[ZendTo] Using the IMAP auth and e-mails don't show up from users' address

Travis Zimmerman TZimmerman at fsu.edu
Fri Nov 16 14:37:08 GMT 2018 

For what it's worth my team is pretty happy about the feature, as we get 
a consistent number of auto-replies from a system that doesn't pay 
attention to the Reply-To field.

-------------------------------------------------------------------
Travis Zimmerman    tzimmerman at fsu.edu     850-645-8030
Linux Enterprise Applications & Systems    its-linuxadmins at fsu.edu
Information Technology Services, Florida State University

On 11/16/18 4:24 AM, Jules Field wrote:
> Travis,
>
> Okay, thanks for that. I will take a look and see what I can do. I 
> would rather stick with the internaldomains.conf information than add 
> another list of domains, if it can be avoided. Few people have that 
> set to TRUE anyway, and I suspect I shouldn't have implemented it in 
> the first place, as there are other ways of avoiding the problem it 
> aims to solve.
>
> Cheers,
> Jules.
>
> On 15/11/2018 18:16, Travis Zimmerman wrote:
>> It's set to TRUE.
>> [root at dropboxprd01 ~]# grep SMTPsetFromToSender
>> /var/www/html/zendto/config/preferences.php
>>     'SMTPsetFromToSender' => TRUE,
>>
>> To fix the problem for my users I just modified the line to below.
>> if ($senderDomain !== '' &&
>>               ( strcasecmp($senderDomain, $fromDomain) == 0 ||
>> strcasecmp('my.fsu.edu', $fromDomain) == 0)) {
>>
>> If other people run into this problem, a possible general fix may be to
>> have an array of allowed secondary domains, that match the SPF records
>> for the SMTP server?
>>
>> Thanks for the help.
>>
>> -------------------------------------------------------------------
>> Travis Zimmerman    tzimmerman at fsu.edu     850-645-8030
>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu
>> Information Technology Services, Florida State University
>>
>> On 11/15/18 1:04 PM, Jules Field wrote:
>>> Travis,
>>>
>>> That code snippet will only be run if you have
>>>      'SMTPsetFromToSender' => TRUE,
>>> in preferences.php.
>>>
>>> The default is FALSE. What value are you using?
>>>
>>> Cheers,
>>> Jules.
>>>
>>> On 01/11/2018 18:56, Travis Zimmerman wrote:
>>>> I don't know if I'm reading this correctly but I think maybe the 
>>>> problem
>>>> is having the two domains and this part of the code.
>>>>
>>>>              // If the sender domain and the from domain are the same
>>>>              // (and not blank, which signifies something went 
>>>> wrong!),
>>>>              // we can safely overwrite the From we set above, without
>>>>              // causing SPF/DKIM/DMARC problems.
>>>>              if ($senderDomain !== '' &&
>>>>                  strcasecmp($senderDomain, $fromDomain) == 0)
>>>>
>>>> Could a possible solution be to switch from a strcasecmp to substring
>>>> test or maybe a regex testing if the $senderDomain is part of the 
>>>> end of
>>>> the $fromDomain? Not sure if that would cause a SPF/DKIM/DMARC 
>>>> problem.
>>>>
>>>> endswith($fromDomain, $senderDomain);
>>>>
>>>> function endswith($from, $sender) {
>>>>        $fromlen = strlen($from);
>>>>        $senderlen = strlen($sender);
>>>>        if ($testlen > $strlen) return false;
>>>>        return substr_compare($from, $sender, $fromlen - $senderlen,
>>>> $senderlen) === 0;
>>>> }
>>>>
>>>> This is just a code snippet I googled up and haven't tested.
>>>>
>>>> -------------------------------------------------------------------
>>>> Travis Zimmerman    tzimmerman at fsu.edu     850-645-8030
>>>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu
>>>> Information Technology Services, Florida State University
>>>>
>>>> On 11/1/18 12:33 PM, Travis Zimmerman via ZendTo wrote:
>>>>> Yup, that's what I have authIMAPDomain set to already.
>>>>>
>>>>> -------------------------------------------------------------------
>>>>> Travis Zimmerman    tzimmerman at fsu.edu     850-645-8030
>>>>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu
>>>>> Information Technology Services, Florida State University
>>>>>
>>>>> On 11/1/18 12:29 PM, Jules Field wrote:
>>>>>> Travis,
>>>>>>
>>>>>> If the students enter their entire email address 
>>>>>> (username at my.fsu.edu)
>>>>>> into the ZendTo login "username" box, then set
>>>>>>        'authIMAPDomain' => '',
>>>>>> in preferences.php.
>>>>>>
>>>>>> If they just enter their username, then something more subtle is
>>>>>> happening which I will need to investigate further.
>>>>>>
>>>>>> Please let me know if that helps.
>>>>>>
>>>>>> Cheers,
>>>>>> Jules.
>>>>>>
>>>>>> On 31/10/2018 20:56, Travis Zimmerman via ZendTo wrote:
>>>>>>> I realized I should mention that we are using e-mail addresses to
>>>>>>> login
>>>>>>> to our ZendTo service to differentiate between our two domains. 
>>>>>>> Don't
>>>>>>> know if that would effect how e-mails are sent. Doesn't seem to 
>>>>>>> be a
>>>>>>> problem for our faculty/staff (AD, username at fsu.edu), just the
>>>>>>> students
>>>>>>> (IMAP, username at my.fsu.edu).
>>>>>>>
>>>>>>> -------------------------------------------------------------------
>>>>>>> Travis Zimmerman    tzimmerman at fsu.edu 850-645-8030
>>>>>>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu
>>>>>>> Information Technology Services, Florida State University
>>>>>>>
>>>>>>> On 10/31/18 12:09 PM, Travis Zimmerman via ZendTo wrote:
>>>>>>>> I tried to use my university's AD for the students (there is a
>>>>>>>> previous
>>>>>>>> e-mail I sent to the ZendTo mailing list about a week ago), but
>>>>>>>> due to
>>>>>>>> how our Microsoft Admins configured it they needed to use an
>>>>>>>> alternate
>>>>>>>> attribute.
>>>>>>>>
>>>>>>>> Yes. When I login to LDAP or AD and drop off a file, the e-mail
>>>>>>>> sent to
>>>>>>>> the recipient will show my e-mail address in the From field. If I
>>>>>>>> login
>>>>>>>> using the IMAP auth the From field lists the servers default 
>>>>>>>> e-mail
>>>>>>>> from
>>>>>>>> zendto.conf and the Reply-To field has the IMAP account's e-mail
>>>>>>>> address.
>>>>>>>>
>>>>>>>> ------------------------------------------------------------------- 
>>>>>>>>
>>>>>>>> Travis Zimmerman    tzimmerman at fsu.edu 850-645-8030
>>>>>>>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu
>>>>>>>> Information Technology Services, Florida State University
>>>>>>>>
>>>>>>>> On 10/31/18 11:33 AM, Jules Field via ZendTo wrote:
>>>>>>>>> Travis,
>>>>>>>>>
>>>>>>>>> If you are authenticating users against Office365, then why 
>>>>>>>>> not do
>>>>>>>>> that with AD?
>>>>>>>>> I don't quite see why you need to use the IMAP authenticator at
>>>>>>>>> all.
>>>>>>>>> If it's a separate AD forest for some reason, then that's okay,
>>>>>>>>> ZendTo
>>>>>>>>> will happily do 3 different AD forests with independent setups.
>>>>>>>>>
>>>>>>>>> So "SMTPsetFromToSender'=>TRUE" works as expected if they 
>>>>>>>>> login via
>>>>>>>>> LDAP or AD, but doesn't if they login via IMAP?
>>>>>>>>>
>>>>>>>>> What we do here for the "From" address is use an address whose
>>>>>>>>> email
>>>>>>>>> is just automatically trashed, ie. a "no-reply" address. Then
>>>>>>>>> automated stuff that is replying (incorrectly) to the "From:" or
>>>>>>>>> (validly/correctly) to the envelope sender will just be thrown
>>>>>>>>> away.
>>>>>>>>> Any human-generated replies will go to the right user.
>>>>>>>>>
>>>>>>>>> Thanks for the info about the option you need to pass to O365. I
>>>>>>>>> guess
>>>>>>>>> that's going to need yet another preferences.php setting.
>>>>>>>>>
>>>>>>>>> Cheers,
>>>>>>>>> Jules.
>>>>>>>>>
>>>>>>>>> On 31/10/2018 14:49, Travis Zimmerman via ZendTo wrote:
>>>>>>>>>> I configured the IMAP authentication to allow my university's
>>>>>>>>>> students
>>>>>>>>>> to login to our ZendTo server, but when they drop off files the
>>>>>>>>>> From
>>>>>>>>>> field is showing the e-mail address configured in zendto.conf
>>>>>>>>>> instead of
>>>>>>>>>> the student's address. The student's address ends up in the
>>>>>>>>>> Reply-To
>>>>>>>>>> field, which normally wouldn't be a problem except sometimes
>>>>>>>>>> automated
>>>>>>>>>> systems reply back to the drop off e-mails and they ignore the
>>>>>>>>>> Reply-To.
>>>>>>>>>>
>>>>>>>>>> I have SMTPsetFromToSender => TRUE, users that login via LDAP
>>>>>>>>>> or AD
>>>>>>>>>> appear to work as expected.
>>>>>>>>>>
>>>>>>>>>> BTW I am using the IMAP authentication with Office365 and in
>>>>>>>>>> order to
>>>>>>>>>> get it to login correctly I had to change the imap_open line.
>>>>>>>>>> $mbox = @imap_open('{'.$this->_imapServer.'}INBOX', $uname,
>>>>>>>>>> $password,
>>>>>>>>>> OP_READONLY,1,array('DISABLE_AUTHENTICATOR' => 'PLAIN'));
>>>>>>>>>>
>>>>>>>>>> So don't know if you want to add this to the documentation
>>>>>>>>>> somewhere or
>>>>>>>>>> incorporate into the NSSIMAPAuthenticator code.
>>>>>>>>>>
>>>>>>>>>> ------------------------------------------------------------------- 
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Travis Zimmerman    tzimmerman at fsu.edu 850-645-8030
>>>>>>>>>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu
>>>>>>>>>> Information Technology Services, Florida State University
>>>>>>>>>>
>>>>>>>>>> _______________________________________________
>>>>>>>>>> ZendTo mailing list
>>>>>>>>>> ZendTo at zend.to
>>>>>>>>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__jul.es_mailman_listinfo_zendto&d=DwICAg&c=HPMtquzZjKY31rtkyGRFnQ&r=TZ3x4Nnv5Pp03uwRWF9UlLOaC296m8a1MGVEkWJljsg&m=5u9mHQwWyo_tYTeW__SOzvefpnCjf4YQxPsJSnNZ3t0&s=2lT413dnsMw6bu9-9TLNGGhRMyhC3YK11szRGuK1xtw&e= 
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>> Jules
>>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> ZendTo mailing list
>>>>>>>> ZendTo at zend.to
>>>>>>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__jul.es_mailman_listinfo_zendto&d=DwIGaQ&c=HPMtquzZjKY31rtkyGRFnQ&r=TZ3x4Nnv5Pp03uwRWF9UlLOaC296m8a1MGVEkWJljsg&m=nldSAFYLL3YRHIJw6WEEK5gmzqlolpYwjz642dolMxk&s=YAnfXHzTncnerKooAJbUFFL3V98t9jArpAfFUJ5gayo&e= 
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> ZendTo mailing list
>>>>>>> ZendTo at zend.to
>>>>>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__jul.es_mailman_listinfo_zendto&d=DwIDaQ&c=HPMtquzZjKY31rtkyGRFnQ&r=TZ3x4Nnv5Pp03uwRWF9UlLOaC296m8a1MGVEkWJljsg&m=EiTV262ezFwuAy6LGUFPUno8qF0iVenx_KHgRL1WHtY&s=0aGdNoswD33mWO4qa5w4pK81g2LF4T9cIta1vV5sc4c&e= 
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>> Jules
>>>>>>
>>>>> _______________________________________________
>>>>> ZendTo mailing list
>>>>> ZendTo at zend.to
>>>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__jul.es_mailman_listinfo_zendto&d=DwIGaQ&c=HPMtquzZjKY31rtkyGRFnQ&r=TZ3x4Nnv5Pp03uwRWF9UlLOaC296m8a1MGVEkWJljsg&m=ld_nfLvQazOI2Hz4g6p83F5PAuKFj1vbMR6469-svR4&s=G0UK4iFGrD_R80gfAF6IOhT77OtJbOoEg9rFALMy70M&e= 
>>>>>
>>>>>
>>> Jules
>>>
>
> Jules
>

More information about the ZendTo mailing list