We are integrating GMAIL / GSUITE with a DLP system for a client. The E-Mail DLP module is postfix based. In the E-Mail DLP module I will add an X-HEADER, which I intend to read in the GMAIL forwarding rule to DLP to avoid an infinite loop. So the GMAIL forwarding rule to the DLP system should allow me something like this:
If X-HEADER-DLP is not present, THEN forward message to DLP E-Mail Gateway
Otherwise (if X-HEADER-DLP is present) forward E-Mail to recipient(s)
In MS Exchange I have the possibility to check for the incoming IP Address to avoid such next-hop loops, but as this feature in GMAIL is not available, I am trying to use the X-HEADER approach instead.
Related
I want to send an email to a mailbox on Gmail's servers. But I cannot understand why Google wants to authenticate me, the sender.
I want to act as the sending mail server. So using openssl, I open a TCP connection to smpt.gmail.com. Openssl takes care of the TLS handshake, and I am ready to send a message of the SMTP protocol
openssl s_client -connect smtp.gmail.com:587 -star
ttls smtp
CONNECTED(00000005)
.. Lots of TLS or SSL details ...
---
250 SMTPUTF8
I send the HELO message:
HELO smtp.gmail.com
250-smtp.gmail.com at your service
And I try to send a message:
MAIL FROM: <me#nowhere.com>
530-5.7.0 Authentication Required. Learn more at ...
But Gmail servers responds that I need to be authenticated.
I would understand authenticating with the mail server if I were reading from a mailbox, but I don't get why I need to authenticate to send a message to a mailbox.
I can't find much documentation on the internet regarding this either.
Is there some kind of mechanism where every owner of a mailserver on the planet needs to create a google account just to send emails to a gmail mailbox?
How does the mail servers at Microsoft outlook send messages to Gmail servers?
What am I missing here?
Modern SMTP splits message submission into a separate transaction, distinct from message transport. You are generally required to authenticate with your local MTA (Gmail's if you are sending from Gmail, Outlook if that's where you are sending from, etc) to submit a message, and then the transport network of SMTP proper takes it from there.
There used to be a time when you were able to submit a message to a remote MTA by something called direct injection, but spammers abused this (along with pretty much every other feature of email) to the point where this model was no longer sustainable.
The modern message submission protocol runs on port 587, and generally requires authentication, and thus can obviously only accept submissions from local users for whom the server has identity and authentication information.
The transport protocol, by contrast, runs on the original port number, 25, which is more or less universally firewalled now for residential IP addresses. (Inside an organization, you might still be able to connect to a local mail server on port 25 and perhaps even submit messages without authenticating.)
In addition, regular mail servers on the modern Internet need to maintain a positive reputation. This helps keep the bad apples somewhat isolated, but raises the bar for newcomers and minor independent operators. See e.g. SenderBase for one such reputation system, though the big operators typically have their own proprietary ones which are not available to outsiders.
I have a Server (DigitalOcean Droplet) with a domain/website hosted on it using LAMP. I want to add a webmail server, to be able to send e-mails through SMTP and receive e-mails to forward them to external IMAP clients.
I need to send e-mails for app/site notifications, I send e-mails through simple SMTP scripts. And I need to receive e-mails being sent to my email#domain.com to then forward them to external IMAP clients.
I want to configure it with the minimum requirements, cause I want to have it in the same server where I host my site and I don’t want it to consume too much memory/cpu.
Any recommendations?
I’ve seen this Postfix steps (https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-postfix-on-ubuntu-20-04) but I don’t know if it’s what I need.
I also believe that I need to configure some DNS records, such as MX, SPF, DMARC and DKIM. But these are not mentioned on above link.
Notes:
I do not own any e-mail hosting server, my intention is to create one with this. Is Postfix what I need?
I want to create e-mail accounts such as: noreply#domain.com, help#domain.com, sales#domain.com
I don’t want to control an external e-mail account, I want to host it here in this server.
Thanks in advance.
I have a mac osx server at my office. I have only one email address configured on it because it's an email address outside my GSuite account. That email address was created for sending mails from a php script (I don't want to pay to Google for that email address because I don't need all of the Google Services on it). I configured PHP Mailer for sending mails using that email account.
It's connecting perfectly fine, authentication is correct, etc., but there is one problem: if I send mails to #mydomain.com it says that account doesn't exist, but it does exist, only that it is hosted on GSuite. If I send mails outside mydomain, it works fine.
Question is: how do I route those mails to look up for the correct MX récords? I mean, how to make those #mydomain.com emails reach the GSuite host?
You can have multiple MX records per domain. It is possible. They will use priorities. You can even have multiple email servers checking emails from each other.
However, you case with hosted emails this won't work. Google is not going to let you do this.
You will have to pay.
I'm new to google compute engine, i used dedicated server before where i get cpanel to configure email so i can send and receive but in google cloud it's not available. so how can i use email service in GCE please help
See the docs on sending email from GCE:
Google Compute Engine does not allow outbound connections on ports 25, 465, and 587 but you can still set up your instances to send mail through ports 587 and 465 using servers provided through partner services, such as SendGrid. This document discusses how to set up your instances to send email using SendGrid.
If you wish to send mail through a corporate mail server, you can use a VPN to bypass these restrictions. This would require running a VPN client on your Compute Engine node, and a VPN server on your corporate network router. This would allow your Compute Engine node to appear "inside" your corporate firewall, and allow unrestricted access to your corporate mail server. There are security implications for this configuration, and you should ensure that your Compute Engine node only has access to the services it requires, and nothing more.
SendGrid is a partner service that provides Google Compute Engine customers with a free or paid SendGrid account that you can use to send mail from Google Compute Engine instances. SendGrid offers a number of advantages:
free tier* to Google Compute Engine customers that includes 25,000 transactional email messages per month
Ability to send emails from addresses other than #gmail.com
No daily limit on the number of transactional email messages
The footnote on free* is:
Google will be compensated for customers who sign up for a non-free account.
See the document for details on how to sign up or set this up on your account.
Use email provider's API to send mail from Google Compute Engine. For that you need the end point url, and authentication key. This is easiest way as ports such as 25, 465 and 587 are blocked in Google Cloud.
You may use your email providers API to send email from GC to avoid
I have configured my DNN mail server to send out mail using our companies Email service provider. I cannot send any emails to external email server.
For ex. My email provider is testx#ttt.com. I can send emails to testy#ttt.com and textz#ttt.com. However i cannot send to testy#gmail.com or testy#hotmail.com
The error i see in the DNN event viewer is as below
System.Net.Mail.SmtpFailedRecipientsException: Unable to send to all recipients.
System.Net.Mail.SmtpFailedRecipientException: Mailbox unavailable.
The server response was: This domain is not hosted here
I have the same email address configured in my outlook and i can send/recieve to any emails like gmail or hotmail. Following are my DNN email settings
It sounds like one or two things might be happening here:
Your SMTP server isn't set up to allow relaying from the IP address of your web server.
You may need to create an SPF (Sender Policy Framework) or TXT record in DNS for your SMTP server's primary domain that allows SMTP traffic from the IP address of the server where your DNN website is hosted. An SPF record may already be in use for your email domain, but generally you'd add something like this to it: v=spf1 a ip4:1.2.3.4 -all, where 1.2.3.4 is the IP address of your web server.