I'm trying to have an e-mail address at my @example.org forward to an external e-mail address outside my domains.
When using my ISPs SMTP relay server, I get the following error:
Dec 27 15:10:40 bowser sm-mta[76444]: 0BREAbT3071556: to=<[email protected]>, delay=00:00:02, xdelay=00:00:01, mailer=relay, pri=32614, relay=my.isp.relay.host.example. [IPv4-address], dsn=5.7.1, reply=554 5.7.1 <[email protected]>: Sender address rejected: Access denied, stat=Service unavailable
Dec 27 15:10:40 bowser sm-mta[76444]: 0BREAbT3071556: 0BREAeT2076444: DSN: Service unavailable
Dec 27 15:10:40 bowser sm-mta[76444]: 0BREAeT2076444: to=<[email protected]>, delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=34394, relay=my.isp.relay.host.example. [IPv4-address], dsn=5.7.1, reply=554 5.7.1 <>: Sender address rejected: Null sender not allowed here, stat=Service unavailable
Dec 27 15:10:40 bowser sm-mta[76444]: 0BREAeT2076444: 0BREAeT3076444: return to sender: Service unavailable
Notice the <> after 5.7.1 on line 3
This problem only seems to come when I try to send an e-mail from a gmail account to my intended forward address, if I use the server's own internal mail to send to that address, e-mails are forwarded to the destination address as expected.
So I figured, maybe this gets solved by using the gmail SMTP server instead, but then I got this problem instead: every e-mail sent from my host to any external domain (e.g. @gmail.com) gets the Mail From:-header set to the authenticating gmail account's e-mail address, while the envelope-from and reply to-headers are set to the original sender's e-mail address. This causes GMail and others I'm sure to want to reply to "Firstname Lastname [email protected]" rather than "Firstname Lastname [email protected]"
I have some settings to my sendmail .mc file that have been been appended over the years to get things running, but I can't say with confidence that none of them are causing this issue and breaking the functionality I want. Redacted mc below:
divert(-1)
divert(0)
VERSIONID(`$bowser.example.org.mc 2020-12-27 16:50:00 dadver $')
OSTYPE(freebsd6)dnl
DOMAIN(generic)dnl
FEATURE(access_db, `hash -o -T<TMPF> /etc/mail/access')dnl
FEATURE(blocklist_recipients)dnl
FEATURE(local_procmail)dnl
FEATURE(authinfo, `hash /etc/mail/auth/client-info')dnl
FEATURE(mailertable, `hash -o /etc/mail/mailertable')dnl
FEATURE(virtusertable, `hash -o /etc/mail/virtusertable')dnl
define(`CERT_DIR', `/usr/local/etc/letsencrypt/live/mail.example.org/')dnl
define(`confCACERT_PATH', `CERT_DIR')dnl
define(`confCACERT', `CERT_DIR/chain.pem')dnl
define(`confSERVER_CERT', `CERT_DIR/cert.pem')dnl
define(`confSERVER_KEY', `CERT_DIR/privkey.pem')dnl
define(`confCRL', `/usr/local/certs/revoke.crl')
define(`confAUTH_OPTIONS', `A p y')dnl
define(`confAUTH_MECHANISMS', `EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
TRUST_AUTH_MECH(`EXTERNAL GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN PLAIN')dnl
FEATURE(no_default_msa)dnl ## overridden with DAEMON_OPTIONS below
CLIENT_OPTIONS(`Name=IPv4-client-mail.example.org, Family=inet')dnl
CLIENT_OPTIONS(`Name=IPv6-client-mail.example.org, Family=inet6')dnl
DAEMON_OPTIONS(`Name=IPv4-localhost, Addr=127.0.0.1, M=A, Family=inet')dnl
DAEMON_OPTIONS(`Name=IPv4-mail.example.org, Addr= my-public-ipv4-ip, M=A, Family=inet')dnl
DAEMON_OPTIONS(`Name=IPv6-mail.example.org, Addr= my-public-ipv6-ip, M=A, Family=inet6')dnl
DAEMON_OPTIONS(`Name=IPv6-localhost, Addr=::1, M=A, Family=inet6')dnl
DAEMON_OPTIONS(`Name=MSA-IPv4-localhost, Addr=127.0.0.1, Port=587, M=E')dnl
DAEMON_OPTIONS(`Name=MSA-IPv4-mail.example.org, Addr= my-public-ipv4-ip, Port=587, M=Ea')dnl
DAEMON_OPTIONS(`Name=MSA-IPv6-mail.example.org, Addr= my-public-ipv6-ip, Port=587, M=Ea, Family=inet6')dnl
DAEMON_OPTIONS(`Name=MSA-IPv6-localhost, Addr=::1, Port=587, M=E, Family=inet6')dnl
define(`SMART_HOST', `[my.isp.relay.server]')dnl
define(`RELAY_MAILER_ARGS', `TCP $h 587')dnl
define(`ESMTP_MAILER_ARGS', `TCP $h 587')dnl
INPUT_MAIL_FILTER(`spfmilter',`S=unix:/var/run/spfmilter.sock')dnl
INPUT_MAIL_FILTER(`spamassassin', `S=local:/var/run/spamass-milter/spamass-milter.sock, F=, T=C:15m;S:4m;R:4m;E:10m')
define(`confMILTER_MACROS_CONNECT',``b, j, _, {daemon_name}, {if_name}, {if_addr}, {client_addr}'')dnl
define(`confMILTER_MACROS_ENVRCPT',``b, r, v, Z, {rcpt_mailer}, {rcpt_host}, {rcpt_addr}'')dnl
INPUT_MAIL_FILTER(`milter-manager',`S=unix:/var/run/milter-manager/milter-manager.sock')dnl
INPUT_MAIL_FILTER(`dkim-filter', `S=unix:/var/run/dkim/opendkim.sock, F=T, T=R:2m')
define(`confCW_FILE', `-o /etc/mail/local-host-names')dnl
define(`confBIND_OPTS', `WorkAroundBrokenAAAA')dnl
define(`confNO_RCPT_ACTION', `add-to-undisclosed')dnl
define(`confPRIVACY_FLAGS', `authwarnings,noexpn,novrfy')dnl
MAILER(local)dnl
MAILER(smtp)dnl
MAILER(procmail)dnl
I've tried adding From:gmail.com RELAY and To:destination-host-for-the-forward-to-address RELAY to the access file, adding the destination-host-for-the-forward-to-address to the relay-domains file in order to try to fix the first issue, but no difference.
This is all caused by your mail server's interaction with your ISP's mail server, being rejected by that server.
Let's look at what is going on.
First your server tries to relay your email and gets rejected because they don't like the envelope sender.
Next, your server generates a bounce email and tries to send that bounce message out via the ISP's email server. Bounce messages have an empty envelope sender.
It's not clear why you're trying to send this email via your ISP's server, as (1) you say it works when you send directly, and (2) your business class Internet service should permit you to send mail directly to anywhere (if it doesn't, start yelling at your ISP until they fix it).