Hi
I setup Mailcow today but i have a quiet unusual setup. Our primary Mailservice is Google Workspace Gmail. We use it for one Mailadress but we needed some more Mailboxes and Mailadresses/Aliases. For those additional Adresses we don’t need all the Workspace features and the Mailboxes can be rather small (500mb-1gb).
Got Gmail to route the Mails except of one to the IP of our Mailcow Server. Got the Mailboxes open, Gmail is forwarding to Mailcow as expected and thy get allocated in the right mailboxes. I Setup dkim, spf, etc. as needed, tls cert tests are working but i cant send mails through Googles SMTP Relay.
One thing that is not like in a regular mailcow setup is that i dont use unbound as dns but rely on my domain hosts dns.
Here is the result of the Transport Test:
No MX records for smtp-relay.gmail.com:25 were found in DNS, skipping and using hostname as next-hop.
Connection: opening to smtp-relay.gmail.com:25, timeout=15, options=array (
↪ ‘ssl’ =>
↪ array (
↪ ‘verify_peer’ => false,
↪ ‘verify_peer_name’ => false,
↪ ‘allow_self_signed’ => true,
↪ ),
)
Connection: opened
SERVER -> CLIENT: 220 smtp-relay.gmail.com ESMTP du10-idxxx.45 - gsmtp
CLIENT -> SERVER: EHLO mail.domain.tld
SERVER -> CLIENT: 250-smtp-relay.gmail.com at your service, [SERVER-IP]
↪ 250-SIZE 157286400
↪ 250-8BITMIME
↪ 250-STARTTLS
↪ 250-ENHANCEDSTATUSCODES
↪ 250-PIPELINING
↪ 250-CHUNKING
↪ 250 SMTPUTF8
CLIENT -> SERVER: STARTTLS
SERVER -> CLIENT: 220 2.0.0 Ready to start TLS
CLIENT -> SERVER: EHLO mail.domain.tld
SERVER -> CLIENT: 250-smtp-relay.gmail.com at your service, [SERVER-IP]
↪ 250-SIZE 157286400
↪ 250-8BITMIME
↪ 250-AUTH LOGIN PLAIN XOAUTH2 PLAIN-CLIENTTOKEN OAUTHBEARER XOAUTH
↪ 250-ENHANCEDSTATUSCODES
↪ 250-PIPELINING
↪ 250-CHUNKING
↪ 250 SMTPUTF8
CLIENT -> SERVER: MAIL FROM:sender@domain.tld
SERVER -> CLIENT: 250 2.1.0 OK du10-idxxx.45 - gsmtp
CLIENT -> SERVER: RCPT TO:target@gmail.com
SERVER -> CLIENT: 250 2.1.5 OK du10-idxxx.45 - gsmtp
CLIENT -> SERVER: DATA
SERVER -> CLIENT: 354 Go ahead du10-idxxx.45 - gsmtp
CLIENT -> SERVER: Date: Mon, 5 Feb 2024 16:34:17 +0100
CLIENT -> SERVER: To: Joe Null target@gmail.com
CLIENT -> SERVER: From: Mailer sender@domain.tld
CLIENT -> SERVER: Subject: A subject for a SMTP test
CLIENT -> SERVER: Message-ID: MASSAGEID@mail.domain.tld
CLIENT -> SERVER: X-Mailer: PHPMailer 6.6.0 (PHPMailer/PHPMailer)
CLIENT -> SERVER: MIME-Version: 1.0
CLIENT -> SERVER: Content-Type: text/plain; charset=iso-8859-1
CLIENT -> SERVER:
CLIENT -> SERVER: This is our test body
CLIENT -> SERVER:
CLIENT -> SERVER: .
SERVER -> CLIENT: 250 2.0.0 OK xxx.45 - gsmtp
CLIENT -> SERVER: QUIT
SERVER -> CLIENT: 221 2.0.0 xxx.45 - gsmtp
Connection: closed
Mail gets delivered as it should. I can use any mailadress in combination with my domain.tld as sender.
I saw that the EHLO is mail.domain.tld. Google states that this should be domain.tld. Is there a way i can change that?
SMTP Reject:
Reporting-MTA: dns; mail.domain.tld
X-Postcow-Queue-ID: ID
X-Postcow-Sender: rfc822; sender@domain.tld
Arrival-Date: Mon, 5 Feb 2024 16:29:34 +0100 (CET)
Final-Recipient: rfc822; target@gmail.com
Original-Recipient: rfc822;target@gmail.com
Action: failed
Status: 5.7.1
Remote-MTA: dns; smtp-relay.gmail.com
Diagnostic-Code: smtp; 550-5.7.1 Invalid credentials for relay
[IPv6]. The IP address 550-5.7.1 you’ve registered in your
Workspace SMTP Relay service doesn’t match 550-5.7.1 the domain of the
account this email is being sent from. If you are 550-5.7.1 trying to relay
mail from a domain that isn’t registered under your 550-5.7.1 Workspace
account or has empty envelope-from, you must configure your 550-5.7.1 mail
server either to use SMTP AUTH to identify the sending domain or 550-5.7.1
to present one of your domain names in the HELO or EHLO command. For
550-5.7.1 more information, go to 550 5.7.1
https://support.google.com/a/answer/6140680#invalidcred
id.272 - gsmtp
I decided that i don’t want to store my SMTP AUTH credentials i plain text in my mailcow config but to specify the IP the relay should trust to send mails for our domain. I used the IPv4 of my Server. in the reject reply there is the IPv6 listed could that be the issue?
Any Input to solve the issue would be highly appreciated!
Added IPv6 to the route and now i can sent mails. nice.
Added IPv6 to the route and now i can sent mails. nice.
Added IPv6 to the route and now i can sent mails. nice.
Added IPv6 to the route and now i can sent mails. nice.