Masquerade

Use this forum if you have installed hMailServer and want to ask a question related to a production release of hMailServer. Before posting, please read the troubleshooting guide. A large part of all reported issues are already described in detail here.
Post Reply
MCFH
New user
New user
Posts: 9
Joined: 2019-05-04 08:50

Masquerade

Post by MCFH » 2019-05-04 08:57

Hi,
I am migrating to hMailServer from the SMTP server that is native to Windows (as it has no IPv6 support). I need to be able to masquerade email but can't figure out how to do this. The flow I am expecting is:
  • SMTP mail from server X (on my LAN) arrives with both from and to addresses set to someone@mydomain.com
  • hMailServer validates someone@mydomain.com against its list of approved users and does the appropriate authentication check on the hMailServer user database (in my case Active Directory linked)
  • hMailServer relays the email outside the organisation to my cloud hosted mail infrastructure
I am finding that the email is only ever being delivered locally. how can I change this?
Thank you
Mark

User avatar
mattg
Moderator
Moderator
Posts: 20108
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: Masquerade

Post by mattg » 2019-05-04 10:11

MCFH wrote:
2019-05-04 08:57
how can I change this?
You can't

If the account exists locally (on hmailserver), mail will ALWAYS be delivered to the local account. This can't be changed.

If the account deosn't exist on hMailserver but the domain does, you can use a SMTP route to deliver to other addresses at the same domain...
Do you NEED to Authenticate users from your LAN? Most use cases for using IIS SMTP don't involve AUTH at all.
If you don't need to AUTH LAN users you can set up hMailserver without a domain, and just use it to forward all messages to your cloud hosted infrastructure.

OR you could do away with your cloud hosted infrastructure and just handle your domain(s) on hMailsevrer

You also mention IPv6.
Why do you need IPv6 support? Very few mailservers support IPv6.
Do you have IPv6 addresses on your WAN connection?
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

MCFH
New user
New user
Posts: 9
Joined: 2019-05-04 08:50

Re: Masquerade

Post by MCFH » 2019-05-05 00:05

Hi there,
Thanks for coming back to me. Removing the domain and user and leaving the route allowed this to work for anonymous access.

On the IPv6 point - it is more a pain as my LAN is all IPv6 live and hMailServer supports IPv6 unlike the MS offering... It is a pain to only bind to IPv4 addresses when other services on the box can do both and DNS will bias the AAAA record over the A.

Can't get rid of the cloud mailbox :) - too much change for the users and knock on effects!

Thanks for your help
Mark

User avatar
mattg
Moderator
Moderator
Posts: 20108
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: Masquerade

Post by mattg » 2019-05-05 01:58

Glad you are sorted...
MCFH wrote:
2019-05-05 00:05
... and DNS will bias the AAAA record over the A.
unless you have IPv6 on your WAN, all IPv6 will be converted to IPv4 for WAN access, and you can always just turn IPv4 off on all machines.

The fact that windows DNS priorities IPv6 doesn't mean that all DNS does.
Most Linux DNS (or even BIND on Windows) don't waste resources prioritising IPv6, even when IPv6 is enabled, it is the fallback, not the priority unless you specifically set it to the priority.
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

MCFH
New user
New user
Posts: 9
Joined: 2019-05-04 08:50

Re: Masquerade

Post by MCFH » 2019-05-05 08:20

We are IPv6 all the way here - from WAN to every PC and Server :)

Anyway, I have now run into another small issue. I have established I need to modify the 'From' address on some of my system generated emails as they are hard coded and I need to map them onto a recognised email address.
I have read this
https://www.hmailserver.com/documentati ... ce_scripts

and created and loaded

Code: Select all

Sub OnSMTPData(oClient, oMessage)
oMessage.FromAddress = "email@somewhere.com"
oMessage.Save
Result.Value = 0
End Sub
and the simple rule setting the From Header

But neither of these ever seem to get fired and the email leaves with the original from address in place.
Thanks
Mark

User avatar
mattg
Moderator
Moderator
Posts: 20108
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: Masquerade

Post by mattg » 2019-05-05 09:02

Did you enable scripts?

If so, enable all logging, send a message again where you'd expect that script to fire, wait at least 30 seconds and post all logs creatred
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

MCFH
New user
New user
Posts: 9
Joined: 2019-05-04 08:50

Re: Masquerade

Post by MCFH » 2019-05-05 14:12

Thanks - have IM'ed you the logs
Mark

User avatar
mattg
Moderator
Moderator
Posts: 20108
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: Masquerade

Post by mattg » 2019-05-06 10:27

run this and paste the results
viewtopic.php?f=20&t=30914

You have misconfigured your server, probably in the IP ranges I'd guess
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

MCFH
New user
New user
Posts: 9
Joined: 2019-05-04 08:50

Re: Masquerade

Post by MCFH » 2019-05-06 22:33

Have sent over the logs. Everything else is working!
Thanks
Mark

User avatar
mattg
Moderator
Moderator
Posts: 20108
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: Masquerade

Post by mattg » 2019-05-07 02:18

A lot of IP ranges there

This one needs to be removed or modified, as you have no domains entered, there can NEVER be 'local' mail, all mail is considered 'external'. This will also impact on the IPv6 ranges that you have entered.

Also, your default domain should be removed (as there are no domains)
IP: 192.168.0.0 - 192.168.255.255 Priority: 100 Name: IPv4 LAN

Allow connections Other
SMTP: True Antispam : False
POP3: False Antivirus: False
IMAP: False SSL/TLS: False

Allow Deliveries from Require Authentication from
Local To Local - True Local To Local - False
Local To External - True Local To External - False
External To Local - False
External To External - False
The ONLY Ip range that you need is the internet range, and allow all deliveries without AUTH
Make sure that your hmailserver is protected by a firewall / router that doesn't allow any incoming internet connections.
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

MCFH
New user
New user
Posts: 9
Joined: 2019-05-04 08:50

Re: Masquerade

Post by MCFH » 2019-05-07 08:10

Thank you that seems to have cured the issue with the scripts not running.

However, I am now seeing messages corrupted by the time they get to Outlook
(flow is appliance -> hMailServer->Office 365->Outlook).

It looks like they are being truncated - I got a large email that Outlook left in Base64 encoded format (that I could decode fine back to HTML) and a short one is shown as:
This is a test of the notification feature provided by Backup Exe= c
Historically (pre both hMailServer and Office 365 they were fine!)
Max Message size is set to 20480 kb

Thank you for your help

Mark

User avatar
mattg
Moderator
Moderator
Posts: 20108
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: Masquerade

Post by mattg » 2019-05-07 10:47

MCFH wrote:
2019-05-07 08:10
It looks like they are being truncated
Not by hMailserver unless you do it with a script
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

User avatar
SorenR
Senior user
Senior user
Posts: 3183
Joined: 2006-08-21 15:38
Location: Denmark

Re: Masquerade

Post by SorenR » 2019-05-07 13:12

MCFH wrote:
2019-05-07 08:10
Thank you that seems to have cured the issue with the scripts not running.

However, I am now seeing messages corrupted by the time they get to Outlook
(flow is appliance -> hMailServer->Office 365->Outlook).

It looks like they are being truncated - I got a large email that Outlook left in Base64 encoded format (that I could decode fine back to HTML) and a short one is shown as:
This is a test of the notification feature provided by Backup Exe= c
Historically (pre both hMailServer and Office 365 they were fine!)
Max Message size is set to 20480 kb

Thank you for your help

Mark
Do NOT try to save a message (oMessage.Save) in "Sub OnSMTPData(oClient, oMessage)" or you will seriously disrupt the message!
SørenR.

“With age comes wisdom, but sometimes age comes alone.”
- Oscar Wilde

MCFH
New user
New user
Posts: 9
Joined: 2019-05-04 08:50

Re: Masquerade

Post by MCFH » 2019-05-09 00:25

Yup -that fixed it.
Thank you
Mark

User avatar
mattg
Moderator
Moderator
Posts: 20108
Joined: 2007-06-14 05:12
Location: 'The Outback' Australia

Re: Masquerade

Post by mattg » 2019-05-09 01:33

I've added that to the docs too
Just 'cause I link to a page and say little else doesn't mean I am not being nice.
https://www.hmailserver.com/documentation

Post Reply