Error with Transports vs MX

A

andaga

Member
Proxmox Subscriber
May 24, 2022
133
17
23
Switzerland
Hello! I have a problem that I don't know how to solve and it's starting to bother me!

By default, each time a customer orders a domain name from us, we activate protection with PMG with the domain name! So we configure our default config which is:

relay domain domaincustomer.com ----> transport mail.domaincustomer.com ---> port 25 and we also activate the dkim with the domaincustomer.com

IMPORTANT: We use PMG from our mail servers to also send emails (smarthost).

In the domaincustomer.com dns zone the default value for MX entries is:
So our PMG MXs:
mx1.provider.com
mx2.provider.com


Now, it happens that some customers do not use our services for emails and change the MX for example O365!

What happens is when our other clients try to send an email to an address of another client who manages their emails elsewhere, for example:

user1@domaincustomer2 sends to user1@domaincustomer.com, the email never arrives on O365 and whoever sends from user1@domaincustomer2.com receives an error message because PMG checks the relay domain / transport instead of checking if the MX points well to PMG or not!

How to handle this case?

Thank you for your help!
 
If your customers do not use the service on PMG, and point their MX elsewhere - you need to remove them from the list of relay domains - else PMG will always try to send it according to its configuration...
 
Thank you for your reply.

But for us is terrible to manage if customer use our mail server or not! We provide automaticly with all domains the PMG setup!

There is no way PMG check MX records instead of internal domain added?
 
andaga said:
There is no way PMG check MX records instead of internal domain added?
Click to expand...
not really - the transport_maps entry is one of the highest-priority places for the postfix configuration (many mail-services rely on this to be higher, because the public MX points to e.g. a PMG, but the PMG needs to send the mails to a downstream server)...

You could quite easily script the removal of domains where the MX record does not point to your IPs...:
https://pmg.proxmox.com/pmg-docs/api-viewer/index.html#/config/transport/{domain}
https://pve.proxmox.com/wiki/Proxmox_VE_API
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom