What is the best practice for setting a return-path for the emails sent through KumoMTA and processing the inbound (bounce) messages? Here’s what I’m planning to do, but I’m not sure if it’s the right approach:
Set up a MX record on my domain - let’s say on rp.esp.com - and configure KumoMTA with rp.esp.com domain with log_oob = true.
Ask customers to set a CNAME on their own domain: psrp.customer_domain.com to rp.esp.com
in smtp_server_message_received and http_message_generated call msg:append_header('Return-Path', msg:id() .. '@psrp.' .. msg:from_header().domain)
Also, the HTTP inject API requires the envelope_sender in the payload, will that cause any conflict with setting the Return-Path header?
Ok, so first things to keep in mind is the CNAME won’t change the stated destination of the message, so you will need to address psrp.customer_domain.com to log_oob = true.
Second, you don’t set the Return Path header, that’s for the MTA to set. When you inject over SMTP just set MAIL FROM: to use the right domain.
The return path header isn’t meaningful to message routing or processing, it’s more there as a record of what the MAIL FROM (envelope sender) was in the message when it was received by the MTA.
Per the SMTP specs, the Return-Path header is added to the message by the second or subsequent hop MTA based on the MAIL FROM command that is used to send mail to that server.
In KumoMTA this is the envelope sender and is taken from the MAIL FROM used when you inject via SMTP, or the envelope_sender that you set when injecting with the HTTP API (https://docs.kumomta.com/reference/http/api_inject_v1/)
So the easiest thing is just to have your customers set their MAIL FROM correctly when they use these injection methods.
You can use set_sender - KumoMTA Docs to change the sender if for some reason you need to override that with policy, but you probably don’t want to be doing that.
Got it - and by “set their MAIL FROM correctly” you mean that the MAIL FROM should be an email address from a domain that they own and is registered with us and has the correct DNS configuration, right?
Thanks, I can enforce having a currect MAIL FROM as the envelop sender (or just set it myself) with the HTTP injection method as I already have another service that receives the request from the user and does authentication / account validation before passing it on to Kumo. But how would I go about enforcing the user@psrp.customer_domain.com format for MAIL FROM for messages injected via SMTP?
for SMTP injection, if you control the injector, you can just set the mail from you use in your injector. If your customers are injecting directly, you can require that the customer uses SMTP auth, then you can use the relay_from_authz setting in your your listener domains helper to constrain the sending domain based on the customer. Configuring Inbound and Relay Domains - KumoMTA Docs
If you are otherwise authenticating and validating that the customer is correct, then yes, you can use msg:set_sender to rewrite the mail from.
if you trust the customer enough to set the From correct, then you can presumably also trust them enough to set the mail-from directly when they inject. Those things are usually the same for most simple injectors
I’m not trusting them to set From correct, I’ve configured Kumo to reject the mail if msg:from_header().domain is not registered - this is what I have now:
kumo.on('smtp_server_message_received', function(msg)
-- Assign tenant based on "from" domain.
local tenant = cached_tenant_id(msg:from_header().domain)
local domain = cached_domain_id(msg:from_header().domain)
if tenant and domain then
msg:set_meta('source', 'smtp')
msg:set_meta('tenant', tenant)
msg:set_meta('domain_id', domain)
msg:set_meta('customer_id', tenant)
msg:set_sender(string.format('msg-%s@%s', msg:id(), 'psrp.' .. msg:from_header().domain))
else
kumo.reject(
500,
string.format("from domain '%s' is not allowed.", msg.from_header().domain)
)
end
queue_helper:apply(msg)
dkim_signer(msg)
end)
or, because I don’t have access to the message ID in the service that forwards HTTP injected messages to Kumo, possibly this to keep both Mail-From on SMTP and HTTP injected emails in the same format: