[Triumf-linux-managers] Outgoing email relays and Office365

[Andrew Daviel]

tl;dr - I suggest setting an outbound mail relay, and whitelisting any 
automated mail found in Junk Mail.


Historically, all Unix machines by default do their own outbound email.
Email is an integral part of reporting and services such as cron.
That's still true, and it still works.

However, we've been having occasional problems with Office365, where the 
cloud servers have rejected mail from machines at TRIUMF, or flagged it 
as spam.

To fix this, I had created a rule to bypass spam filtering if the 
sender address is in 142.90.96/19.

But that causes the converse problem, where email relayed through any 
TRIUMF machine is trusted, not just mail originated on a TRIUMF machine. 
There is no equivalent to SpamAssassin whitelist_from_rcvd.

I have changed the spam-preference groups so that no groups actually 
delete even high-confidence spam or "bulk mail", just filter it to "Junk 
Mail".

I intend to disable the "trust 142.90" rule, so that mail coming via
TRIUMF machines will again pass through the Forefront spam engine.
It should be possible for individual users to whitelist specific senders 
if they are still being flagged.


We have 3 "connectors" defined to send mail to Office365: trmail, smtp, 
and lcgmx.triumf.ca.

I suggest configuring  smtp.triumf.ca as a mail relay for outgoing mail 
on Linux machines.

Postfix:

in /etc/postfix/main.cf
relayhost = [smtp.triumf.ca]
# service postfix restart


Sendmail:

in /etc/mail/sendmail.mc
define(`SMART_HOST',`smtp.triumf.ca')
# cd /etc/mail; make
# service sendmail restart

-- 
Andrew Daviel
Tel. +1 604 222 7376  (Pacific Time)
Network Security Manager
TRIUMF - Canada's particle accelerator centre