User Tools

Site Tools


hints:mail_forwarding

Mail forwarding

[ Classic Linux and DirectAdmin. ]

Incoming mail can be automatically forwarded in several different ways. Before enabling mail forwarding, please be sure to read the Mail forwarding problems and Mail forwarding solution sections later in this document.

Catch-all not supported. Catch-all mail forwarding means all mail arriving for every address in a given domain is delivered or forwarded. Unfortunately this leads to dictionary attacks, where a spammer sends to random addresses in a domain, hoping that some will reach a real address. For this reason catch-all mail forwarding is not supported. However, you can use plus addressing to create arbitrary addresses at any time.

Always test

Whichever mail forwarding method you use from below, always test. Send yourself mail from some outside service and check to make sure it got forwarded as expected. This will help prevent silent loss of mail, where mail gets accidentally forwarded into oblivion, or even to the wrong person.

Mail forwarding with a .forward file

You can create a .forward file in your home directory. Incoming mail for your primary Linux login (USER@rahul.net in Classic Linux, or USER@jade-new.rahul.net in DirectAdmin) will be automatically forwarded to any address(es) found in the .forward file. These addresses can be on a single line in the .forward file, separated by commas, or one per line without commas. These are examples of syntactically valid .forward files:

xxx@example.com
xxx@example.com,yyy@example.com
xxx@example.com
yyy@example.com

Mail forwarding with a .forward file and keeping a copy

To forward but also deliver into your normal mailbox, include your Linux login name as a forwarding recipient, but prepend a backslash to it. Examples are below. USER stands for your own Linux login name.

\USER,xxx@example.com
\USER,xxx@example.com,yyy@example.com
\USER
xxx@example.com
yyy@example.com

Mail forwarding with Procmail

You can put rules into a .procmailrc file that resides in your home directory. These rules can forward selected mail or all mail that arrives for your for your primary Linux login. You can avoid forwarding spam. Please see our Procmail help pages:

Mail forwarding from within your control panel

You can set up mail forwarding from within your Virtualmin or DirectAdmin control panel.

Mail forwarding problems

Mail forwarding causes two possible problems. These problems and possible solutions are discussed below.

Mail forwarding causes some mail to be silently lost

DNS records called SPF, DKIM, and DMARC are used by sites to specify how mail originating from their domains should be handled. These DNS records let mail receiving sites identify forged sender addresses.

When you set up mail forwarding, mail will be received by our servers and then forwarded to the mail forwarding destination.

The receiving site will notice that mail that originated elsewhere is coming from our servers. Depending on the SPF, DKMI, and DMARC records, this may cause the receiving site to consider the mail as unauthorized and therefore spam. The receiving site will refile the forwarded mail as spam, or reject it temporarily thus slowing its delivery, or even reject it permanently so it bounces back.

If the sender was human, they will see the bounce and know that mail did not get delivered. A properly run mailing list will keep track of bounces and let you find out how much mail to you has bounced in the past.

But if the sender is a poorly administered site, such as a typical bank, stock fund, or online retailer, they will discard the bounce and make no effort to notify you.

The mail that they sent you is therefore silently lost. You will never know that it was sent and that it was lost.

Mail forwarding causes backscatter

Almost all incoming mail includes some amount of spam. Our servers typically reject about 80–85% of all incoming mail because it is diagnosed with high confidence as spam. The 15–20% that is permitted to reach you includes some fraction that is likely spam. Mail forwarding as enabled within the Virtualmin or DirectAdmin control panel, or as enabled using a  .forward  file, will include some small amount of spam.

If the site that receives this forwarded mail detects spam and rejects it, that will become a delayed bounce that our servers will try to return to the original sender. But in most spam, the sender is forged. The bounce will therefore go to some innocent person. This is called backscatter. Excessive amounts of backscatter may be treated as a type of spam coming from our servers. This may cause our servers to be added to various black lists, causing outgoing mail from our servers to be blocked, and thus causing inconvenience to all users.

In the Classic Linux environment, if you use the mailq command and find any significant amount of queued mail that seems to be to you or from you, quite likely this is backscatter being generated by mail forwarding that you are doing.

Mail forwarding solutions

There are a number of possible solutions.

Discarding bounced spam automatically

Our servers try to detect bounced spam and discard it. This works if the rejection message from the receiving site appears to indicate that the site rejected the message because it was diagnosed as spam. This type of bounce is then simply discarded, and does not become backscatter.

If a receiving site rejects mail as spam but our system doesn't recognize the error message, then it will try to return the bounce to the original sender, and the message will then become backscatter.

Having the receiving site pull mail from your mailbox

A second solution is to have the receiving site pull mail from your mailbox directly, so you don't have to forward it. Many email sites will fetch your mail from our servers via POP, if you give them your login information. Only if you trust such a site with your login name and password, then this mechanism is preferable to normal mail forwarding. Then:

  • Your mail will be safely fetched regardless of a sending domain's SPF, DKIM, and DMARC records.
  • Mail fetched in this manner will not become bounced backscatter.

Combination solutions

One slight disadvantage to having a receiving site pull mail from your mailbox is that there may be a slight delay, of a few minutes, before incoming mail reaches the destination site. A good combination solution is to use procmail to forward mail, while not forwarding spam. This makes your mail reach the forwarded destination immediately. Any mail not forwarded because it might be spam is then pulled from your mailbox by the destination site within a few minutes. Almost all mail will be directly forwarded, and any that is not will be pulled via POP. Forwarding with procmail is discussed earlier in this document.

hints/mail_forwarding.txt · Last modified: 2021/03/08 09:41 by admin