Sync services needs its own return-address domain for outbound mail



8 years ago
7 years ago


(Reporter: justdave, Unassigned)


Firefox Tracking Flags

(Not tracked)


(Whiteboard: [qa?])

We have a basic structure for outbound mail where we set the masquerade domain on the machine in a cluster to be mxout-{clustername}  The mail being sent from sync for bucket and password resets currently is going out using the domain name (the name used for the generic cluster).

We should set up a separate domain name for sync to use.  This only affects the Return-Path / SMTP Envelope Sender, not the From address on the emails.

The subdomain will need to be created in DNS, it will need MX records (see the other mxout-* domains for examples), and it will need to be set up in postfix as well, on dm-mail01/02 (again, see the other mxout-* domains for examples)
oh, and then it should be a matter of changing the masquerade domain variable in puppet before invoking the sendmail-for-webapps class.


8 years ago
Assignee: server-ops → justdave


8 years ago
Assignee: justdave → nobody
Group: infra
Component: Server Operations → Operations
Product: → Mozilla Services
QA Contact: mrz → operations
Version: other → unspecified
Just to clarify, this is important where we're sending external email to users, not just cron mail and other reports, right?
Note that since this bug was filed, we switched to routing outbound internet email through an SMTP proxy in PHX1. I believe it runs on wp-adm01, and that host has a custom outbound NAT rule for port 25 to ensure a legitimate source IP is shown (with valid forward/reverse DNS).

I don't know how that overlaps with the initial project description.
Whiteboard: [qa?]
Bug was filed way back in 2010-10, since then we've configured all PHX1 outbound to use a separate domain name "", and today I filed bug 741184 to configure all SCL2 outbound to use a separate domain name "" (up to netops whether ____ is scl2 or sjc1).
Last Resolved: 7 years ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.