Dear Friends (and Guests!)

I've placed this in a public thread so that everyone can see it. As of about 24 hours ago, any messages sent to us via the Contact Form (the link at the bottom right of any page says Contact Us (https://projectavalon.net/forum4/sendmessage.php)) will NOT reach us, but also won't bounce. So it may seem as if the message has been sent, but it will have failed and we'll never see it.

The reason is a new bug too complex to explain here, and we'll see if we can fix it soonest. Meanwhile, any emails sent to the mods at staff@projectavalon.net will definitely reach us, so please use that instead. THX.

:grouphug:

I suspect that this same issue will also affect other email messages sent from the ProjectAvalon server in the last couple of days, and counting, such as:


messages telling members that threads they are "subscribed" to have received an additional reply
messages telling members that another member has replied to one of their posts
Happy Birthday messages, and
(unfortunately) the "Action Required to Activate Membership" sent to newly arriving members.


I see all such messages in the server's email error log, starting a day or two ago.

The failure, so far as I have been able to discern, is that the email server (gmail, I'd guess) to which the Avalon server submits outgoing email is rejecting our outgoing email, "FAILED: 535 Authorization"

any messages sent to us via the Contact Form will NOT reach us
So far, unless I missed something (quite possible), the only lost Contact messages have been an essay in Russian on freight transportation (huh?), Viagra advertisements, and test messages from Bill and myself.

Are we hacked by a next generation A.I. (https://projectavalon.net/forum4/showthread.php?102409-A.I.-is-Progressing-Faster-Than-You-Think-) Hacking Tool? ... Hope not :worried:


Generative A.I. Tool Without Ethical Restrictions Offered on Hacking Forums (https://www.hipaajournal.com/generative-ai-tool-without-ethical-restrictions-offered-on-hacking-forums/).
ChatGPT-built infostealer and other A.I. Hacking Tools (https://techmonitor.ai/technology/ai-and-automation/chatgpt-hacking-tools-cyberattack-openai) Found in the Wild.
Rise of the Machines: Emerging A.I. Hacking Tools (https://www.cobalt.io/blog/rise-of-the-machines-emerging-ai-hacking-tools-cobalt)

-cQ3TeBcCOU
cheers,
John 🦜🦋🌳

Isn't that related to the Yahoo and Google's new email sender requirements? Effective since February 1st. I saw that weeks ago, and it is not only for bulk senders but apparently to everyone.

If a website send an email to their gmail/yahoo users, these 2 companies require that the domain name (DNS) have entries like SPF/DKIM and DMARC to be registered with the DNS (TXT and CNAME entries will work).

I am no expert on that, I just had to create couple entries with a DNS (TXT and CNAME) using mailgun for a friend and it worked.

They want to verify the domain, since it require changes at DNS level, things will temporarily stop working for a lot of people.

ref.:
https://blog.postmaster.yahooinc.com/post/730172167494483968/more-secure-less-spam
https://www.mailgun.com/blog/deliverability/gmail-and-yahoo-inbox-updates-2024/

any messages sent to us via the Contact Form will NOT reach us
So far, unless I missed something (quite possible), the only lost Contact messages have been an essay in Russian on freight transportation (huh?), Viagra advertisements, and test messages from Bill and myself.Yes, this is the problem in more detail. :facepalm:

For reasons this bear of very little brain is not equipped to understand, Tommy told us that when he managed to fix the longstanding Avalon 'https' problem, he had to configure the contact form to return its messages as sent from noreply@projectavalon.net.

Below is a screenshot of one of the many spam messages we routinely get, all via the contact form. But you can see that the spam seems to be sent by noreply@projectavalon.net.

https://avalonlibrary.net/Bill/noreply_'spam'.gif


We get a LOT of these, and the mods simply take a deep breath every day and delete them all. But 36 hours ago Google (who host our email service via Gmail) told us that the 'user' noreply@projectavalon.net has been suspended for spamming.

That means that the contact form won't deliver messages to us any more — unless we can find a neat fix. Some of the contact form messages are legitimate, of course, and this additionally means that replies to our routine Happy Birthday messages will also not reach us, as they are configured in the same way.

Whether this affects our membership application system is something I need to look at closely once I've had another cup of coffee, or maybe two. :) If it does (and it might!) then this all becomes very urgent.

Because we have no idea how Tommy created this apparently-necessary workaround (and we can't reach Tommy at the moment), we're a little hamstrung with the whole thing just now. Of course, one obvious solution is to move the entire email hosting to Fastmail, which is high on our To Do list (if we can!) as Google now charges us $100/month for all this inconvenience without offering any human to talk to about any of this.

Tommy told us that ... he had to configure the contact form to return its messages as sent from noreply@projectavalon.net.
Ok - it's making a wee bit more sense to me (and I haven't even had my morning coffee yet :coffee: :fingers crossed:).

If you're logged into the forum (presumably in your case as "Bill Ryan"), and you click the "Contact Us" button, that will bring up the form, to compose your message, and showing "Your Details" (with fields for "Your Name" and your "Email Address") already filled in with your name and Email address, taken from what the forum database already has for you.

If you're a guest viewer (not logged in) and you click the "Contact Us" button, that same form comes up, with the "Your Details" fields left blank, and with an extra "Human Verification" section where you can click a button to demonstrate that "I'm not a robot". When that happens, you can then provide your Russian essays and Viagra advertisements, for the pleasure and delight of the Avalon staff and (apparently) Gmail's spam detector. The "From" address on the resulting email to forum staff will show "From: <nobody@projectavalon.net>", even though "Your Details" were left blank on the contact form.


Whether this affects our membership application system

If my memory of what I saw in the server log files yesterday serves me correctly, yes, new member applications are also not working because of this problem. If so, then I agree that this becomes "very urgent". Perhaps after some coffee, I will track down those log files and verify this.

I just started a deep scan of the entire forum (running against my local backup, so as not to burden our server) looking for traces of code and data related to the above. Unfortunately, I write PHP and Javascript about as well as the average bear, so even if my deep scan finds the trapped victims in this earthquake, my medical talents might not be sufficient to revive them. This deep scan will take a few hours.

If only my "mixed metaphor" talents were useful here :laugh: ...


If a website send an email to their gmail/yahoo users, [Yahoo and Google now] require that the domain name (DNS) have entries like SPF/DKIM and DMARC to be registered with the DNS (TXT and CNAME entries will work).

Excellent observation. That too we'll need to examine and fix as needed, ASAP.

I just had to create couple entries with a DNS (TXT and CNAME) using mailgun for a friend and it worked.
For the record, putting "DNS TXT CNAME mailgun" in a search engine got me this relevant explanation:


Mailgun Help Center: Domain Verification Walkthrough (https://help.mailgun.com/hc/en-us/articles/360026833053-Domain-Verification-Walkthrough)

Of course, one obvious solution is to move the entire email hosting to Fastmail
Fastmail is my preferred email provider for the personal accounts of old school geeks like me who appreciate Fastmail's rich client technology. I've been using email for nearly a half century, and managing incoming email from upwards of a thousand senders since the 1990's.

But now that I glance at the afore mentioned "Mailgun", it occurs to me that Fastmail might not be the best choice for a web server such as Avalon, which needs to be more concerned with not getting a bad reputation for sending spam, while having less technically sophisticated requirements for automatically filtering incoming email. Avalon should do, or pay to have done, a better job of validating outgoing email addresses, and fitting in with the increasingly complex spam suppression technologies used by the Web's major email services.

In other words, the spam burden has moved from the recipient to the big servers and bulk or public website senders. Old school geeks and email providers, such as myself and Fastmail, keep at least one foot firmly planted more in the past.

I don't immediately see anything on the Fastmail site regarding "email recipient address validation". I see substantial such material on the Mailgun site, and I have little doubt but that Mailgun has many competitors. See further such lists as Top 15 Email Verifier Tools (medium.com) (https://medium.com/@shilpajainblogger/top-15-email-verifier-tools-aeroleads-leads-the-way-98b5657dc26c) or 7 Best SMTP Service Providers with High Email Deliverability (https://www.wpbeginner.com/showcase/best-smtp-service-providers-with-high-email-deliverability/).

Last few days I notice when I post something (a comment) on Project Avalon Forum I get a warning that I posted it "twice" (when I know 100% for sure I did not!) ... like the signal that Avalon Sever received is double? meanwhile I only clicked once! (not twice). I this a new forum bug or something else?






From Bill:
No-one else has reported this, though occasional we do see duplicate posts (and delete them) which have evidently somehow happened accidentally. Do feel free to post something in the Forum Technical Q&A (https://projectavalon.net/forum4/forumdisplay.php?90-Forum-Technical-Q-A) section.

Is this a bug or something else?
Off hand, I have no clue, and no correlating evidence that I've noticed.

Last few days I notice when I post something (a comment) on Project Avalon Forum I get a warning that I posted it "twice"
Once I get my super-duper firewall back up and working on the Avalon forum, I will easily be able to examine the related log files and see whether:


two post requests were sent to the forum (TCP/IP packets over the Internet), or
somehow the forum got "one" request and reacted as if it got "two."


Then if I knew the time, to within a minute or two, when such a "double send" happened, I could narrow down the problem to the "client" side (on your end) sending twice, or the "server" side (inside the Avalon server) confusing one request as two. I could do this now, but since I haven't been focusing on and optimizing those "incoming packet" log files yet, it would take me some more effort than I'm figuring this is worth right now.

I have stopped getting "private message" notifications, and also "reply to thread" notifications. I notice that these are also sent with "noreply@projectavalon.net" as the return address.
Maybe someone reported "noreply" as spam, or maybe someone is using that as a spam mailer return address?

Could the automatic sending codes just be set to something else instead of "noreply"?


(This notice below is what started the email problem)
-------------
This User suspended for spamming alert is to inform you that Google has suspended an account in your domain that might have been compromised and is being used to send spam from your domain.

The alert details include:

User: noreply@projectavalon.net

I have stopped getting "private message" notifications, and also "reply to thread" notifications. I notice that these are also sent with "noreply@projectavalon.net" as the return address.
Yes - as I noted in Post #2 above ... though your statement of that problem is more clearly worded than mine ... good.


Maybe someone reported "noreply" as spam, or maybe someone is using that as a spam mailer return address?

Whether Google's gmail is blocking all email that Avalon sends it, or just blocking email purported to be sent by user "noreply", is not clear to me yet. Also the "SPF/DKIM and DMARC" issue that Palehorse noted above might apply.


Could the automatic sending codes just be set to something else instead of "noreply"?

If this is primarily an issue with the spam coming from user "noreply" being blocked by our downstream email server, Gmail, then I would propose that we no longer allow non-logged in website guests to send email out from the Avalon server via the "Contact Us" button. That's probably how most of the "noreply" spam originates.

There are other complexities here which I should first discuss with Bill in a PM, which I will go off to do now, as soon as I gather up a few more loose bits of evidence.

There are other complexities here which I should first discuss with Bill in a PM, which I will go off to do now, as soon as I gather up a few more loose bits of evidence.Well received, with many thanks :highfive: — i have to go into town in a moment but I'll definitely be taking a real close priority look at this (as best I can!) when I return this afternoon. :thumbsup:

I try and turn laptop updates off when possible as I'm pushed for hard drive space, but I noticed a small blue/orange icon in the bottom right corner yesterday which, when clicked on, turned out to be a chatbot!! I asked it if it was collecting data and of course it said no but gave me instructions on how to delete it. I've decided not to because the next update is likely to reinstall it. But my point is that perhaps Microsoft Updates are including software which is interfering with the software here. Just a thought . . .

While writing I'm getting a lot of "couldn't access page" notifications, although pressing the back browser sometimes works while pressing the "reload this page" circle doesn't. Then again, this could be to do with my lack of space but thought I'd mention it in case it's relevant.

Cheers . . .

This may very well be unrelated but I consider no reason not to mention it!

Approx 5 days ago I saw that a forum I just 'check' on was no longer accessible.
This is the Max Igan forum (the 'Crowhouse (https://thecrowhouse.com/home.html)' page is still fine but the forum domain thecrowhouse.community (https://thecrowhouse.community/) is gone).

At first I just thought "They are having a problem and will sort it" .... but they have not done so.

It is only a 'small' forum (but most are these days) and I guessed it would be back soon.

But days later and checking the DNS .... there are no records!
The IP Address is .... well there is no accessible IP for the domain!

This morning I saw in the comments of a Bitchute video by 'Max' this:

https://i.postimg.cc/bvPz67gD/crow-forum.png

Now some of you guys will know much more than I but the only way to remove the DNS records would be via the:


Server, server admin does it
Hosting firm does it
DNS authority does it


Google changed their 'rules' beginning this month and I just wonder about the possible connections between things?

@lake - Helvetic has posted a video on the Continuing Search for the Truth thread which may shed some light on your post above (towards the end). He's been experiencing a lot of troll trouble too.

Max Igan | Terrorism is Made in Israel | Feb. 20, 2024

Source: thecrowhouse.com (http://thecrowhouse.com)

ZjX7RLrja989

Would have pm'd link but not sure what's working atm . . . In fact it might be worth the mods having a skim through this as well, in case similar starts happening here. Max Igan thinks its to do with his support of the Palestinians.
:focus:

The failure, so far as I have been able to discern, is that the email server (gmail, I'd guess) to which the Avalon server submits outgoing email is rejecting our outgoing email, "FAILED: 535 Authorization"

I don't understand why you would forward email to gmail. Why not use the server's own email handling process?

I'm not an expert but this is what I do on all of my websites. I create the form in html and that calls up a PHP routine, which I wrote, using method "Post". You already have PHP enabled (this forum uses it extensively) so implementing an email form should be trivial.

It's my bedtime so I'll catch up tomorrow.

I create the form in html and that calls up a PHP routine, which I wrote, using method "Post".
We do similar - using Dovecot (an SMTP server) rather than PHP's builtin email handler, to send outgoing email on its way. You might want to check out this article for a comparison of the advantages and disadvantages of using a separate SMTP server on your website, rather than PHP's built in email facility: PHP Mail Vs. SMTP (https://www.sectorlink.com/article/php-mail-vs-smtp-which-is-better-for-sending-emails-with-wordpress).

But ... then ... where does the email go next? Modern day email runs on a confederation of major email service providers, such as Gmail, Zoho, Proton, iCloud, Yahoo, AOL, Fastmail, Tuta, Microsoft, Rackspace, Yandex, and Outlook. Those major providers don't directly accept email from random small web servers around the planet ... that would lead to insurmountable floods of spam. They only accept email from (1) each other, and (2) their various individual authorized and paying customers (so long as that customer "behaves").

The ProjectAvalon.net Dovecot SMTP server has to be a customer of one of these big boys, or else it could not send email to essentially anyone on the planet. The 7 Best SMTP Service Providers with High Email Deliverability (https://www.wpbeginner.com/showcase/best-smtp-service-providers-with-high-email-deliverability/) link that I posted above in Post #9 (https://projectavalon.net/forum4/showthread.php?122710-The-Avalon-Contact-Form-is-not-working&p=1601381&viewfull=1#post1601381) provides a list of "big boy" email service providers that are more focused on servicing significant outbound email traffic from websites, such as perhaps your site or Avalon, than on servicing individual or business accounts that "just want to use" email.

In fact it might be worth the mods having a skim through this as well, in case similar starts happening here.
To minimize the risk of a website takedown, whether by script kiddies or satanists:

One has to register the URL for one's website (e.g. "projectavalon.net") with a separate, reliable, DNS provider.
One has to keep offsite backups and be prepared to move one's entire site to a different hosting service w/o warning.
One has to have administrative staff who hangs around when the excrement impacts the oscillating blades.
One has to keep a trusted https certificate.
One has to have a long term supportive membership


So far Avalon is batting 1000%.

.
Well, well ... thanks to my log file examination skills, and the talents of one other Avalon staff member (not sure if he wants to be named ... he or Bill are Welcome to let him take a bow) ... this problem has changed.

It turns out that another problem is that we (the Avalon server software) were trying to send too much, too fast, to the Gmail servers, at two times each day.

(All following times are GMT)

At 1 minute past midnight, we start sending out Happy Birthday wishes. On days with lots of Birthdays, this can take 2 or 3 minutes, and apparently sets off some alarm in the Gmail server, which rejects the unlucky members who ended up at the end of the line. Over the last two months, we tried to send out 1749 wishes, of which Gmail refused 136. We send out about 1 per second, and all wishes we try to send out in the 00:01 minute make it, but some where in the 00:02 minute, any remaining Birthday wishes we try to send are rejected by the Gmail server.

The same thing happens at 30 minutes past midnight, when we send out updates to members who want to be notified of posts to their subscribed threads or replies to their posts. Just as with Birthdays ... on light days, all the updates make it, but on busy days, the unfortunate members who ended up at the end of the line don't get their update. About 336 out of 2772 update messages failed this way in the last two months

The only New Member email messages (just 3 of them) that we lost just happen to come from prospective members trying to sign up right at the same time as one of these traffic jams.

Meanwhile, another Avalon staff member has tweaked the Avalon account page on Gmail, and re-enabled the infamous "noreply" user that our PHP code credits as sending these automated messages, so, for now anyway, that's once again not a problem.

=== end of facts === beginning of speculation ===

Apparently our "noreply" email bot sender got the credit blame, by Gmail for these frequent (once every 4 or 5 days on average) traffic jams, and this is why Gmail banned "noreply" for a while from sending email from the Avalon server to the Gmail server.

So now I will be looking at ways to spread out our Birthday and update email message sending more evenly over the day, so as not to annoy Gmail.

As I'm no expert, I asked my ISP to comment:

"Let's start with the bit that's not true.... The "Inter"net is made up of millions of servers transacting data between them day in and day out, any individual server can connect to another server to send email, it's how the internet works (I personally believe nobody would want to be responsible for all that email and the bandwidth it would require!!). So there is no "It has to go through one of the big boys".

What is true is that PHP mail is notorious for being spammy, I can write a script that will send a thousand emails a minute, upload it to 200 web servers and spam someone completely (I hasten to point out I'd get banned pretty quick and it's not the type of person I am!!), so if you can you should always SMTP when sending mail through the web server (so it looks like it's come through a mail client). To send SMTP through our servers you have to authorise with your email account username and password (so we know who you are and can rate limit spammers - we do rate limit PHP through other means!), when your authenticated mail hits our SMTP server (Dovecot) we open an outbound connection to the MX record of that mail server to deliver it (a digital knock on the door so to speak).

What has changed in the last few weeks is the the big boys have asked that you have the relevant records on your domain SPF/DKIM/DMARC that they'll take more notice of if you're sending lots of email, these records both show who's authorised to send as your domain, which servers (which could be any IP address of any server anywhere) and who to send spam reports to.

So yes, the SMTP servers of the big boys only accept first point of contact SMTP traffic from their paying customers, exactly the same as we do, but the connection after that can deliver to any email server anywhere."

As I'm no expert, I asked my ISP to comment:

"Let's start with the bit that's not true.... The "Inter"net is made up of millions of servers transacting data between them day in and day out, any individual server can connect to another server to send email, it's how the internet works (I personally believe nobody would want to be responsible for all that email and the bandwidth it would require!!). So there is no "It has to go through one of the big boys".
Absolutely - if any of our current, or potential new, members choose to setup their own SMTP email server, our Avalon server could send them email directly, without going through any of the big boys.

Indeed, that's how I did things for a while, back in the 1990's, when I ran my own email server and email to me went directly to my server, without any reliance on any intermediate "big boy" email service provider.

However ... how many of our present or potential Avalon members run their own email server these days?

Off hand, I doubt there are any that do. Nowadays, we all get our email feeds from or via one of the big boys. So we have to play by their rules, and pay their admission fee. Fortunately, there are "big boy" email players who are more suitable for Avalon's needs than Gmail.

To send SMTP through our servers you have to authorise with your email account username and password (so we know who you are and can rate limit spammers - we do rate limit PHP through other means!), when your authenticated mail hits our SMTP server (Dovecot) we open an outbound connection to the MX record of that mail server to deliver it (a digital knock on the door so to speak).

Ah - yes - we could send email more directly to which ever big boy server each email address referred to.

Here are the top 31 email domains of our Avalon members, from some few year old data I happened to have right at hand. This shows how many email addresses were in each domain, by number and cumulative percentage. So doing this would have reduced the number of messages we sent directly to gmail down to 39% of the total, while introducing more email administrative work on Avalon. At the time of that data, there some 1329 domains represented in our members email addresses.

Yes, I would expect that an ISP would do exactly that. I would not expect most small websites to do that. I did indeed over simplify my "big boy" comment a bit ... though that doesn't change how I would expect most websites the size of Avalon or smaller, to operate.

4699 39.0% gmail.com
6263 51.9% yahoo.com
7705 63.9% hotmail.com
7986 66.2% aol.com
8169 67.8% hotmail.co.uk
8339 69.2% yahoo.co.uk
8467 70.2% comcast.net
8590 71.2% live.com
8684 72.0% msn.com
8763 72.7% outlook.com
8841 73.3% googlemail.com
8911 73.9% yahoo.ca
8970 74.4% btinternet.com
9029 74.9% ymail.com
9083 75.3% live.co.uk
9135 75.8% sbcglobal.net
9184 76.2% me.com
9228 76.5% icloud.com
9271 76.9% yahoo.com.au
9312 77.2% protonmail.com
9351 77.6% bigpond.com
9389 77.9% hushmail.com
9425 78.2% mac.com
9461 78.5% verizon.net
9496 78.8% mail.com
9530 79.0% mail.ru
9562 79.3% cox.net
9590 79.5% earthlink.net
9618 79.8% gmx.com
9644 80.0% ntlworld.com

As I wrote, I'm no expert, which is why I asked my ISP how my email works. AFAIK I can send messages to anyone.

why I asked my ISP how my email works.
Yup - ISP's are part of the internet infrastructure. Part of their job is moving packets, whether email or otherwise, toward wherever they are destined. For email, that's going to be wherever the MX record in the destination IPs DNS record points. They will expect to connect to an SMTP server there, so they can pass the email along.

For the rest of us, who's main job is not operating as part of the internet infrastructure, but rather some other reason to be on the Internet, we typically send and receive our Internet traffic through our ISP, and we access our email traffic either through typical email client software on our PC, mobile or browser, or for websites such as Avalon, through an SMTP client that is connected to either to our ISP's SMTP server or, via our ISP, to some other email service provider on the Internet.

(Sufficiently large companies, such as Amazon, Google and Cloudflare, usually do all of the above internally, and only connect to the rest of the Internet at whichever one of their sites is closest to the end point for that connection.)

So .. the answer one gets from an ISP to such email questions is not the same as the answer one gets from a backroom geek (e.g. myself) at some discussion forum (e.g. Avalon).

AFAIK I can send messages to anyone.

Yup - if your email can't get to anyone via a valid MX record in the global DNS records, then your email is broken somehow.

I create the form in html and that calls up a PHP routine, which I wrote, using method "Post".
We do similar - using Dovecot (an SMTP server) rather than PHP's builtin email handler, to send outgoing email on its way.
Belated technical correction: We use Sendmail, not Dovecot, to send email out to Gmail, and on to its final destiny.

Apparently our "noreply" email bot sender got the credit blame, by Gmail for these frequent (once every 4 or 5 days on average) traffic jams, and this is why Gmail banned "noreply" for a while from sending email from the Avalon server to the Gmail server.
It might well be that the reason that the Honorable Mr "noreply" got the blame for all that Gmail traffic from our Avalon server is that our server's secure SMTP login to the Gmail server (done each time our server wants to send out an email message) happens to login to that Gmail server using the user name noreply@projectavalon.net.

We use noreply@projectavalon.net in several places, but this particular use (for the Avalon server to login into the Gmail server to send email) is configured on vBulletin's AdminCP page:

https://projectavalon.net/forum4/admincp

in the settings option:

Settings -> Options -> Email Options

(The above observation means little now, as we've resolved this problem with Gmail, and are soon moving to Fastmail anyway.)

Belated technical correction: We use Sendmail, not Dovecot, to send email out to Gmail, and on to its final destiny.
Correction of correction:
While the venerable sendmail program is installed on the Avalon server, as are also email programs Postfix and Dovecot, those are not what we use to send mail. Rather we use one or another of a couple of vBulletin and/or PHP routines. Just which one(s) is a matter of current investigation by myself, in preparation for the Gmail -> Fastmail move.

Thank you so much for your Avalon service, Paul. :Avalon:

While the venerable sendmail program is installed on the Avalon server, as are also email programs Postfix and Dovecot, those are not what we use to send mail.
Yesterday, I disabled all three of sendmail, postfix, and dovecot, which were the three major email handling programs installed on our Avalon server.

We were not using any of them, and even if we were, the postfix+dovecot combination breaks sendmail, so it made no sense to have all three.

Rather builtin PHP code handles all our forum server's outgoing email, using email configuration settings (pointing to Gmail's SMTP server, soon to be pointing to Fastmail's SMTP server) that are set in the vBulletin Admin Control Panel.

When I get bored, and am finished trying to break :P the forum's email in this big Gmail->Fastmail shift (for incoming email), I will likely deinstall sendmail, postfix and dovecot entirely. They are just wasting space on our server's disk now.

===

Meanwhile, I expect that tomorrow (Sunday), Gmail will end the 2+ day delay they imposed on me, and then I will be able to brew a stiff cup of coffee and do the actual Big Flip, redirecting our incoming email to our Fastmail accounts.

As I'm no expert, I asked my ISP to comment:

"Let's start with the bit that's not true.... The "Inter"net is made up of millions of servers transacting data between them day in and day out, any individual server can connect to another server to send email, ...

Absolutely - if any of our current, or potential new, members choose to setup their own SMTP email server, our Avalon server could send them email directly, without going through any of the big boys.

...

Nowadays, we all get our email feeds from or via one of the big boys. So we have to play by their rules, and pay their admission fee. Fortunately, there are "big boy" email players who are more suitable for Avalon's needs than Gmail.

The major email vendors (which, for example, almost all our Avalon members use) are becoming increasingly strict with what email they will accept. They are imposing increasingly stringent standards on their blacklist, reverse DNS, DKIM, SPF, and DMARC checks. They are increasingly unlikely to deliver email that doesn't pass all these tests. Only those who can afford the expertise to stay current in these evolving standards can count on getting their email delivered.

So, while this doesn't mean you have to be a "big boy", it does mean you have to have, or if not, hire, this expertise.

It also means you have to have a server with a fixed IP address and with an ISP who will setup a reverse DNS record in their DNS records, pointing that IP address back to your server's domain name.

This video provides more details:

Nj8tTAGrUKE