Email suddenly no longer works with SMTP Relay Google Workspace

theopenem

@emotion said in Email suddenly no longer works with SMTP Relay Google Workspace:

The problem with letting postfix relay the mail is that it lacks DKIM, DMARC, and SPF records which makes your emails more likely to end up in the spam folder.

I'm using postfix to relay all mail to gmail. It ends up being the same thing as if you set the relay in NodeBB.

PitaJ

@vaulverin okay so in NodeBB we need to add the name based on config.json url.

@Emotion @theopenem can you try hard coding

name: 'your-domain.com',

At this line https://github.com/NodeBB/NodeBB/blob/501441b736386929ed06f749dae0c2a1d3c0059a/src/emailer.js#L121

And see if that allows emails to send?

Emotion

@pitaj Yes! That fixed it!

I'm assuming you're going to let the nodeBB dev team know about this, eh? Great job.

@vaulverin said in Email suddenly no longer works with SMTP Relay Google Workspace:

@emotion Yay, their email response gave me an idea to use "name" option in nodemail configuration, and it worked!
I had the same problem, emails had been correctly sent but a week ago or so they stopped, in logs i saw that 421, "4.7.0" error.
Here is what i use as transport configuration now

{
    "name": "your-domain-name.com",
    "host" : "smtp-relay.gmail.com",
    "port" : 465,
    "secure": true,
    "pool": true
  },

Thank you!

Awesome, glad you got it to work.

@theopenem said in Email suddenly no longer works with SMTP Relay Google Workspace:

@emotion said in Email suddenly no longer works with SMTP Relay Google Workspace:

The problem with letting postfix relay the mail is that it lacks DKIM, DMARC, and SPF records which makes your emails more likely to end up in the spam folder.

I'm using postfix to relay all mail to gmail. It ends up being the same thing as if you set the relay in NodeBB.

How many sites do you have running on the server? If it's just 1 then yeah postfix relay will be the same as a direct relay. But if you have multiple sites then the mailing domain and the return path will be the FQDN. At least that's how it is with my configuration.

If you have multiple sites and they're all being mailed by the sending domain can you share your configuration please?

gotwf

@theopenem said in Email suddenly no longer works with SMTP Relay Google Workspace:

I'm using postfix to relay all mail to gmail. It ends up being the same thing as if you set the relay in NodeBB.

Moreover, you now have a mail spool for failed messages, access to meaningful log messages, ability to tweak and tune if necessary, etc. This is a big win. But maybe too much a pita for some. Until something breaks.

DKIM is lame. Search "DKIM considered bad". Here's one rant from ZDNet.

Iirc (and it has been a while since I needed to read up cuz my stuff jfw....), SPF has no restrictions on number of different domains - just add the spf txt record to that domain. Then make sure the relay has a reverse dns entry - that does not have to be the same domain, just has to be.

I was hoping for some better diagnostics, wh/is why I suggested the cli. Establishing an initial connection is easy. It is what comes next that is important and unfortunately OP did not see that bit thru. Why does not somebody test it, eh? I don't have any goog accts, nor do I want/need one, but it may prove illuminating?

Just my $0.02.

P.S.; Or maybe ptr is even easier than that for this use case: create a redirect to goog's? then goog worries about the nitty gritty for you. Like I said, been a while and shootin' from the hip. Double check the rfc, eh?

Here's some DMARC spf resources for the bold and curious.

P.P.S.; Geronimo, here ya' go. Big medicine!

Primary domain sporting the smtp relay zone file:

relaydomain.tld.          IN   TXT "v=spf1 ip4:xxx.xxx.xxx.xxy ip4:yyy.yyy.yyy.yyz -all"

otherdom.tld zone file:

otherdom.tld.               IN  TXT "v=spf1 redirect=relaydom.tld"

foodom.tld zone file:

foodom.tld.               IN  TXT "v=spf1 redirect=relaydom.tld"

anotherdom.tld zone file

@                                   IN  TXT "v=spf1 redirect=relaydom.tld"

More than one way to do it, note the @ in second example there. Save typing but less explicit. Pick yer' poison.

Then use a checker. I favor MXToolbox, but note the Goog has one specific for their stuff Google Admin Toolbox Check MX .