1

We send e-mail on behalf of our customers, via our own SMTP services. It's always been a problem for us because usually our "spoofing" of their source address results in the mails being caught in spam traps. This hasn't been a problem in the past due to the small volume and low importance of these mails that we sent. However this requirement has recently changed and we need to fix this issue.

We realise that fundamentally our application is sending e-mail incorrectly, as per this post: Send email on behalf of clients

However, we would like to resolve the problem at the SMTP server level. We have deployed a server running Postfix.

Is it possible to have Postfix automatically adjust the mail headers so that we get this "Sent on behalf of" behaviour? I figure it should just be a case of Postfix noticing that the FROM address is the spoofed (i.e. a domain that is not mentioned in its config anywhere) and therefore inject/replace the appropriate headers to get the desired effect.

Thanks.

Community
  • 1
nbevans
  • 752

1 Answers1

3

You wont be spoofing anything if you setup that postfix instance properly.

Since you are sending mails with approval of customer and both you and they want it done properly I see no reason why you couldn't set it up to be as valid and legit as it could be.

  • Ensure your mail servers IP is same to reverse DNS.
  • Publish SPF record for your domains, and for customer domains that will state your mail server is legit source of mails.
  • Disable relaying, and for parties connecting from internet require authentication for sending mail
  • Consider using DKIM to sign mails, as many large mail operators like yahoo and gmail check if mails are signed.

Once it's all configured properly mails will be as legit as they can be and there wont be any spoofing involved.

Hrvoje Špoljar
  • 5,405
  • 28
  • 42