I have a virtual private server with its own IP and have configured SPF, DKIM, DMARC, SRS (with postsrsd
) and all that jazz. Let's call it domainut.com
.
Most things are working, mail is being delivered to gmail --to the spam folder, because the IP doesn't yet have any reputation, but that should improve over time.
However, while doing some tests I ended up receiving a mail from no-reply@microsoft.com which was being redirected to myself@gmail.com and also myself@vanity-domain.com
The gmail server complained:
(...) status=bounced (host gmail-smtp-in.l.google.com[108.177.127.27] said:
550-5.7.1 Unauthenticated email from microsoft.com is not accepted due to
550-5.7.1 domain's DMARC policy. Please contact the administrator of
550-5.7.1 microsoft.com domain if this was a legitimate mail. Please visit
550-5.7.1 https://support.google.com/mail/answer/2451690 to learn about the
550 5.7.1 DMARC initiative. s19-v6si278495edc.383 - gsmtp (in reply to end of DATA command))
However, the SRS seems to be working correctly, as I can see in the mail headers:
Return-Path: <SRS0=N0AY=LS=microsoft.com=no-reply@domainut.com>
Delivered-To: <myself@vanity-domain.com>
Received: from ...
by ...
for ...
Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=xxx.xxx.xxx.xxx; helo=mail.domainut.com; envelope-from=srs0=n0ay=ls=microsoft.com=no-reply@domainut.com; receiver=myself@vanity-domain.com
I may have some misunderstanding on what should the SRS do, or what is expected to do gmail with that kind of mail.
What should I fix in order to happily forward mails sent to the domainut.com to myself@gmail.com?
[Meta: I wanted to add the tag SRS, given that it seems to be the key issue with that problem, but it seems that it doesn't exist yet]