Sender address rejected: not logged in

[chaosbunker]

I am trying @Braintelligence' suggestion from #220 to forward emails to get them though mailcow's spam filter (which i think will work) but i am having issues if I am sending test emails from the server running mailcow-dockerized as well as the old server running mailcow-0.14 .. i always get 553 Sender address rejected: not logged in

It works just fine from gmail or any other non-mailcow server.. Anyone know why this happens? in the example below i sent an email from my old mailcow server but the same happens with mailcow-dockerized except that in that case I don't get a "Mail Delivery System" email notification in my inbox, i just see it if i check the postfix logs with docker-compose logs -f postfix-mailcow

forwardToThisAddress@mailcowDockerizedServer.org
    (ultimately generated from forwardFromThisAddress@example.org)
    host mx.mailcowDockerizedServer.org [5.x.x.x]
    SMTP error from remote mail server after RCPT TO:<forwardToThisAddress@mailcowDockerizedServer.org>:
    553 5.7.1 <senderAddress@mailcow-0.14-Server.org>: Sender address rejected:
    not logged in

[chriscroome]

I came across this issue the other day as well, I think it happens when, for example, you have a Mailcow server at mail.example.org and it is set up with example.com as a domain and then a email is sent from somewhere else, say example.co.uk which has a From: example@example.com header and then Postfix rejects the email as authentication wasn't used -- I can see this causing problems with Mailman lists and webforms that send email using the a user supplied From address and CC or BCC it to the user.

I suspect there is a line of Postfix config that needs changing to prevent this happening (but some people might not want to change this as it will help prevent spam and spoofing).

[andryyy]

You can, for example - there are several solutions, add the remote instance to mynetworks. Or just use authentication.

If you send mail from a remote server with a domain your mailcow server hosts, mailcow will always reject it unless you log in.

The Postfix option to handle this: reject_sender_login_mismatch
File, line: https://github.com/mailcow/mailcow-dockerized/blob/master/data/conf/postfix/main.cf#L65

Another option is to remove reject_sender_login_mismatch.

[chaosbunker]

Ahh thanks! Is there any downside of doing this?

edit: i am tempted to just leave everything as is, it is not really an issue as soon as I moved everything to mailcow-dockerized

[andryyy]

Hm, well, other users (from outside, not authenticated) can send you mail in your name. :)

[chaosbunker]

Booo! Me no likey 😄

…

Sent from my iPhone

On 8. Jun 2017, at 17:07, André Peters ***@***.***> wrote: Hm, well, other users (from outside, not authenticated) can send you mail in your name. :) — You are receiving this because you modified the open/close state. Reply to this email directly, view it on GitHub, or mute the thread.

[catcun]

I know this issue is closed but this may help:
I used transport_maps to solve a similar situation, in my case with split domain routing. It works very well but I had to list all email addresses not handled by mailcow in the transport file.

[hamedty]

@andryyy Is there any reason you removed reject_sender_login_mismatch (commit 073c6c6)?

The issue I am seeing now, is that I receive emails from non-existing-user@domain.com to non-existing-user@domain.com at my catch-all inbox. The message is sent from a remote IP and an unauthenticated user. rspamd also doesn't flag these emails! Any idea? If non, I can dig deeper and post it here.

Thank You!

[andryyy]

It would flag it, if you set an SPF with -all. :)