I recently set up the Docker-Mailserver for our company (v. 12.1.0). It's working well so far, except for one thing: We receive automated emails from a customer's Redmine system. These emails are not sent via the customer's official mail server, so the Spf check for incoming mails fails. Also Outlook appointments from the same customer are rejected. I need a way to set up a whitelist for these emails. But it is currently not clear to me whether the Spf check is performed by Postfix or by Rspamd. Can anyone tell me how to set up such a whitelist?
In main.cf I can find the following setting:
smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated
I setup a postfix-policyd-spf.conf which contains the following (anonymized domains and IPs):
debugLevel = 1
defaultSeedOnly = 1
skip_addresses = 127.0.0.0/8,::ffff:127.0.0.0/104,::1
Whitelist = 172.28.0.0/16,x.y.187.36/32
Domain_Whitelist = mailxxxxxxx.com,xx.yyyyyyyy.outlook.com,some.others.com
The domain Whitelist contains the domains of the mail servers which send these mail to our receipients. I have the answer of one of these mails:
550 5.7.23 The message was rejected because of Sender Policy Framework violation -> 550 5.7.1 rejected by DMARC policy for mycustomer.de
Rejected from: ourdomain.de
Sent from: xxxxxx.erprdyy.prod.outlook.com
What can I do to receive those mails? Thanks in advance for any insights.
MM
v=DMARC1; p=reject; pct=100; fo=1; ri=3600; rua=mailto:[email protected]; ruf=mailto:[email protected];
There is not much they can alter. They follow a company-wide rule. The company IT think, that they get more mail security for incoming mails with their rules and don't understand, that their rules affect outgoing mail also, since our mail server is checking the rules also. Their spf isv=spf1 ip4:x.y.187.36/32 include:mail*******.com include:***somemoreincludes -all
include:spf.protection.outlook.com
into their SPF. That's what they did, but it doesn't work anyway.