We deployed sentry on premise. We have no problems sending email through the applications. Sender shows "tail#foo.com" in the email.
However, there is celery worker that sends out emails, since the sender is "roo#localhost.foo.com" emails are bounced.
I have tried configuring generic and added hosname in main.cf. But didnt work.
My problem is postfix is sending emails as root#localhost.foo.com not as tail#foo.com.
What do I need to change or do to have the emails sent as tail#foo.com?
You can use masquerade_domains setting as a workaround using this command:
$ postconf 'masquerade_domains = $mydomain'
masquerade_domains (default: empty)
Optional list of domains whose subdomain structure will be stripped off in email addresses.
Related
I'm trying to send emails with smtplib and they seem to be delivering fine. The only problem is that DKIM fails and the mails usually go straight to the spam folder.
DKIM is enabled on my shared hosting (host is a2hosting, if that helps) and the process works fine when sending individual emails with Thunderbird, and DKIM passes, suggesting that the problem lies on my end.
I even tried using dkimpy to explicitly sign the emails using the private key but I still get dkim=fail under ARC-Authentication-Results.
Some posts and answers I referred to suggested "logging in" as the solution but I am already logging in using SMTP.login() and as I mentioned earlier, the emails are being sent.
An answer I referred to mentioned that it is the server's job to sign the email and it's worth mentioning that the raw email output includes the DKIM signature, even without explicitly signing it with dkimpy, indicating that the server is signing as expected.
But the problem remains that DKIM fails affecting the email deliverability, and the raw output does not provide any details as to why DKIM failed for the domain.
I use the following code snippet to send an email
msg = MIMEMultipart()
msg['From'] = 'myemail#mydomain.tld'
msg['To'] = 'someemail#gmail.com'
msg['Subject'] = "Subject"
msg.attach(MIMEText("SomeText", "plain"))
s = smtplib.SMTP_SSL("mydomain.tld:465")
s.login("myemail#mydomain.tld", "mypassword")
s.sendmail("myemail#mydomain.tld", 'someemail#gmail.com',msg.as_string())
I tried signing the message as follows
headers = ["To", "From", "Subject"]
with open("cert.pem") as fh:
dkim_private = fh.read()
sig = dkim.sign(
message=msg.as_string().encode("ascii"),
selector=str(dkim_selector).encode("ascii"),
domain="robogyan.tech".encode("ascii"),
privkey=dkim_private.encode("ascii"),
include_headers=headers,)
msg["DKIM-Signature"] = sig.decode("ascii").lstrip("DKIM-Signature: ")
The raw output did reflect the signature with the above code but DKIM still failed.
There seems to be no problem with the authentication whatsoever since the server replies with "Authentication succeeded"
Edit:
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed;
d=mydomain.tld; s=default; h=Subject:To:From:MIME-Version:Content-Type:
Sender:Reply-To:Date:Message-ID:Cc:Content-Transfer-Encoding:Content-ID:
Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc
:Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:
List-Subscribe:List-Post:List-Owner:List-Archive;
bh=giCDGo/0duFr1Ex65l7Ixc3N45EAULK+gw5cHV8pO0k=; b=DR08Q+CjgOLqo8WkLJs/XROfTw
Z7+ph+qnzi5p49cT3+UwQolcL1CKIVPk7XRkL8WZ3FFa9hZuc6TumquRSiYd5uR0AC5Z3lopEfnQe
fdbOOTRnks2ZzoOnQusy/gmydUttypu8wTthFhy7vTWXMFcdI29X/HkrokCtiGKCoD2u2kWBtn2sm
3/aP83lBbMpcWsNbvo3HTsL71o8QPd6bVKpqRGyAy89cAwMLwP4dnJ9WcCxxNzowlJNPQja3o5W16
t3rG/KizcRehjaDUXhPPRF/4RdYUSIi/SGNwmIPwvkZNc17k3wQpszKeG6/Ujgax/i7Li7V7dLJBT
Fu/x6xDA==;
Signed-by: myemail#mydomain.tld
Expected-Body-Hash: giCDGo/0duFr1Ex65l7Ixc3N45EAULK+gw5cHV8pO0k=
Here's the DKIM of the failing email if that helps. The expected body hash and the received body hash match too. I am not sure what the problem is then.
After a lot of research and brute force approaches, I finally found the solution to my problem.
I needed to include the Message-ID and the date in the headers as well.
Adding the following lines to the code helped me pass the verification.
msg['Date'] = email.utils.formatdate()
msg['Message-ID'] = email.utils.make_msgid(domain='mydomain.tld')
Important note: you need to add your smtp client's machine IP address to InternalHosts list, because OpenDKIM will check client's permission with these rules.
The you need to add this line to your /etc/opendkim.conf:
InternalHosts file:/etc/opendkim/TrustedHosts # or any location you want
Content of /etc/opendkim/TrustedHosts could look like:
127.0.0.1
::1
localhost
<server_ip>
hostname.example1.com
example1.com
hostname.example2.com
example2.com
...
It's just for example. You need to put here your python smtplib-client machine's address (ip/host).
Then just restart your opendkim:
$ sudo service opendkim restart
With many e-mail services, you can get tricked into believing an e-mail has been sent from a different address.
Using smtplib in Python, you can easily do the trick by manipulating the From argument.
gmail is not prone to that as they print the via argument which shows the original server.
However, what I cannot find anywhere is how do you retrieve the original (not manipulated) server name in Python, the same as gmail does with their via functionality?
I've tried the imaplib and email libraries, but there I can only access the already manipulated sender.
Any ideas? Is that solely linked to the configuration of a particular provider (e.g. Google, Outlook, hotmail, etc.), or can something be done regardless of that?
Here is part of the code I'm currently using (no success):
import imaplib
import email
obj = imaplib.IMAP4('imap', portn)
obj.login('username', 'password')
obj.select('INBOX')
uidl_list = [68720]
resp, data = obj.uid('FETCH', ','.join(map(str, uidl_list)) , '(BODY.PEEK[HEADER.FIELDS (From Subject)] RFC822.SIZE)')
Never heard about the via field. It is related to this particular provider.
You may check the Received headers of the mail to know what SMTP servers the message went through. Assuming those are not fake and were not modified along the way (i.e. assuming you trust the servers), they should point you to the SMTP server the user connected to to send the message.
Example:
Received: from mail-ot1-x333.google.com (mail-ot1-x333.google.com [IPv6:2617:f8c0:4864:20::331])
by smtp.domain.tld (Postfix) with ESMTPS id 6C488D0F8
for <user#domain.tld>; Mon, 19 Nov 2018 21:13:54 +0100 (CET)
Received: by mail-ot1-x333.google.com with SMTP id w25so38121669otm.11
for <user#domain.tld>; Mon, 19 Nov 2018 12:13:54 -0800 (PST)
A user connected to mail-ot1-x333.google.com, posted a message for user#domain.tld. The SMTP server added the Received header that appears at the bottom. Then, it sent the message to domain.tld, and Postfix server at domain.tld added the header that appears on top.
From RFC 5321, the Received headers are always added on top.
An Internet mail program MUST NOT change or delete a Received: line
that was previously added to the message header section. SMTP
servers MUST prepend Received lines to messages; they MUST NOT change
the order of existing lines or insert Received lines in any other
location.
The last one should always be the one indicating the SMTP server the user connected to.
Note that there are good reasons to have a From domain that does not match the SMTP server used for sending the message.:
ISP forces users to use their own SMTP server
Using several email accounts with a mail client that only offers a songle SMTP configuration
I'm making a script that notifies people about some pending tickets in JIRA. These notifications are sent by e-mail, I already got the notification to trigger, but I'm having problems sending the emails.
I can send them using gmail but when I tried to do it with my official account (the one that the company gave me) I am not able to send them. IT guys already provided me the 'localhost' because they use SMTP relays and the port, but they keep telling me that I should start SMTP without authentication, I'm not very sure of how to do this.
The example I found on internet was this:
import smtplib
fromaddr = 'Axel.Sa#mydomain.com'
toaddrs = ['Axel.Sa#mydomain.com']
msg = '''
From: {fromaddr}
To: {toaddr}
Subject: testin'
This is a test
.
'''
msg = msg.format(fromaddr=fromaddr, toaddr=toaddrs[0])
server = smtplib.SMTP('localhost:25')
server.starttls()
server.ehlo("mydomain.com")
server.mail(fromaddr)
server.rcpt(toaddrs[0])
server.data(msg)
server.quit()
But I keep getting this error, If someone can tell me the proper way of sending emails by SMTP without authentication I will be very grateful.
Check this stack:
How to send an email without login to server in Python
change your smtplib.SMTP('localhost:25') to smtplib.SMTP('localhost', 25)
After registration on our service user is sent by email with confirmation link.
But when it is sent to Gmail or other mail services it usually drops to spam.
Here is the code:
def email_user(self, subject, message, from_email=None):
send_mail(subject, message, from_email, [self.email])
def activate_email(self, email=None):
if email: self.email = email
self.is_activated = False
self.activation_code = hashlib.sha256(str(self.email) + os.urandom(256)).hexdigest()[:32]
self.save()
subject = u'Welcome to the {0}!'.format(settings.SITE_NAME)
message = render_to_string('users/emails/activation.html', {'activation_code': self.activation_code, 'site_name': settings.SITE_NAME, 'site_domain': settings.SITE_DOMAIN})
self.email_user(subject, message, settings.SITE_EMAIL)
How to add DKIM or other license to this email in order to make Google trust to our server?
We're using Zimbra mail server on our site domain.
P.S. I found this snippet: https://djangosnippets.org/snippets/1995/
Is it suitable somehow in my case or not?
Thank you!
How your mail is treated depends first and foremost on the configuration of the email server which sends the messages generated by your application, and the DNS records associated with it.
Google's guidelines for bulk senders are a great place to start. Check that your mail server (and the emails themselves) comply with the rules.
DKIM is one of these guidelines, so yes: adding DKIM signatures will help. A few other points in the guide:
"Use the same address in the 'From:' header on every bulk mail you send." If you used different From headers while testing or something, this could be the problem.
Publish an SPF record.
Publish a DMARC policy.
I have a web application in Python that allows someone to post a message. When this occurs, my application will automatically dispatch an email to the other user, who is following the "conversation/post". The user receive the email and replies with a message such as "Ok".
I want capture this reply message to a post in my application. I see this in applications such as Assana. How I can do this? Does there exists a service or API I can use?
Any email sent from the user will go to the domain mail server. If you want to receive it in a POST request, you'll have to write a separate application that retrieves email messages from the mail server and then sends the ones you want in a HTTP request to your web server. You'll then have to run your application as a daemon/service, and have it periodically poll the server for new messages (or use IMAP IDLE)
You may want to use imaplib to retrieve the emails.
Developing a complete two-way bridge between a web page and email with conversation tracking will likely require knowledge about MTA and LDA administration