Hallo,
ich habe eine Mailbox user1@example.net. Für die gibt es einen Alias user2@example.org (unterschiedliche Domains!). Die Mailcow ist so eingerichtet, dass die Mailbox für den Alias versenden darf. D.h. ich logge mich als user1@example.net ein und versende mit Absender user2@example.org.
Das funktioniert mit manchen Clients, mit anderen nicht. Thunderbird funktioniert einwandfrei, bei Mails über Spark schlägt die DMARC-Prüfung fehl. Hier zwei Auszüge aus den Logs.
Kann mir jemand sagen, was das Problem ist? Ist es ein Konfigurationsfehler in der Mailcow oder liegt es am Client?
Hier ein Log mit Spark als Client (DMARC-Prüfung schlägt fehlt)
Dec 16 07:24:51 b2d131433e05 postfix/smtps/smtpd[59116]: connect from unknown[2001:xyz:6e39]
Dec 16 07:24:51 b2d131433e05 postfix/smtps/smtpd[59116]: Anonymous TLS connection established from unknown[2001:xyz:6e39] to mail.example.com: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)
Dec 16 07:24:52 b2d131433e05 postfix/smtps/smtpd[59116]: 5BFA01407F1: client=unknown[2001:xyz:6e39], sasl_method=PLAIN, sasl_username=user1@example.net
Dec 16 07:24:52 b2d131433e05 postfix/cleanup[59118]: 5BFA01407F1: replace: header Received: from [2001:9e8:2372:fd00::ffff:ffff] (unknown [IPv6:2001:xyz:6e39])??(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))??(No client certificate r from unknown[2001:xyz:6e39]; from=<user1@example.net> to=<example@gmail.com> proto=ESMTP helo=<[2001:9e8:2372:fd00::ffff:ffff]>: Received: from [127.0.0.1] (localhost [127.0.0.1]) by localhost (Mailerdaemon) with ESMTPSA id 5BFA01407F1??for <example@gmail.com>; Fri, 16 Dec 2022 07:24:52 +0100 (CET)
Dec 16 07:24:52 b2d131433e05 postfix/cleanup[59118]: 5BFA01407F1: message-id=<13e3fc05-bf24-47af-b7fa-12500d3b54ca@Spark>
Dec 16 07:24:53 b2d131433e05 postfix/qmgr[377]: 5BFA01407F1: from=<user1@example.net>, size=27339, nrcpt=1 (queue active)
Dec 16 07:24:53 b2d131433e05 postfix/smtps/smtpd[59116]: disconnect from unknown[2001:xyz:6e39] ehlo=1 auth=1 mail=1 rcpt=1 data=1 quit=1 commands=6
Dec 16 07:24:53 b2d131433e05 postfix/smtp[59119]: Trusted TLS connection established to gmail-smtp-in.l.google.com[2a00:1450:4010:c0a::1a]:25: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256)
Dec 16 07:24:53 b2d131433e05 postfix/smtp[59119]: 5BFA01407F1: to=<example@gmail.com>, relay=gmail-smtp-in.l.google.com[2a00:1450:4010:c0a::1a]:25, delay=1.6, delays=1/0.02/0.21/0.38, dsn=5.7.26, status=bounced (host gmail-smtp-in.l.google.com[2a00:1450:4010:c0a::1a] said: 550-5.7.26 Unauthenticated email from example.org is not accepted due to domain's 550-5.7.26 DMARC policy. Please contact the administrator of example.org domain 550-5.7.26 if this was a legitimate mail. Please visit 550-5.7.26 https://support.google.com/mail/answer/2451690 to learn about the 550 5.7.26 DMARC initiative. g16-20020a05651222d000b004b53ff6515csi800128lfu.607 - gsmtp (in reply to end of DATA command))
Dec 16 07:24:53 b2d131433e05 postfix/cleanup[59121]: A4AB8140BDF: message-id=<20221216062453.A4AB8140BDF@mail.example.com>
Dec 16 07:24:53 b2d131433e05 postfix/bounce[59120]: 5BFA01407F1: sender non-delivery notification: A4AB8140BDF
Dec 16 07:24:53 b2d131433e05 postfix/qmgr[377]: A4AB8140BDF: from=<>, size=30601, nrcpt=1 (queue active)
Dec 16 07:24:53 b2d131433e05 postfix/qmgr[377]: 5BFA01407F1: removed
Dec 16 07:24:53 b2d131433e05 postfix/lmtp[59123]: A4AB8140BDF: to=<user1@example.net>, relay=dovecot[fd4d:6169:6c63:6f77::d]:24, delay=0.2, delays=0.05/0.01/0/0.13, dsn=2.0.0, status=sent (250 2.0.0 <user1@example.net> IMOgKzUPnGMUswMAaSo1sQ Saved)
Dec 16 07:24:53 b2d131433e05 postfix/qmgr[377]: A4AB8140BDF: removed
Und hier nochmal mit Thunderbird (funktioniert)
Dec 16 07:15:37 b2d131433e05 postfix/smtps/smtpd[59005]: connect from unknown[2001:xyz:6e39]
Dec 16 07:15:37 b2d131433e05 postfix/smtps/smtpd[59005]: Anonymous TLS connection established from unknown[2001:xyz:6e39] to mail.example.com: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature RSA-PSS (4096 bits) server-digest SHA256
Dec 16 07:15:38 b2d131433e05 postfix/smtps/smtpd[59005]: 2EC701407F1: client=unknown[2001:xyz:6e39], sasl_method=PLAIN, sasl_username=user1@example.net
Dec 16 07:15:38 b2d131433e05 postfix/cleanup[59006]: 2EC701407F1: replace: header Received: from [IPV6:2001:xyz:6e39] (unknown [IPv6:2001:xyz:6e39])??(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)?? key-exchange EC from unknown[2001:xyz:6e39]; from=<user2@example.org> to=<example@gmail.com> proto=ESMTP helo=<[IPV6:2001:xyz:6e39]>: Received: from [127.0.0.1] (localhost [127.0.0.1]) by localhost (Mailerdaemon) with ESMTPSA id 2EC701407F1??for <example@gmail.com>; Fri, 16 Dec 2022 07:15:38 +0100 (CET)
Dec 16 07:15:38 b2d131433e05 postfix/cleanup[59006]: 2EC701407F1: message-id=<5264a8a6-6c32-b545-b756-2218c539726b@example.org>
Dec 16 07:15:38 b2d131433e05 postfix/qmgr[377]: 2EC701407F1: from=<user2@example.org>, size=27241, nrcpt=1 (queue active)
Dec 16 07:15:38 b2d131433e05 postfix/smtps/smtpd[59005]: disconnect from unknown[2001:xyz:6e39] ehlo=1 auth=1 mail=1 rcpt=1 data=1 quit=1 commands=6
Dec 16 07:15:39 b2d131433e05 postfix/smtp[59007]: Trusted TLS connection established to gmail-smtp-in.l.google.com[2a00:1450:4010:c08::1b]:25: TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256
Dec 16 07:15:39 b2d131433e05 postfix/smtp[59007]: 2EC701407F1: to=<example@gmail.com>, relay=gmail-smtp-in.l.google.com[2a00:1450:4010:c08::1b]:25, delay=1.4, delays=0.74/0.02/0.28/0.4, dsn=2.0.0, status=sent (250 2.0.0 OK 1671171339 c4-20020ac25f64000000b004b50fbefe12si597881lfc.341 - gsmtp)
Dec 16 07:15:39 b2d131433e05 postfix/qmgr[377]: 2EC701407F1: removed