Re: Gmail bounce unauthenticated @debian.org addresses
"LeJacq, Jean Pierre" <jeanpierre.lejacq@quoininc.com> writes:
> There are standard best practices for forwarding support in SPF.
>
> http://www.open-spf.org/Best_Practices/Forwarding/
Well, if it only was that simple.
There is NO working SRS software/example config for sendmail in Debian
or anywhere else AFAICS.
The only thing we have is the python3-srs packages, which are still full
of python2 specific code. None of the included tools even run on
bullseye. For example:
bjorn@canardo:~$ /usr/bin/srs2envtol
Traceback (most recent call last):
File "/usr/bin/srs2envtol", line 14, in <module>
from ConfigParser import ConfigParser, DuplicateSectionError
ModuleNotFoundError: No module named 'ConfigParser'
bjorn@canardo:~$ dpkg -S /usr/bin/srs2envtol
pysrs-bin: /usr/bin/srs2envtol
bjorn@canardo:~$ apt-cache policy pysrs-bin
pysrs-bin:
Installed: 1.0.3-2
Candidate: 1.0.3-2
Version table:
*** 1.0.3-2 700
700 http://deb.debian.org/debian bullseye/main amd64 Packages
100 /var/lib/dpkg/status
(yes, I could fix that and the remaining issues - but that's not the
point)
IMHO, modifying postsrsd looks like a much better alternative if I were
to write something. Should be pretty easy to make it optionally use the
sendmail socketmap protocol instead of the postfix tcp_table protocol.
Or alternatively just write a simple proxy protocol translater. Then it
could be plugged right into the example sendmail config from pysrs.
But as have been the result each time I've considered SRS: I got bored
with it long before I got it running. Why do I care whether google can
send a bounce back? So I've just added owner-aliases for all my
forwarded accounts (only a handful), pointing to a /dev/null address.
That does it for me. SRS and SPF can continue to burn in the hell where
it was invented.
Stay tuned for the next episode of Mail Server Frustrations, where we'll
look at Exim and mixed TLS (port 465) and STARTTLS (port 587) submission.
Bjørn
Reply to: