Page 1 of 1

Masquerade

Posted: 2019-05-04 08:57
by MCFH
Hi,
I am migrating to hMailServer from the SMTP server that is native to Windows (as it has no IPv6 support). I need to be able to masquerade email but can't figure out how to do this. The flow I am expecting is:
  • SMTP mail from server X (on my LAN) arrives with both from and to addresses set to someone@mydomain.com
  • hMailServer validates someone@mydomain.com against its list of approved users and does the appropriate authentication check on the hMailServer user database (in my case Active Directory linked)
  • hMailServer relays the email outside the organisation to my cloud hosted mail infrastructure
I am finding that the email is only ever being delivered locally. how can I change this?
Thank you
Mark

Re: Masquerade

Posted: 2019-05-04 10:11
by mattg
MCFH wrote:
2019-05-04 08:57
how can I change this?
You can't

If the account exists locally (on hmailserver), mail will ALWAYS be delivered to the local account. This can't be changed.

If the account deosn't exist on hMailserver but the domain does, you can use a SMTP route to deliver to other addresses at the same domain...
Do you NEED to Authenticate users from your LAN? Most use cases for using IIS SMTP don't involve AUTH at all.
If you don't need to AUTH LAN users you can set up hMailserver without a domain, and just use it to forward all messages to your cloud hosted infrastructure.

OR you could do away with your cloud hosted infrastructure and just handle your domain(s) on hMailsevrer

You also mention IPv6.
Why do you need IPv6 support? Very few mailservers support IPv6.
Do you have IPv6 addresses on your WAN connection?

Re: Masquerade

Posted: 2019-05-05 00:05
by MCFH
Hi there,
Thanks for coming back to me. Removing the domain and user and leaving the route allowed this to work for anonymous access.

On the IPv6 point - it is more a pain as my LAN is all IPv6 live and hMailServer supports IPv6 unlike the MS offering... It is a pain to only bind to IPv4 addresses when other services on the box can do both and DNS will bias the AAAA record over the A.

Can't get rid of the cloud mailbox :) - too much change for the users and knock on effects!

Thanks for your help
Mark

Re: Masquerade

Posted: 2019-05-05 01:58
by mattg
Glad you are sorted...
MCFH wrote:
2019-05-05 00:05
... and DNS will bias the AAAA record over the A.
unless you have IPv6 on your WAN, all IPv6 will be converted to IPv4 for WAN access, and you can always just turn IPv4 off on all machines.

The fact that windows DNS priorities IPv6 doesn't mean that all DNS does.
Most Linux DNS (or even BIND on Windows) don't waste resources prioritising IPv6, even when IPv6 is enabled, it is the fallback, not the priority unless you specifically set it to the priority.

Re: Masquerade

Posted: 2019-05-05 08:20
by MCFH
We are IPv6 all the way here - from WAN to every PC and Server :)

Anyway, I have now run into another small issue. I have established I need to modify the 'From' address on some of my system generated emails as they are hard coded and I need to map them onto a recognised email address.
I have read this
https://www.hmailserver.com/documentati ... ce_scripts

and created and loaded

Code: Select all

Sub OnSMTPData(oClient, oMessage)
oMessage.FromAddress = "email@somewhere.com"
oMessage.Save
Result.Value = 0
End Sub
and the simple rule setting the From Header

But neither of these ever seem to get fired and the email leaves with the original from address in place.
Thanks
Mark

Re: Masquerade

Posted: 2019-05-05 09:02
by mattg
Did you enable scripts?

If so, enable all logging, send a message again where you'd expect that script to fire, wait at least 30 seconds and post all logs creatred

Re: Masquerade

Posted: 2019-05-05 14:12
by MCFH
Thanks - have IM'ed you the logs
Mark

Re: Masquerade

Posted: 2019-05-06 10:27
by mattg
run this and paste the results
viewtopic.php?f=20&t=30914

You have misconfigured your server, probably in the IP ranges I'd guess

Re: Masquerade

Posted: 2019-05-06 22:33
by MCFH
Have sent over the logs. Everything else is working!
Thanks
Mark

Re: Masquerade

Posted: 2019-05-07 02:18
by mattg
A lot of IP ranges there

This one needs to be removed or modified, as you have no domains entered, there can NEVER be 'local' mail, all mail is considered 'external'. This will also impact on the IPv6 ranges that you have entered.

Also, your default domain should be removed (as there are no domains)
IP: 192.168.0.0 - 192.168.255.255 Priority: 100 Name: IPv4 LAN

Allow connections Other
SMTP: True Antispam : False
POP3: False Antivirus: False
IMAP: False SSL/TLS: False

Allow Deliveries from Require Authentication from
Local To Local - True Local To Local - False
Local To External - True Local To External - False
External To Local - False
External To External - False
The ONLY Ip range that you need is the internet range, and allow all deliveries without AUTH
Make sure that your hmailserver is protected by a firewall / router that doesn't allow any incoming internet connections.

Re: Masquerade

Posted: 2019-05-07 08:10
by MCFH
Thank you that seems to have cured the issue with the scripts not running.

However, I am now seeing messages corrupted by the time they get to Outlook
(flow is appliance -> hMailServer->Office 365->Outlook).

It looks like they are being truncated - I got a large email that Outlook left in Base64 encoded format (that I could decode fine back to HTML) and a short one is shown as:
This is a test of the notification feature provided by Backup Exe= c
Historically (pre both hMailServer and Office 365 they were fine!)
Max Message size is set to 20480 kb

Thank you for your help

Mark

Re: Masquerade

Posted: 2019-05-07 10:47
by mattg
MCFH wrote:
2019-05-07 08:10
It looks like they are being truncated
Not by hMailserver unless you do it with a script

Re: Masquerade

Posted: 2019-05-07 13:12
by SorenR
MCFH wrote:
2019-05-07 08:10
Thank you that seems to have cured the issue with the scripts not running.

However, I am now seeing messages corrupted by the time they get to Outlook
(flow is appliance -> hMailServer->Office 365->Outlook).

It looks like they are being truncated - I got a large email that Outlook left in Base64 encoded format (that I could decode fine back to HTML) and a short one is shown as:
This is a test of the notification feature provided by Backup Exe= c
Historically (pre both hMailServer and Office 365 they were fine!)
Max Message size is set to 20480 kb

Thank you for your help

Mark
Do NOT try to save a message (oMessage.Save) in "Sub OnSMTPData(oClient, oMessage)" or you will seriously disrupt the message!

Re: Masquerade

Posted: 2019-05-09 00:25
by MCFH
Yup -that fixed it.
Thank you
Mark

Re: Masquerade

Posted: 2019-05-09 01:33
by mattg
I've added that to the docs too