For customers of other providers the individual e-mail addresses to their gmx/web.de eMail forward suddenly no more e-mails received, if the sender has sent the e-mail from gmx/web.de
As Provider you are now forced to comply with the request of united internet to Server to the so-called SRS procedure, even if this leads to further problems and can cause problems especially with already forwarded e-mails.
With this guide you will have SRS installed in 1 minute and your customers' service requests will decrease.
This manual refers to a Centos7 system with Postfix as MTA.
Download the RPM postsrsd-1.4-3.el7.centos.x86_64.rpm and install She it.
wget https://download.hoster.online/postsrsd-1.4-3.el7.centos.x86_64.rpm rpm -i postsrsd-1.4-3.el7.centos.x86_64.rpm
If there were no error messages, the Installation ...locked. With the following command the installation can be checked. It also shows directly which files were installed.
rpm -qil postsrsd
Name : postsrsd
Version : 1.4
Release : 3.el7.centos
Install Date: Do 02 Jun 2016 11:55:53 CEST
Group : Unspecified
Size : 49065
License : GPLv2+
Signature : (none)
Source RPM : postsrsd-1.4-3.el7.centos.src.rpm
Build Date : Th 02 Jun 2016 10:54:45 CEST
Build Host : vpn.webhoster.ag
Relocations : (not relocatable)
URL : https://github.com/roehling/postsrsd
Summary : A sender-envelope rewriter to comply with SPF forwarding for postfix
PostSRSd provides the Sender Rewriting Scheme (SRS) via TCP-based
lookup tables for Postfix. SRS is needed if your mail server acts
Now the configuration file must be adapted. After that the service can be integrated and started.
# Default settings for postsrsd
# Local domain name.
# Addresses are rewritten to originate from this domain. The default value
# is taken from postconf -h mydomain and probably okay.
#SRS_DOMAIN=example.com Please enter the mail server domain here. This should also be located in the main.cf.
# Exclude additional domains.
# You may list domains which shall not be subjected to address rewriting.
# If a domain name starts with a dot, it matches all subdomains, but not
# the domain itself. Separate multiple domains by space or comma.
# First separator character after SRS0 or SRS1.
# Can be one of: -+=
# Secret key to sign rewritten addresses.
# When postsrsd is installed for the first time, a random secret is generated
# and stored in /etc/postsrsd.secret. For most installations, that's just fine.
# Local ports for TCP list.
# These ports are used to bind the TCP list for postfix. If you change
# these, you have to modify the postfix settings accordingly. The ports
# are bound to the loopback interface, and should never be exposed on
# the internet.
# Drop root privileges and run as another user after initialization.
# This is highly recommended as postsrsd handles untrusted input.
# Jail daemon in chroot environment
If not already existing create the following files in the postfix directory:
touch /etc/postfix/sender_canonical_maps touch /etc/postfix/recipient_canonical_maps postmap btree:/etc/postfix/recipient_canonical_maps postmap btree:/etc/postfix/sender_canonical_maps
Now add or change the following lines in your main.cf configuration file:
sender_canonical_maps = btree:/etc/postfix/sender_canonical_maps, tcp:127.0.0.1:10001 sender_canonical_classes = envelope_sender recipient_canonical_maps = btree:/etc/postfix/recipient_canonical_maps, tcp:127.0.0.1:10002 recipient_canonical_classes = envelope_recipient
Then you can start the postsrs service and restart postfix.
service postsrsd start service postfix restart
Check if everything is working by sending an email from a gmx address to an existing email address on the server. email address send from which an email is sent back to gmx.
tail -f /var/log/maillog|grep 'srs_forward'
Jun 2 12:22:10 yourcompany.com postsrsd : srs_forward:
If these instructions were helpful for you, we would be happy to receive a donation to the local kindergarten:
If you need another Linux distribution you can also compile the daemon manually. If you are using Centos6 for example, please note that the Postfix service included there is too old and should be updated to the latest version first.