[ZendTo] Using the IMAP auth and e-mails don't show up from users' address

Travis Zimmerman TZimmerman at fsu.edu
Thu Nov 15 18:16:33 GMT 2018 

It's set to TRUE.
[root at dropboxprd01 ~]# grep SMTPsetFromToSender 
/var/www/html/zendto/config/preferences.php
   'SMTPsetFromToSender' => TRUE,

To fix the problem for my users I just modified the line to below.
if ($senderDomain !== '' &&
             ( strcasecmp($senderDomain, $fromDomain) == 0 || 
strcasecmp('my.fsu.edu', $fromDomain) == 0)) {

If other people run into this problem, a possible general fix may be to 
have an array of allowed secondary domains, that match the SPF records 
for the SMTP server?

Thanks for the help.

-------------------------------------------------------------------
Travis Zimmerman    tzimmerman at fsu.edu     850-645-8030
Linux Enterprise Applications & Systems    its-linuxadmins at fsu.edu
Information Technology Services, Florida State University

On 11/15/18 1:04 PM, Jules Field wrote:
> Travis,
>
> That code snippet will only be run if you have
>     'SMTPsetFromToSender' => TRUE,
> in preferences.php.
>
> The default is FALSE. What value are you using?
>
> Cheers,
> Jules.
>
> On 01/11/2018 18:56, Travis Zimmerman wrote:
>> I don't know if I'm reading this correctly but I think maybe the problem
>> is having the two domains and this part of the code.
>>
>>             // If the sender domain and the from domain are the same
>>             // (and not blank, which signifies something went wrong!),
>>             // we can safely overwrite the From we set above, without
>>             // causing SPF/DKIM/DMARC problems.
>>             if ($senderDomain !== '' &&
>>                 strcasecmp($senderDomain, $fromDomain) == 0)
>>
>> Could a possible solution be to switch from a strcasecmp to substring
>> test or maybe a regex testing if the $senderDomain is part of the end of
>> the $fromDomain? Not sure if that would cause a SPF/DKIM/DMARC problem.
>>
>> endswith($fromDomain, $senderDomain);
>>
>> function endswith($from, $sender) {
>>       $fromlen = strlen($from);
>>       $senderlen = strlen($sender);
>>       if ($testlen > $strlen) return false;
>>       return substr_compare($from, $sender, $fromlen - $senderlen,
>> $senderlen) === 0;
>> }
>>
>> This is just a code snippet I googled up and haven't tested.
>>
>> -------------------------------------------------------------------
>> Travis Zimmerman    tzimmerman at fsu.edu     850-645-8030
>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu
>> Information Technology Services, Florida State University
>>
>> On 11/1/18 12:33 PM, Travis Zimmerman via ZendTo wrote:
>>> Yup, that's what I have authIMAPDomain set to already.
>>>
>>> -------------------------------------------------------------------
>>> Travis Zimmerman    tzimmerman at fsu.edu     850-645-8030
>>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu
>>> Information Technology Services, Florida State University
>>>
>>> On 11/1/18 12:29 PM, Jules Field wrote:
>>>> Travis,
>>>>
>>>> If the students enter their entire email address (username at my.fsu.edu)
>>>> into the ZendTo login "username" box, then set
>>>>       'authIMAPDomain' => '',
>>>> in preferences.php.
>>>>
>>>> If they just enter their username, then something more subtle is
>>>> happening which I will need to investigate further.
>>>>
>>>> Please let me know if that helps.
>>>>
>>>> Cheers,
>>>> Jules.
>>>>
>>>> On 31/10/2018 20:56, Travis Zimmerman via ZendTo wrote:
>>>>> I realized I should mention that we are using e-mail addresses to 
>>>>> login
>>>>> to our ZendTo service to differentiate between our two domains. Don't
>>>>> know if that would effect how e-mails are sent. Doesn't seem to be a
>>>>> problem for our faculty/staff (AD, username at fsu.edu), just the 
>>>>> students
>>>>> (IMAP, username at my.fsu.edu).
>>>>>
>>>>> -------------------------------------------------------------------
>>>>> Travis Zimmerman    tzimmerman at fsu.edu     850-645-8030
>>>>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu
>>>>> Information Technology Services, Florida State University
>>>>>
>>>>> On 10/31/18 12:09 PM, Travis Zimmerman via ZendTo wrote:
>>>>>> I tried to use my university's AD for the students (there is a 
>>>>>> previous
>>>>>> e-mail I sent to the ZendTo mailing list about a week ago), but 
>>>>>> due to
>>>>>> how our Microsoft Admins configured it they needed to use an 
>>>>>> alternate
>>>>>> attribute.
>>>>>>
>>>>>> Yes. When I login to LDAP or AD and drop off a file, the e-mail 
>>>>>> sent to
>>>>>> the recipient will show my e-mail address in the From field. If I 
>>>>>> login
>>>>>> using the IMAP auth the From field lists the servers default e-mail
>>>>>> from
>>>>>> zendto.conf and the Reply-To field has the IMAP account's e-mail
>>>>>> address.
>>>>>>
>>>>>> -------------------------------------------------------------------
>>>>>> Travis Zimmerman    tzimmerman at fsu.edu     850-645-8030
>>>>>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu
>>>>>> Information Technology Services, Florida State University
>>>>>>
>>>>>> On 10/31/18 11:33 AM, Jules Field via ZendTo wrote:
>>>>>>> Travis,
>>>>>>>
>>>>>>> If you are authenticating users against Office365, then why not do
>>>>>>> that with AD?
>>>>>>> I don't quite see why you need to use the IMAP authenticator at 
>>>>>>> all.
>>>>>>> If it's a separate AD forest for some reason, then that's okay, 
>>>>>>> ZendTo
>>>>>>> will happily do 3 different AD forests with independent setups.
>>>>>>>
>>>>>>> So "SMTPsetFromToSender'=>TRUE" works as expected if they login via
>>>>>>> LDAP or AD, but doesn't if they login via IMAP?
>>>>>>>
>>>>>>> What we do here for the "From" address is use an address whose 
>>>>>>> email
>>>>>>> is just automatically trashed, ie. a "no-reply" address. Then
>>>>>>> automated stuff that is replying (incorrectly) to the "From:" or
>>>>>>> (validly/correctly) to the envelope sender will just be thrown 
>>>>>>> away.
>>>>>>> Any human-generated replies will go to the right user.
>>>>>>>
>>>>>>> Thanks for the info about the option you need to pass to O365. I 
>>>>>>> guess
>>>>>>> that's going to need yet another preferences.php setting.
>>>>>>>
>>>>>>> Cheers,
>>>>>>> Jules.
>>>>>>>
>>>>>>> On 31/10/2018 14:49, Travis Zimmerman via ZendTo wrote:
>>>>>>>> I configured the IMAP authentication to allow my university's
>>>>>>>> students
>>>>>>>> to login to our ZendTo server, but when they drop off files the 
>>>>>>>> From
>>>>>>>> field is showing the e-mail address configured in zendto.conf
>>>>>>>> instead of
>>>>>>>> the student's address. The student's address ends up in the 
>>>>>>>> Reply-To
>>>>>>>> field, which normally wouldn't be a problem except sometimes
>>>>>>>> automated
>>>>>>>> systems reply back to the drop off e-mails and they ignore the
>>>>>>>> Reply-To.
>>>>>>>>
>>>>>>>> I have SMTPsetFromToSender => TRUE, users that login via LDAP 
>>>>>>>> or AD
>>>>>>>> appear to work as expected.
>>>>>>>>
>>>>>>>> BTW I am using the IMAP authentication with Office365 and in 
>>>>>>>> order to
>>>>>>>> get it to login correctly I had to change the imap_open line.
>>>>>>>> $mbox = @imap_open('{'.$this->_imapServer.'}INBOX', $uname,
>>>>>>>> $password,
>>>>>>>> OP_READONLY,1,array('DISABLE_AUTHENTICATOR' => 'PLAIN'));
>>>>>>>>
>>>>>>>> So don't know if you want to add this to the documentation
>>>>>>>> somewhere or
>>>>>>>> incorporate into the NSSIMAPAuthenticator code.
>>>>>>>>
>>>>>>>> ------------------------------------------------------------------- 
>>>>>>>>
>>>>>>>> Travis Zimmerman    tzimmerman at fsu.edu 850-645-8030
>>>>>>>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu
>>>>>>>> Information Technology Services, Florida State University
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> ZendTo mailing list
>>>>>>>> ZendTo at zend.to
>>>>>>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__jul.es_mailman_listinfo_zendto&d=DwICAg&c=HPMtquzZjKY31rtkyGRFnQ&r=TZ3x4Nnv5Pp03uwRWF9UlLOaC296m8a1MGVEkWJljsg&m=5u9mHQwWyo_tYTeW__SOzvefpnCjf4YQxPsJSnNZ3t0&s=2lT413dnsMw6bu9-9TLNGGhRMyhC3YK11szRGuK1xtw&e= 
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>> Jules
>>>>>>>
>>>>>> _______________________________________________
>>>>>> ZendTo mailing list
>>>>>> ZendTo at zend.to
>>>>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__jul.es_mailman_listinfo_zendto&d=DwIGaQ&c=HPMtquzZjKY31rtkyGRFnQ&r=TZ3x4Nnv5Pp03uwRWF9UlLOaC296m8a1MGVEkWJljsg&m=nldSAFYLL3YRHIJw6WEEK5gmzqlolpYwjz642dolMxk&s=YAnfXHzTncnerKooAJbUFFL3V98t9jArpAfFUJ5gayo&e= 
>>>>>>
>>>>>>
>>>>> _______________________________________________
>>>>> ZendTo mailing list
>>>>> ZendTo at zend.to
>>>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__jul.es_mailman_listinfo_zendto&d=DwIDaQ&c=HPMtquzZjKY31rtkyGRFnQ&r=TZ3x4Nnv5Pp03uwRWF9UlLOaC296m8a1MGVEkWJljsg&m=EiTV262ezFwuAy6LGUFPUno8qF0iVenx_KHgRL1WHtY&s=0aGdNoswD33mWO4qa5w4pK81g2LF4T9cIta1vV5sc4c&e= 
>>>>>
>>>>>
>>>> Jules
>>>>
>>> _______________________________________________
>>> ZendTo mailing list
>>> ZendTo at zend.to
>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__jul.es_mailman_listinfo_zendto&d=DwIGaQ&c=HPMtquzZjKY31rtkyGRFnQ&r=TZ3x4Nnv5Pp03uwRWF9UlLOaC296m8a1MGVEkWJljsg&m=ld_nfLvQazOI2Hz4g6p83F5PAuKFj1vbMR6469-svR4&s=G0UK4iFGrD_R80gfAF6IOhT77OtJbOoEg9rFALMy70M&e= 
>>>
>
> Jules
>

More information about the ZendTo mailing list