Running a distribution list with sendmail and support SPF

I've run custom distribution e-mail lists for a few organisations where team@xxx.com forwards your e-mail on to a list of e-mails.

This has been working well for the past 10 years, but the introduction of SPF has caused this to start to fail.

The problem is that SPF specifies which IPs are allowed to send e-mails from a particular domain. However, when you forward e-mails on behalf of someone else, the IP address doesn't fall within the SPF list.

Some major e-mail providers are now specifying that SPF failures should stop e-mail delivery, which has caused big issues.

The way to get around this is to rewrite the e-mail from address to the domain that your server is allowed to send from.

To do so, I use a procmail recipe that does the following:

- Pick up the user's friendly name
- Pick up the user's e-mail address, and rewrite it to be the "reply-to" address
- Amend the from e-mail address to fit within the server's domain
- Forward the e-mail to a distribution list

This has taken a while to get right, so I hope that it helps others out there!

# Get the best FROM
:0
* ! ^Reply-to: *\/[^ ].*
* ! ^From: *\/[^ ].*
* ! ^Sender: *\/[^ ].*
* ! ^From +\/[^ ]+
* ! ^X-Envelope: *\/[^ ].*
{ FROM=nobody }
:0E
{ FROM=$MATCH }

# Get the "friendly" name part of the address, by
#  1. removing any bracketed address part,
#  2. removing any unbracketed address part,
#  3. unquoting any text
#  4. unparenthesizing any text
FRIENDLY=`echo $FROM | sed -e 's/ *<.*> *//'                -e 's/ *[^ ][^ ]*[\@\!][^ ][^ ]* *//'                -e 's/"\(.*\)"/\1/'                -e 's/(\(.*\))/\1/'`
FRIENDLY=${FRIENDLY:-$FROM}

:0fhw
| formail -i "From: ${FRIENDLY} <email@domain.com>" -A "Reply-To: ${FROM}"

:0
! email1@server1.com email2@server2.com


Want to get in touch?