CiviCRM Community Forums (archive)

Settings: Outbound Mail
SMTP
SMTP Server: mail.example.com
SMTP Port 587
Authentication: Yes
SMTP Username & Password set

Test email works correctly, arriving from account1@example.com

From Email address has account2@example.com and account3@example.com configured.

When I want to send email via CiviMail and choose account2@example.com as the From field, emails get rejected from the SMTP server as "Client does not have permissions to send as this sender" - it is trying to send with account@example.com in the From field, but it's using account1@example.com to log into the SMTP server.

CiviCRM doesn't provide for unique SMTP settings for each From account. Therefore, as I see it, I can:

1) Reconfigure SMTP not to compare the SMTP login and From field (still using SMTP authentication), increasing chance of spam being sent out. I've even considered using someone like CiviSMTP, but it still wouldn't resolve the issue of one account for authentication and multiple possible From addresses.
2) Abandon SMTP and use the web server's email service via mail() to relay the messages, but with the volume of email possible also run the chance of blacklisting the server's IP address as a spam/relay host
3)

Any input on either my understanding of the setup or the available options are welcome.

I'm not sure why you are thinking that sending emails directly from civicrm server is more likely to get blacklisted by sending the same emails through another IP of the mail server that you use as relay.


Anyway, what you can also do is to configure locally your mail server on your civicrm server so it's a satellite (ie. it relays every sending through your main mail server). That's fairly easy to do on postfix and I'm pretty sure you can rewrite the envelope.

This being, you can also put the IP address of civicrm in a special zone on your mail configuration and consider it safe, ie skip only for this IP all the authentication/verifications

I'm not sure why you are thinking that sending emails directly from civicrm server is more likely to get blacklisted by sending the same emails through another IP of the mail server that you use as relay.

Anyway, what you can also do is to configure locally your mail server on your civicrm server so it's a satellite (ie. it relays every sending through your main mail server). That's fairly easy to do on postfix and I'm pretty sure you can rewrite the envelope.

This being, you can also put the IP address of civicrm in a special zone on your mail configuration and consider it safe, ie skip only for this IP all the authentication/verifications

Excellent suggestions, thanks!

1) Because I will be sending out emails on behalf of multiple domains, so I don't want a misbehaved mailing list on one domain to affect others. Because I am not sure how resource intensive this would be for the server itself, even though we're talking about only several hundred emails per mailing. Because I haven't quite "graduated" to managing a mail server.

2) Good idea, but only valid for a single domain. With multi-site installation, I don't think this would be possible.

3) Very nice idea - basically creating a trusted IP for the main SMTP server.

As I replied to Lobo above, we have it solved for now, but I suspect looping back to #1 will be key, especially if mail for the domain(s) in question will be hosted with Google Apps. As far as I'm able to tell, Google Apps has very strict authentication between the From field and the authenticated username logging into the SMTP server (unless it's a pre-authorized sender, but then you get the ugly "on behalf of" headers - which would most likely affect the bouncebacks).