Simple mailing list: Possible for multiple domains?

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
18 messages Options
Reply | Threaded
Open this post in threaded view
|

Simple mailing list: Possible for multiple domains?

Tom Browder
My postfix will accept mail for multiple domains. Is it possible to have one or more "simple mailing list"s for each domain?

For example:  Incoming mail for for "[hidden email]" and "[hidden email]" are sent to separate subscriber lists.

Thanks.

Best regards,

-Tom

Reply | Threaded
Open this post in threaded view
|

Re: Simple mailing list: Possible for multiple domains?

Rick van Rein
Hi Tom,

> For example:  Incoming mail for for "[hidden email]
> " and "[hidden email]
> " are sent to separate subscriber lists.

That will work if you create the lists in the virtual map.

You probably should have an SRS setup to get through properly.

-Rick

Reply | Threaded
Open this post in threaded view
|

Re: Simple mailing list: Possible for multiple domains?

Tom Browder
On Mon, Aug 21, 2017 at 05:22 Rick van Rein <[hidden email]> wrote:
Hi Tom,

> For example:  Incoming mail for for "[hidden email]
> " and "[hidden email]
> " are sent to separate subscriber lists.

That will work if you create the lists in the virtual map.

You probably should have an SRS setup to get through properly.

Rick, I should prefaced my question with the fact that I am trying to configure a new installation planned to serve multiple domains. I also plan to use Mailman 3 but I need to get several mailing lists working ASAP so I, as an inexperienced postfix user, feel like the simple mailing lists are the way to go for now if it will work as I asked.

So please excuse my ignorance, but what is "SRS?"

Thanks for your reply!

Regards,

-Tom
Reply | Threaded
Open this post in threaded view
|

Re: Simple mailing list: Possible for multiple domains?

Rick van Rein
Hi Tom,

> So please excuse my ignorance, but what is "SRS?"

What you are doing constitutes as forwarding, and that means that SPF
validation results are invalidated.  To your rescue, you won't be
changing any of the headers customarily signed with DKIM, so you'll
probably get through DMARC validators.

SRS is a technique to "fix" SPF failures due to forwarding, by replacing
the envelope sender with one on your own mail server.  It will however
not be taken into account during DMARC validation, which not only wants
SPF to pass, but also have a match between envelope and header from
addresses.

https://www.libsrs2.org

-Rick
Reply | Threaded
Open this post in threaded view
|

Re: Simple mailing list: Possible for multiple domains?

Wietse Venema
In reply to this post by Tom Browder
Tom Browder:
> My postfix will accept mail for multiple domains. Is it possible to have
> one or more "simple mailing list"s for each domain?
>
> For example:  Incoming mail for for "[hidden email]" and "[hidden email]"
> are sent to separate subscriber lists.

Use mailman. It sets the envelope sender, meaning that there is no
need for SRS, and presumably supports From: header munging, to work
around DMARC damage.

        Wietse
Reply | Threaded
Open this post in threaded view
|

Re: Simple mailing list: Possible for multiple domains?

Benny Pedersen-2
In reply to this post by Rick van Rein
Rick van Rein skrev den 2017-08-21 13:53:

>> So please excuse my ignorance, but what is "SRS?"
> What you are doing constitutes as forwarding, and that means that SPF
> validation results are invalidated.

srs is not needed with postfix, if it was check postfix headers on
maillists posts, if srs is really needed somewhere, its time to upgrade
to postfix ?

to the OP, google mlmmj
Reply | Threaded
Open this post in threaded view
|

Re: Simple mailing list: Possible for multiple domains?

Benny Pedersen-2
In reply to this post by Wietse Venema
[hidden email] skrev den 2017-08-21 14:05:

> Use mailman. It sets the envelope sender, meaning that there is no
> need for SRS, and presumably supports From: header munging, to work
> around DMARC damage.

what damage ?, atleast its not needed on postfix maillist
Reply | Threaded
Open this post in threaded view
|

Re: Simple mailing list: Possible for multiple domains?

Kevin A. McGrail
On 8/21/2017 8:30 AM, Benny Pedersen wrote:
> [hidden email] skrev den 2017-08-21 14:05:
>
>> Use mailman. It sets the envelope sender, meaning that there is no
>> need for SRS, and presumably supports From: header munging, to work
>> around DMARC damage.
>
> what damage ?, atleast its not needed on postfix maillist

Hi Benny,

These notes from when we used MD to make a workaround for this issue
before Mailman also implemented workarounds might help:

# BLOCK IF FROM YAHOO (AND OTHERS) BECAUSE THEY SET DMARC TOO STRICTLY
       #
http://www.pcworld.com/article/2141120/yahoo-email-antispoofing-policy-breaks-mailing-lists.html
       # REWRITE THE FROM HEADER AND OTHER FIELDS PER RECOMMENDATION
HERE: http://dmarc.org/faq.html#s_3

Regards,
KAM
Reply | Threaded
Open this post in threaded view
|

Re: Simple mailing list: Possible for multiple domains?

Rick van Rein
In reply to this post by Benny Pedersen-2
Oh,

> srs is not needed with postfix,

They are unrelated.  However: my remark of needing SRS does assume that
he's forwarding for others than his own domains.

I agree with Wietse that MailMan solves the same poblem (VERP is similar
to SRS, it uses a MAIL FROM: with the local domain) but Tom indicated to
need something really-really-quickly.

-Rick
Reply | Threaded
Open this post in threaded view
|

Re: Simple mailing list: Possible for multiple domains?

Viktor Dukhovni
In reply to this post by Tom Browder

> On Aug 21, 2017, at 6:06 AM, Tom Browder <[hidden email]> wrote:
>
> My postfix will accept mail for multiple domains. Is it possible to have one or more "simple mailing list"s for each domain?
>
> For example:  Incoming mail for for "[hidden email]" and "[hidden email]" are sent to separate subscriber lists.

Use virtual aliases to map each input address to a distinct localpart:

        [hidden email]   [hidden email]
        [hidden email]    [hidden email]

then include "lists.example.com" in "mydestination", and arrange for
suitable handling in the relevant aliases file.

--
        Viktor.

Reply | Threaded
Open this post in threaded view
|

Re: Simple mailing list: Possible for multiple domains?

Benny Pedersen-2
In reply to this post by Kevin A. McGrail
Kevin A. McGrail skrev den 2017-08-21 14:36:

> These notes from when we used MD to make a workaround for this issue
> before Mailman also implemented workarounds might help:

mailman breaks dkim, its not yahoo's fault

> # BLOCK IF FROM YAHOO (AND OTHERS) BECAUSE THEY SET DMARC TOO STRICTLY

thats not the problem

> http://www.pcworld.com/article/2141120/yahoo-email-antispoofing-policy-breaks-mailing-lists.html
>       # REWRITE THE FROM HEADER AND OTHER FIELDS PER RECOMMENDATION
> HERE: http://dmarc.org/faq.html#s_3

do i need to read it ?, if dkim was never breaked by silly maillists
software the problem with dmarc reject policy is gone

possible i am unfair now ? :=)
Reply | Threaded
Open this post in threaded view
|

Re: Simple mailing list: Possible for multiple domains?

Tom Browder
In reply to this post by Rick van Rein

On Mon, Aug 21, 2017 at 07:50 Rick van Rein <[hidden email]> wrote:
> srs is not needed with postfix,

They are unrelated.  However: my remark of needing SRS does assume that
he's forwarding for others than his own domains.

I agree with Wietse that MailMan solves the same poblem (VERP is similar
to SRS, it uses a MAIL FROM: with the local domain) but Tom indicated to
need something really-really-quickly.

Thanks for all the suggestions--perhaps I should just bite the bullet and try MM3 now.

But, to be clear about my desired email flow:

+ I own multiple, independent domains living at one host with five IPv4s (with one physical interface plus four virtual interfaces)
+ Subscribers will be emailing to lists at one or more of the domains and receiving mail from the same lists
+ One domain has the mail server and all domains have that server in their MX record

Do any suggestions change based on those settings?

I am willing to dive into MM3 if necessary, but would like to postpone that for a while if I can achieve the email flow I need. I have dedicated and cooperative subscribers who will be easy to manage for some time while I move on to MM3.

-Tom
Reply | Threaded
Open this post in threaded view
|

Re: Simple mailing list: Possible for multiple domains?

Rick van Rein
In reply to this post by Benny Pedersen-2
Hi,

> mailman breaks dkim, its not yahoo's fault

I've been arms-wrestling a group mail service with just that type of
problem today! and found an easy way out:

I found that DKIM signature correctness was retained when the sender
included [listname] in the Subject: on their initial message, to avoid
modification of the (signed) Subject: header by the groupware.  I
suspect the same would work with MailMan.

> if dkim was never breaked by silly maillists software the problem with
> dmarc reject policy is gone
>
> possible i am unfair now ? :=)

You have the DMARC WG on your side... they are drafting ARC to re-sign
emails.  MailMan could also re-sign, of course.  In fact, I read that
MailMan already does ARC.  [Meanwhile I cannot see all those simplistic
mail forwarders adopt this solution.]


@Tom, to get back to your original question, a plain & simple mailing
list is a bed of nails... even when you do it really nicely, perhaps
even still when you canonicalise remote users to local addresses as in

http://internetwide.org/blog/2017/08/16/mail-route-filtering.html


Cheers,
 -Rick
Reply | Threaded
Open this post in threaded view
|

Re: Simple mailing list: Possible for multiple domains?

Kevin A. McGrail
In reply to this post by Benny Pedersen-2
Benny,

I wrote those notes years ago when Yahoo! surprise a lot of people with
the enforcement of DMARC with little consideration for mailing lists.

http://dmarc.org/faq.html#s_3 is the key point.

IMO, some providers acted rashly and broke a lot of things but the end
it likely is better for the security of the internet and email.

Regards,
KAM
Reply | Threaded
Open this post in threaded view
|

Re: Simple mailing list: Possible for multiple domains?

Tom Browder
In reply to this post by Rick van Rein

On Mon, Aug 21, 2017 at 09:13 Rick van Rein <[hidden email]> wrote:
Hi
...
@Tom, to get back to your original question, a plain & simple mailing
list is a bed of nails... even when you do it really nicely, perhaps
even still when you canonicalise remote users to local addresses as in

Okay, Rick, I think I'll just do one simple list (for the group most eager for a list) and, after that is working okay, take on MM3.

Thanks again for everyone's help and advice!

-Tom
Reply | Threaded
Open this post in threaded view
|

Re: Simple mailing list: Possible for multiple domains?

Tom Browder

On Mon, Aug 21, 2017 at 10:21 Tom Browder <[hidden email]> wrote:

On Mon, Aug 21, 2017 at 09:13 Rick van Rein <[hidden email]> wrote:
Hi
...
@Tom, to get back to your original question, a plain & simple mailing
list is a bed of nails... even when you do it really nicely, perhaps
even still when you canonicalise remote users to local addresses as in

Okay, Rick, I think I'll just do one simple list (for the group most eager for a list) and, after that is working okay, take on MM3.

For the first time I can remember, I just glanced through the postfix multi info and it looks like it might be the way to go for my use: managing a remote, internet-connected, multi-domain mail server via my local laptop connected with a dynamic IP.

The doumentation looks very detailed and cookbook-ish and, at first glance, it seems to be very easy to translate into an auto-generated solution.

I would appreciate any thoughts about using postmulti.

Best regards,

-Tom
Reply | Threaded
Open this post in threaded view
|

Re: Simple mailing list: Possible for multiple domains?

Viktor Dukhovni

> On Aug 23, 2017, at 9:25 AM, Tom Browder <[hidden email]> wrote:
>
> or the first time I can remember, I just glanced through the postfix multi info and it looks like it might be the way to go for my use: managing a remote, internet-connected, multi-domain mail server via my local laptop connected with a dynamic IP.
>
> The doumentation looks very detailed and cookbook-ish and, at first glance, it seems to be very easy to translate into an auto-generated solution.
>
> I would appreciate any thoughts about using postmulti.

Use multiple instances when your Postfix system is tasked with
multiple requirements that are tricky to implement in a single
monolithic configuration.  Thus, for example, it is not uncommon
to use multiple instances to separate local submission, inbound and
outbound mail on an edge (DMZ) Postfix server.  This scales the
number of instances with the number of problems you're trying
to solve.

Multiple instances are less compelling to separate additional
copies of the same problem.  Thus, it generally makes less
sense to spin up an instance per domain, unless the separate
domains have vastly different mail handling requirements.
More typically it is not too cumbersome to handle minor
variations between domains with suitable address rewriting
tables.

--
        Viktor.

Reply | Threaded
Open this post in threaded view
|

Re: Simple mailing list: Possible for multiple domains?

Tom Browder

On Wed, Aug 23, 2017 at 15:19 <[hidden email]> wrote:
Tom, have you considered looking at iRedMail?  That is what I use here
and it uses Postfix as the MTP of choice along with other open source
components for IMAP, spam filtering, etc.

http://www.iredmail.org

Robert, I have looked at it but I don't think it can handle my multi-domain server that I want.  For the immediate future I am not going to provide mail boxes, just mailing lists for multiple domains.

Thanks,

-Tom