sendgrid Reply:

    Hi there,

    Thank you for reaching out to us. I understand you're encountering a '550 The from address does not match a verified Sender Identity' error when trying to send emails through SendGrid. Let's work together to resolve this issue.

    This error occurs when the email address you're using as the "From" address is not verified as a Sender Identity in your SendGrid account. SendGrid requires all "From" addresses to be verified to ensure successful email delivery.

    1. Verify Sender Identity:
      • Visit the Sender Identity requirements page to understand the verification process.
      • Ensure that the "From" email address is verified. You can do this by accessing your SendGrid account and navigating to the Sender Identity section.
    2. Domain Authentication:
      • If you have access to your domain's DNS settings, consider setting up Domain Authentication. This provides better deliverability and ensures that all emails sent from your domain are authenticated.
    3. Postfix Configuration:
      • If you need to rewrite the "From" address in Postfix, you may need to configure it to use a verified sender address while maintaining the original source in the headers. This might involve setting up sender-dependent relay hosts or using a sender_canonical map.

    • For more detailed guidance on configuring Postfix, you might want to consult Postfix documentation or community forums.
    • If you need further assistance with SendGrid settings, feel free to reach out to our support team or visit our SendGrid documentation.
    Please let me know if these steps help resolve the issue or if there's anything else I can assist you with.

    Thank you for your patience and understanding.
    Best regards,



    Code:
    ##### SERVER #####
IP-address (as per hostname): ***.***.***.***
[WARN] could not determine server's ip address by ifconfig
[INFO] OS version is Ubuntu 20.04.6 LTS
 
[INFO] uptime:  13:30:22 up 5 days,  8:19,  1 user,  load average: 0.23, 0.21, 0.22
 
[INFO] memory:
              total        used        free      shared  buff/cache   available
Mem:          7.8Gi       2.2Gi       1.3Gi       122Mi       4.2Gi       5.1Gi
Swap:         4.0Gi        13Mi       4.0Gi
 
[INFO] systemd failed services status:
  UNIT                      LOAD   ACTIVE SUB    DESCRIPTION                               
● certbot.service           loaded failed failed Certbot                                   
● logrotate.service         loaded failed failed Rotate log files                           
● monit.service             loaded failed failed LSB: service and resource monitoring daemon
● named.service             loaded failed failed BIND Domain Name Server                   
● snap.lxd.activate.service loaded failed failed Service for snap application lxd.activate 

LOAD   = Reflects whether the unit definition was properly loaded.
ACTIVE = The high-level unit activation state, i.e. generalization of SUB.
SUB    = The low-level unit activation state, values depend on unit type.

5 loaded units listed.

[INFO] ISPConfig is installed.
[WARN] /usr/local/ispconfig/server/lib/config.inc.php is missing.

##### VERSION CHECK #####

[INFO] php (cli) version is 7.4.3-4ubuntu2.28
[INFO] php-cgi (used for cgi php in default vhost!) is version 7.4.3

##### PORT CHECK #####


##### MAIL SERVER CHECK #####


##### RUNNING SERVER PROCESSES #####

[WARN] I could not determine which web server is running.
[WARN] I could not determine which mail server is running.
[WARN] I could not determine which pop3 server is running.
[WARN] I could not determine which imap server is running.
[WARN] I could not determine which ftp server is running.

##### LISTENING PORTS #####
(only        ()
Local        (Address)
[anywhere]:465        (-)
[anywhere]:21        (-)
***.***.***.***:53        (-)
[anywhere]:22        (-)
[anywhere]:25        (-)
[anywhere]:993        (-)
[anywhere]:995        (-)
[localhost]:10023        (-)
[localhost]:10024        (-)
[localhost]:10025        (-)
[localhost]:10026        (-)
[localhost]:10027        (-)
[anywhere]:587        (-)
[localhost]:11211        (-)
[anywhere]:110        (-)
[anywhere]:143        (-)
*:*:*:*::*:8080        (-)
*:*:*:*::*:80        (-)
*:*:*:*::*:8081        (-)
*:*:*:*::*:465        (-)
*:*:*:*::*:21        (-)
*:*:*:*::*:22        (-)
*:*:*:*::*:25        (-)
*:*:*:*::*:443        (-)
*:*:*:*::*:993        (-)
*:*:*:*::*:995        (-)
*:*:*:*::*:10024        (-)
*:*:*:*::*:10026        (-)
*:*:*:*::*:3306        (-)
*:*:*:*::*:587        (-)
[localhost]10        (-)
[localhost]43        (-)




##### IPTABLES #####




##### LET'S ENCRYPT #####
Certbot is installed in /usr/bin/letsencrypt
     

    Attached Files:

    Richard Bignell, Jan 23, 2025
    #1
  2. pyte

    pyte Well-Known Member HowtoForge Supporter

    This seems like what you are trying to achieve. I did not test this and i'm not sure how much extra stuff you might need to do to make this work with ISPConfig or if it breaks any other function.
     
    pyte, Jan 24, 2025
    #2
  3. Richard Bignell

    Richard Bignell New Member

    Thank you. I’ll give it a try.

    I think ultimately I need to remove any custom config from postfix and do this in ispconfig but would need to know if it would support forwarding in this way with sendgrid?
     
    Richard Bignell, Jan 24, 2025
    #3
  4. pyte

    pyte Well-Known Member HowtoForge Supporter

    I recommend testing this on test VM first and tweak the config until it does exactly what you want, instead of might breaking a production system.

    If you got the config to the point where everything is working as expected for you, you can use ISPConfigs built-in template function to add your custom changes to the postfix main.cf
     
    pyte, Jan 24, 2025
    #4

Share This Page