Update: There is some progress: I am now looking at the following status - but it seems to be temporary - mail will be delivered (it's only deferred): Dec 28 23:08:27 s3 postfix/cleanup[845639]: EC91E60878: milter-reject: END-OF-MESSAGE from unknown[185.nnn.nnn.127]: 4.7.1 Try again later; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<office.xxxxx.com> Dec 28 23:08:27 s3 postfix/smtpd[845635]: disconnect from unknown[185.xxx.xxx.127] ehlo=2 starttls=1 mail=1 rcpt=1 data=0/1 quit=1 commands=6/7 Hello, I have a client who wants to back-up his e-mail which is hosted elsewhere. I did setup Synology MailPlus Server and do sync mail from the mailserver (elsewhere) to MailPlus. This is a one way sync. MailPlus Server is being backed up to another NAS and to USB disks. The client has a nice backup now and can also easily switch over to MailPlus when there is a problem with the hosting/mail server (which is hosted elsewhere). Unfortunately the ISP seems to discontinue to set PTR records :-( I am looking for a workaround. I came up with the idea to use my VPS as a relay. The idea is that mail from Synology MailPlus Server are send by my VPS to the recipient. I like this idea, because I can quickly create a solution when there's a problem with the mailserver (which is hosted elsewhere). I did look into ISPconfig and I did find: 'E-mail > Email Accounts > Email Routing'. I did enter the domain, type smtp, no MX lookup, and the public FQDN of the Synology 'E-mail > Global Filters > Relay Recipients' I did set the @realdomain.com as the recpient address When I use my VPS with ISPconfig as a mail relay in MailPlus Server, I will receive the following error when i send an e-mail via MailPlus (web client on the Synology NAS): <[email protected]>: host s3.gigabitjes.nl[93.nnn.nn.43] said: 554 5.7.1 <[email protected]>: Relay access denied (in reply to RCPT TO command) Which might make sense as I can't find any option to allow this or to set this up through ISPconfig. Any ideas how I can resolve this?
Update: I did notice I can add the IP address of the sender to mynetworks in /etc/postfix/main.cf. This will result in a soft fail. I added the hostname of the sender (Synology) to /var/lib/rspamd/spf_whitelist.inc.local in rspamd and that seems to do the trick. I did also add the domain to Spamfilter Whitelist (but i don't think this helps).
Sounds like you need https://git.ispconfig.org/ispconfig/ispconfig3/-/merge_requests/1511 The spam filter whitelist should work once !1437 is completed.
Am I understanding correctly that it's just work in progress? I did look into !1437 and it looks like the soft rejects I see are related. I expect this will be resolved in the next (or one of the next) release(s) of ISPconfig. I'll just wait. The solution I have works and will work without soft rejects once completed? Thanks
It's been complete for a while, just not merged into the develop branch yet. No, the "try again later" soft rejects sound like greylisting (postgrey or rspamd, I don't know which uses that exact message). The fix in !1437 avoids an open relay problem that I think you will have in your configuration (set a transport for the domain, and allow all recipients in relay recipient maps - you are now an open relay for anyone sending to that domain).
Oh dear. I just did revert the configuration to the original. I did speak with the ISP again and they have decided to add the PTR after all. I did notice they did apply it wrong and asked them gently to add a dot at the end of the FQDN.