Question: Is there an option within virtualmin (or postfix) that will allow receiving parties to see that forwarded messages are coming from the virtualmin server rather than the original sender?
Recently it appears that many of the large free email service providers have made adjustments to prevent email spoofing via SPF validation or other means which has introduced an interesting issue for one of our Virtualmin servers.
Open Relay has been disabled on the server requiring clients to authenticate with their username and password to send messages. However when configuring email forwarding for a mailbox messages are forwarded to the recipient with a reply-to-address of the original sender rather than the forwarding mailbox. This is resulting in an email spoof which yahoo and gmail are now blocking.
@send.com --- this will be the original sender (outside) @forward.com --- this will be the mailbox forwarding messages on the virtualmin server (local) @receive.com --- this will be the final recipient of the forwarded message (outside)
@send.com composes and sends a message to @forward.com which is hosted on a virtualmin server. @forward then forwards this message to @receive.com.
You would think that all would be well as there is an spf record for all 3 domains allowing each to send from the appropriate mail provider. However this is resulting in a bounce back as the @receive.com address believes that the message came directly from @send.com resulting in a spoof.
This is the mail system at host forward.com.
I'm sorry to have to inform you that your message could not be delivered to one or more recipients. It's attached below.
For further assistance, please send mail to
If you do so, please include this problem report. You can delete your own text from the attached returned message.
The mail system
email@example.com (expanded from firstname.lastname@example.org): host mx4.hotmail.com[126.96.36.199] said: 550 5.7.0 (COL0-MC6-F23) Unfortunately, messages from (188.8.131.52) on behalf of (yahoo.com) could not be delivered due to domain owner policy restrictions. (in reply to end of DATA command)