[ZendTo] Using the IMAP auth and e-mails don't show up from users' address

Travis Zimmerman TZimmerman at fsu.edu
Fri Nov 16 17:29:10 GMT 2018


Don't know about Errors-To. I just ran a test to double check that our 
current version (4.28) used the Reply-To, which it doesn't so it's 
possible that it may but I'm pretty sure I remember someone telling me 
the Talisma system didn't use Reply-To.

We're going to take ZendTo version 5.15-1 live next week, so we'll see 
how things go. Sometimes files are dropped off to the Talisma system 
from external e-mail addresses, so we'll see if those bounce back to the 
default address or go to external address in the Reply-To.

-------------------------------------------------------------------
Travis Zimmerman    tzimmerman at fsu.edu     850-645-8030
Linux Enterprise Applications & Systems    its-linuxadmins at fsu.edu
Information Technology Services, Florida State University

On 11/16/18 11:58 AM, Jules Field wrote:
> Does that system pay attention to "Errors-To:"?
>
> On 16/11/2018 14:37, Travis Zimmerman wrote:
>> For what it's worth my team is pretty happy about the feature, as we get
>> a consistent number of auto-replies from a system that doesn't pay
>> attention to the Reply-To field.
>>
>> -------------------------------------------------------------------
>> Travis Zimmerman    tzimmerman at fsu.edu     850-645-8030
>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu
>> Information Technology Services, Florida State University
>>
>> On 11/16/18 4:24 AM, Jules Field wrote:
>>> Travis,
>>>
>>> Okay, thanks for that. I will take a look and see what I can do. I
>>> would rather stick with the internaldomains.conf information than add
>>> another list of domains, if it can be avoided. Few people have that
>>> set to TRUE anyway, and I suspect I shouldn't have implemented it in
>>> the first place, as there are other ways of avoiding the problem it
>>> aims to solve.
>>>
>>> Cheers,
>>> Jules.
>>>
>>> On 15/11/2018 18:16, Travis Zimmerman wrote:
>>>> It's set to TRUE.
>>>> [root at dropboxprd01 ~]# grep SMTPsetFromToSender
>>>> /var/www/html/zendto/config/preferences.php
>>>>      'SMTPsetFromToSender' => TRUE,
>>>>
>>>> To fix the problem for my users I just modified the line to below.
>>>> if ($senderDomain !== '' &&
>>>>                ( strcasecmp($senderDomain, $fromDomain) == 0 ||
>>>> strcasecmp('my.fsu.edu', $fromDomain) == 0)) {
>>>>
>>>> If other people run into this problem, a possible general fix may 
>>>> be to
>>>> have an array of allowed secondary domains, that match the SPF records
>>>> for the SMTP server?
>>>>
>>>> Thanks for the help.
>>>>
>>>> -------------------------------------------------------------------
>>>> Travis Zimmerman    tzimmerman at fsu.edu     850-645-8030
>>>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu
>>>> Information Technology Services, Florida State University
>>>>
>>>> On 11/15/18 1:04 PM, Jules Field wrote:
>>>>> Travis,
>>>>>
>>>>> That code snippet will only be run if you have
>>>>>       'SMTPsetFromToSender' => TRUE,
>>>>> in preferences.php.
>>>>>
>>>>> The default is FALSE. What value are you using?
>>>>>
>>>>> Cheers,
>>>>> Jules.
>>>>>
>>>>> On 01/11/2018 18:56, Travis Zimmerman wrote:
>>>>>> I don't know if I'm reading this correctly but I think maybe the
>>>>>> problem
>>>>>> is having the two domains and this part of the code.
>>>>>>
>>>>>>               // If the sender domain and the from domain are the 
>>>>>> same
>>>>>>               // (and not blank, which signifies something went
>>>>>> wrong!),
>>>>>>               // we can safely overwrite the From we set above, 
>>>>>> without
>>>>>>               // causing SPF/DKIM/DMARC problems.
>>>>>>               if ($senderDomain !== '' &&
>>>>>>                   strcasecmp($senderDomain, $fromDomain) == 0)
>>>>>>
>>>>>> Could a possible solution be to switch from a strcasecmp to 
>>>>>> substring
>>>>>> test or maybe a regex testing if the $senderDomain is part of the
>>>>>> end of
>>>>>> the $fromDomain? Not sure if that would cause a SPF/DKIM/DMARC
>>>>>> problem.
>>>>>>
>>>>>> endswith($fromDomain, $senderDomain);
>>>>>>
>>>>>> function endswith($from, $sender) {
>>>>>>         $fromlen = strlen($from);
>>>>>>         $senderlen = strlen($sender);
>>>>>>         if ($testlen > $strlen) return false;
>>>>>>         return substr_compare($from, $sender, $fromlen - $senderlen,
>>>>>> $senderlen) === 0;
>>>>>> }
>>>>>>
>>>>>> This is just a code snippet I googled up and haven't tested.
>>>>>>
>>>>>> -------------------------------------------------------------------
>>>>>> Travis Zimmerman    tzimmerman at fsu.edu     850-645-8030
>>>>>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu
>>>>>> Information Technology Services, Florida State University
>>>>>>
>>>>>> On 11/1/18 12:33 PM, Travis Zimmerman via ZendTo wrote:
>>>>>>> Yup, that's what I have authIMAPDomain set to already.
>>>>>>>
>>>>>>> -------------------------------------------------------------------
>>>>>>> Travis Zimmerman    tzimmerman at fsu.edu 850-645-8030
>>>>>>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu
>>>>>>> Information Technology Services, Florida State University
>>>>>>>
>>>>>>> On 11/1/18 12:29 PM, Jules Field wrote:
>>>>>>>> Travis,
>>>>>>>>
>>>>>>>> If the students enter their entire email address
>>>>>>>> (username at my.fsu.edu)
>>>>>>>> into the ZendTo login "username" box, then set
>>>>>>>>         'authIMAPDomain' => '',
>>>>>>>> in preferences.php.
>>>>>>>>
>>>>>>>> If they just enter their username, then something more subtle is
>>>>>>>> happening which I will need to investigate further.
>>>>>>>>
>>>>>>>> Please let me know if that helps.
>>>>>>>>
>>>>>>>> Cheers,
>>>>>>>> Jules.
>>>>>>>>
>>>>>>>> On 31/10/2018 20:56, Travis Zimmerman via ZendTo wrote:
>>>>>>>>> I realized I should mention that we are using e-mail addresses to
>>>>>>>>> login
>>>>>>>>> to our ZendTo service to differentiate between our two domains.
>>>>>>>>> Don't
>>>>>>>>> know if that would effect how e-mails are sent. Doesn't seem to
>>>>>>>>> be a
>>>>>>>>> problem for our faculty/staff (AD, username at fsu.edu), just the
>>>>>>>>> students
>>>>>>>>> (IMAP, username at my.fsu.edu).
>>>>>>>>>
>>>>>>>>> ------------------------------------------------------------------- 
>>>>>>>>>
>>>>>>>>> Travis Zimmerman    tzimmerman at fsu.edu 850-645-8030
>>>>>>>>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu
>>>>>>>>> Information Technology Services, Florida State University
>>>>>>>>>
>>>>>>>>> On 10/31/18 12:09 PM, Travis Zimmerman via ZendTo wrote:
>>>>>>>>>> I tried to use my university's AD for the students (there is a
>>>>>>>>>> previous
>>>>>>>>>> e-mail I sent to the ZendTo mailing list about a week ago), but
>>>>>>>>>> due to
>>>>>>>>>> how our Microsoft Admins configured it they needed to use an
>>>>>>>>>> alternate
>>>>>>>>>> attribute.
>>>>>>>>>>
>>>>>>>>>> Yes. When I login to LDAP or AD and drop off a file, the e-mail
>>>>>>>>>> sent to
>>>>>>>>>> the recipient will show my e-mail address in the From field. 
>>>>>>>>>> If I
>>>>>>>>>> login
>>>>>>>>>> using the IMAP auth the From field lists the servers default
>>>>>>>>>> e-mail
>>>>>>>>>> from
>>>>>>>>>> zendto.conf and the Reply-To field has the IMAP account's e-mail
>>>>>>>>>> address.
>>>>>>>>>>
>>>>>>>>>> ------------------------------------------------------------------- 
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Travis Zimmerman    tzimmerman at fsu.edu 850-645-8030
>>>>>>>>>> Linux Enterprise Applications & Systems its-linuxadmins at fsu.edu
>>>>>>>>>> Information Technology Services, Florida State University
>>>>>>>>>>
>>>>>>>>>> On 10/31/18 11:33 AM, Jules Field via ZendTo wrote:
>>>>>>>>>>> Travis,
>>>>>>>>>>>
>>>>>>>>>>> If you are authenticating users against Office365, then why
>>>>>>>>>>> not do
>>>>>>>>>>> that with AD?
>>>>>>>>>>> I don't quite see why you need to use the IMAP authenticator at
>>>>>>>>>>> all.
>>>>>>>>>>> If it's a separate AD forest for some reason, then that's okay,
>>>>>>>>>>> ZendTo
>>>>>>>>>>> will happily do 3 different AD forests with independent setups.
>>>>>>>>>>>
>>>>>>>>>>> So "SMTPsetFromToSender'=>TRUE" works as expected if they
>>>>>>>>>>> login via
>>>>>>>>>>> LDAP or AD, but doesn't if they login via IMAP?
>>>>>>>>>>>
>>>>>>>>>>> What we do here for the "From" address is use an address whose
>>>>>>>>>>> email
>>>>>>>>>>> is just automatically trashed, ie. a "no-reply" address. Then
>>>>>>>>>>> automated stuff that is replying (incorrectly) to the 
>>>>>>>>>>> "From:" or
>>>>>>>>>>> (validly/correctly) to the envelope sender will just be thrown
>>>>>>>>>>> away.
>>>>>>>>>>> Any human-generated replies will go to the right user.
>>>>>>>>>>>
>>>>>>>>>>> Thanks for the info about the option you need to pass to 
>>>>>>>>>>> O365. I
>>>>>>>>>>> guess
>>>>>>>>>>> that's going to need yet another preferences.php setting.
>>>>>>>>>>>
>>>>>>>>>>> Cheers,
>>>>>>>>>>> Jules.
>>>>>>>>>>>
>>>>>>>>>>> On 31/10/2018 14:49, Travis Zimmerman via ZendTo wrote:
>>>>>>>>>>>> I configured the IMAP authentication to allow my university's
>>>>>>>>>>>> students
>>>>>>>>>>>> to login to our ZendTo server, but when they drop off files 
>>>>>>>>>>>> the
>>>>>>>>>>>> From
>>>>>>>>>>>> field is showing the e-mail address configured in zendto.conf
>>>>>>>>>>>> instead of
>>>>>>>>>>>> the student's address. The student's address ends up in the
>>>>>>>>>>>> Reply-To
>>>>>>>>>>>> field, which normally wouldn't be a problem except sometimes
>>>>>>>>>>>> automated
>>>>>>>>>>>> systems reply back to the drop off e-mails and they ignore the
>>>>>>>>>>>> Reply-To.
>>>>>>>>>>>>
>>>>>>>>>>>> I have SMTPsetFromToSender => TRUE, users that login via LDAP
>>>>>>>>>>>> or AD
>>>>>>>>>>>> appear to work as expected.
>>>>>>>>>>>>
>>>>>>>>>>>> BTW I am using the IMAP authentication with Office365 and in
>>>>>>>>>>>> order to
>>>>>>>>>>>> get it to login correctly I had to change the imap_open line.
>>>>>>>>>>>> $mbox = @imap_open('{'.$this->_imapServer.'}INBOX', $uname,
>>>>>>>>>>>> $password,
>>>>>>>>>>>> OP_READONLY,1,array('DISABLE_AUTHENTICATOR' => 'PLAIN'));
>>>>>>>>>>>>
>>>>>>>>>>>> So don't know if you want to add this to the documentation
>>>>>>>>>>>> somewhere or
>>>>>>>>>>>> incorporate into the NSSIMAPAuthenticator code.
>>>>>>>>>>>>
>>>>>>>>>>>> ------------------------------------------------------------------- 
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>> Travis Zimmerman    tzimmerman at fsu.edu 850-645-8030
>>>>>>>>>>>> Linux Enterprise Applications & Systems 
>>>>>>>>>>>> its-linuxadmins at fsu.edu
>>>>>>>>>>>> Information Technology Services, Florida State University
>>>>>>>>>>>>
>>>>>>>>>>>> _______________________________________________
>>>>>>>>>>>> ZendTo mailing list
>>>>>>>>>>>> ZendTo at zend.to
>>>>>>>>>>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__jul.es_mailman_listinfo_zendto&d=DwICAg&c=HPMtquzZjKY31rtkyGRFnQ&r=TZ3x4Nnv5Pp03uwRWF9UlLOaC296m8a1MGVEkWJljsg&m=5u9mHQwWyo_tYTeW__SOzvefpnCjf4YQxPsJSnNZ3t0&s=2lT413dnsMw6bu9-9TLNGGhRMyhC3YK11szRGuK1xtw&e= 
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>>>
>>>>>>>>>>> Jules
>>>>>>>>>>>
>>>>>>>>>> _______________________________________________
>>>>>>>>>> ZendTo mailing list
>>>>>>>>>> ZendTo at zend.to
>>>>>>>>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__jul.es_mailman_listinfo_zendto&d=DwIGaQ&c=HPMtquzZjKY31rtkyGRFnQ&r=TZ3x4Nnv5Pp03uwRWF9UlLOaC296m8a1MGVEkWJljsg&m=nldSAFYLL3YRHIJw6WEEK5gmzqlolpYwjz642dolMxk&s=YAnfXHzTncnerKooAJbUFFL3V98t9jArpAfFUJ5gayo&e= 
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>> _______________________________________________
>>>>>>>>> ZendTo mailing list
>>>>>>>>> ZendTo at zend.to
>>>>>>>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__jul.es_mailman_listinfo_zendto&d=DwIDaQ&c=HPMtquzZjKY31rtkyGRFnQ&r=TZ3x4Nnv5Pp03uwRWF9UlLOaC296m8a1MGVEkWJljsg&m=EiTV262ezFwuAy6LGUFPUno8qF0iVenx_KHgRL1WHtY&s=0aGdNoswD33mWO4qa5w4pK81g2LF4T9cIta1vV5sc4c&e= 
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>> Jules
>>>>>>>>
>>>>>>> _______________________________________________
>>>>>>> ZendTo mailing list
>>>>>>> ZendTo at zend.to
>>>>>>> https://urldefense.proofpoint.com/v2/url?u=http-3A__jul.es_mailman_listinfo_zendto&d=DwIGaQ&c=HPMtquzZjKY31rtkyGRFnQ&r=TZ3x4Nnv5Pp03uwRWF9UlLOaC296m8a1MGVEkWJljsg&m=ld_nfLvQazOI2Hz4g6p83F5PAuKFj1vbMR6469-svR4&s=G0UK4iFGrD_R80gfAF6IOhT77OtJbOoEg9rFALMy70M&e= 
>>>>>>>
>>>>>>>
>>>>>>>
>>>>> Jules
>>>>>
>>> Jules
>>>
>
> Jules
>


More information about the ZendTo mailing list