question about MX records and postfix (repost)
in [Postfix]
|
From: Daniel L'Hommedieu on 24 Mar 2010 11:56 Hi all. I posted this the other day but got no replies, on or off list. I'm really hoping someone might have an idea of what I can do here. I've been looking into things for the last couple days and have not made any progress. Thanks. Daniel --- Today I think I am trying to do something similar to what Bob Eastbrook was discussing in late December. Here is what he said back then: > Forgive me if this is a FAQ, but I've looked all over and I don't see it addressed. > > I have a wildcard MX record for *.example.com which points to mail.example.com. I know how to configure postfix to accept > individual virtual domains such as host1.example.com, but how can I set it up to handle any domains which match the wildcard MX record? > e.g.: > > bob(a)host1.example.com > bob(a)host2.example.com > bob(a)gibberish.example.com > > ... should all map to bob(a)mail.example.com. I'm only concerned about the user "bob" if that matters. I won't know in advance all the hosts in example.com, so I can't add them one at a time. > > Any ideas? > > Bob Specifically, I am trying to build a mail catcher for all of my servers. My production servers run sendmail for outbound mail delivery, but on every one of them I am blocking inbound mail connections. I have set up another system, running postfix, for the purpose of catching mail to all of my production server systems. (My production server systems are database and web servers.) I implemented the solution suggested by Wietse, which I quote here: > APPEND a regular expression map to your virtual_alias_maps > definition. > > /etc/postfix/main.cf: > virtual_alias_maps = > ...stuff you perhaps already have... > pcre:/etc/postfix/virtual_alias.pcre > > /etc/postfix/virtual_alias.pcre: > # Send bob(a)whatever.example.com to bob(a)example.com. > /^bob@([^.]+\.)+example\.com$/ bob(a)example.com > > Further reading: > man 5 virtual (http://www.postfix.org/virtual.5.html) > man 5 pcre_table (http://www.postfix.org/pcre_table.5.html) > man pcrepattern (http://www.pcre.org/pcre.txt, look for section "PCREPATTERN") I am interested in catching mail to root, not "bob," but I'm sure that that is immaterial. ;) I have root aliased as follows: root: root-list(a)lists.example.com The idea I have is that root(a)foo.example.com will get caught by this mail catcher, which will then redirect it to the mailing list on the mail list server. I have an MX record for one of my systems, and I sent email to root(a)foo.example.com to test it. The mail did get handled by the mail catcher, but instead of accepting the mail and forwarding it on, it rejected it with "554 5.7.1 Relay access denied." In another test, I found that this solution does work great for users with permission to relay on the mail catcher (e.g., when I send to root(a)foo.example.com through my mail catcher, it redirects as desired), but not when the mail originates elsewhere. There is a single MX record for my servers, and it points to my mail catcher, so I would've thought that mail for root(a)foo.example.com, for which my mail catcher is the lone MX handler, would get handled by postfix without issue, instead of postfix seeing it as a relay. I'm sure I'm missing a simple step, but I'm not sure what. I seem to recall that members of the postfix-users list typically want the output of postconf or something similar, but I forget exactly what. Let me know, and I'll send it. Thanks for any assistance you can provide. Daniel
From: Wietse Venema on 24 Mar 2010 12:40 Daniel L'Hommedieu: > Hi all. > > I posted this the other day but got no replies, on or off list. > I'm really hoping someone might have an idea of what I can do > here. I've been looking into things for the last couple days and > have not made any progress. You forgot to follow the mailing list welcome message instructions. I'll repeat them below for your convenience. Hint: you need to show Postfix command output and Postfix logging. Wietse TO REPORT A PROBLEM see http://www.postfix.org/DEBUG_README.html#mail TO (UN)SUBSCRIBE see http://www.postfix.org/lists.html Thank you for using Postfix. > Thanks. > > Daniel > > --- > > Today I think I am trying to do something similar to what Bob Eastbrook was discussing in late December. Here is what he said back then: > > Forgive me if this is a FAQ, but I've looked all over and I don't see it addressed. > > > > I have a wildcard MX record for *.example.com which points to mail.example.com. I know how to configure postfix to accept > > individual virtual domains such as host1.example.com, but how can I set it up to handle any domains which match the wildcard MX record? > > e.g.: > > > > bob(a)host1.example.com > > bob(a)host2.example.com > > bob(a)gibberish.example.com > > > > ... should all map to bob(a)mail.example.com. I'm only concerned about the user "bob" if that matters. I won't know in advance all the hosts in example.com, so I can't add them one at a time. > > > > Any ideas? > > > > Bob > > Specifically, I am trying to build a mail catcher for all of my servers. My production servers run sendmail for outbound mail delivery, but on every one of them I am blocking inbound mail connections. I have set up another system, running postfix, for the purpose of catching mail to all of my production server systems. (My production server systems are database and web servers.) > > I implemented the solution suggested by Wietse, which I quote here: > > APPEND a regular expression map to your virtual_alias_maps > > definition. > > > > /etc/postfix/main.cf: > > virtual_alias_maps = > > ...stuff you perhaps already have... > > pcre:/etc/postfix/virtual_alias.pcre > > > > /etc/postfix/virtual_alias.pcre: > > # Send bob(a)whatever.example.com to bob(a)example.com. > > /^bob@([^.]+\.)+example\.com$/ bob(a)example.com > > > > Further reading: > > man 5 virtual (http://www.postfix.org/virtual.5.html) > > man 5 pcre_table (http://www.postfix.org/pcre_table.5.html) > > man pcrepattern (http://www.pcre.org/pcre.txt, look for section "PCREPATTERN") > > I am interested in catching mail to root, not "bob," but I'm sure that that is immaterial. ;) I have root aliased as follows: > root: root-list(a)lists.example.com > > The idea I have is that root(a)foo.example.com will get caught by this mail catcher, which will then redirect it to the mailing list on the mail list server. > > I have an MX record for one of my systems, and I sent email to root(a)foo.example.com to test it. The mail did get handled by the mail catcher, but instead of accepting the mail and forwarding it on, it rejected it with "554 5.7.1 Relay access denied." In another test, I found that this solution does work great for users with permission to relay on the mail catcher (e.g., when I send to root(a)foo.example.com through my mail catcher, it redirects as desired), but not when the mail originates elsewhere. > > There is a single MX record for my servers, and it points to my mail catcher, so I would've thought that mail for root(a)foo.example.com, for which my mail catcher is the lone MX handler, would get handled by postfix without issue, instead of postfix seeing it as a relay. > > I'm sure I'm missing a simple step, but I'm not sure what. I seem to recall that members of the postfix-users list typically want the output of postconf or something similar, but I forget exactly what. Let me know, and I'll send it. > > Thanks for any assistance you can provide. > > Daniel > >
From: Daniel L'Hommedieu on 24 Mar 2010 14:12 On Mar 24, 2010, at 12:40, Wietse Venema wrote: > Daniel L'Hommedieu: >> Hi all. >> >> I posted this the other day but got no replies, on or off list. >> I'm really hoping someone might have an idea of what I can do >> here. I've been looking into things for the last couple days and >> have not made any progress. > > You forgot to follow the mailing list welcome message instructions. > I'll repeat them below for your convenience. > > Hint: you need to show Postfix command output and Postfix logging. > > Wietse > > TO REPORT A PROBLEM see http://www.postfix.org/DEBUG_README.html#mail > > TO (UN)SUBSCRIBE see http://www.postfix.org/lists.html Wietse, Thank you for your response. This is what I see in /var/log/maillog when I send this message: > Mar 24 14:03:18 cary postfix/smtpd[12747]: connect from elasmtp-masked.atl.sa.earthlink.net[209.86.89.68] > Mar 24 14:03:18 cary postfix/smtpd[12747]: NOQUEUE: reject: RCPT from elasmtp-masked.atl.sa.earthlink.net[209.86.89.68]: 554 5.7.1 <root(a)foo.example.com>: Relay access denied; from=<me(a)example.net> to=<root(a)foo.example.com> proto=ESMTP helo=<elasmtp-masked.atl.sa.earthlink.net> > Mar 24 14:03:18 cary postfix/smtpd[12747]: disconnect from elasmtp-masked.atl.sa.earthlink.net[209.86.89.68] Here is the output of postfinger: > postfinger - postfix configuration on Wed Mar 24 14:06:11 EDT 2010 > version: 1.30 > > --System Parameters-- > mail_version = 2.3.3 > hostname = foo.example.com > uname = Linux foo.example.com 2.6.18-164.11.1.el5 #1 SMP Wed Jan 6 13:26:04 EST 2010 x86_64 x86_64 x86_64 GNU/Linux > > --Packaging information-- > looks like this postfix comes from RPM package: postfix-2.3.3-2.1.el5_2 > > --main.cf non-default parameters-- > alias_database = hash:/etc/postfix/aliases > alias_maps = hash:/etc/postfix/aliases > broken_sasl_auth_clients = yes > home_mailbox = Maildir/ > mailbox_command = /usr/bin/procmail > mailq_path = /usr/bin/mailq.postfix > manpage_directory = /usr/share/man > mynetworks = DDD.DD.D.0/24,DDD.DD.DD.0/24,127.0.0.0/8 > newaliases_path = /usr/bin/newaliases.postfix > readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES > relayhost = smtp.example.com > sample_directory = /usr/share/doc/postfix-2.3.3/samples > sendmail_path = /usr/sbin/sendmail.postfix > smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination > smtpd_sasl_auth_enable = yes > smtpd_tls_cert_file = /etc/pki/foo.example.com.crt > smtpd_tls_key_file = /etc/pki/foo.example.com.key > smtpd_tls_loglevel = 1 > smtpd_tls_received_header = yes > smtpd_use_tls = yes > smtp_generic_maps = hash:/etc/postfix/generic > smtp_tls_note_starttls_offer = yes > virtual_alias_maps = pcre:/etc/postfix/virtual_alias.pcre > > --master.cf-- > smtp inet n - n - - smtpd > pickup fifo n - n 60 1 pickup > cleanup unix n - n - 0 cleanup > qmgr fifo n - n 300 1 qmgr > tlsmgr unix - - n 1000? 1 tlsmgr > rewrite unix - - n - - trivial-rewrite > bounce unix - - n - 0 bounce > defer unix - - n - 0 bounce > trace unix - - n - 0 bounce > verify unix - - n - 1 verify > flush unix n - n 1000? 0 flush > proxymap unix - - n - - proxymap > smtp unix - - n - - smtp > relay unix - - n - - smtp > -o fallback_relay= > showq unix n - n - - showq > error unix - - n - - error > discard unix - - n - - discard > local unix - n n - - local > virtual unix - n n - - virtual > lmtp unix - - n - - lmtp > anvil unix - - n - 1 anvil > scache unix - - n - 1 scache > maildrop unix - n n - - pipe > flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient} > old-cyrus unix - n n - - pipe > flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m ${extension} ${user} > cyrus unix - n n - - pipe > user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m ${extension} ${user} > uucp unix - n n - - pipe > flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) > ifmail unix - n n - - pipe > flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) > bsmtp unix - n n - - pipe > flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient > > -- end of postfinger output -- The contents of /etc/postfix/virtual_alias.pcre are: /^root@([^.]+\.)+subdomain\.example\.com$/ root-list(a)lists.example.com I appreciate any assistance the list can provide, even something as simple as a hint of what I need to configure. As Bob was, I am hoping that I can do some sort of wildcard so that I don't have to add every single server to the destination list. Daniel > Thank you for using Postfix. >> Thanks. >> >> Daniel >> >> --- >> >> Today I think I am trying to do something similar to what Bob Eastbrook was discussing in late December. Here is what he said back then: >>> Forgive me if this is a FAQ, but I've looked all over and I don't see it addressed. >>> >>> I have a wildcard MX record for *.example.com which points to mail.example.com. I know how to configure postfix to accept >>> individual virtual domains such as host1.example.com, but how can I set it up to handle any domains which match the wildcard MX record? >>> e.g.: >>> >>> bob(a)host1.example.com >>> bob(a)host2.example.com >>> bob(a)gibberish.example.com >>> >>> ... should all map to bob(a)mail.example.com. I'm only concerned about the user "bob" if that matters. I won't know in advance all the hosts in example.com, so I can't add them one at a time. >>> >>> Any ideas? >>> >>> Bob >> >> Specifically, I am trying to build a mail catcher for all of my servers. My production servers run sendmail for outbound mail delivery, but on every one of them I am blocking inbound mail connections. I have set up another system, running postfix, for the purpose of catching mail to all of my production server systems. (My production server systems are database and web servers.) >> >> I implemented the solution suggested by Wietse, which I quote here: >>> APPEND a regular expression map to your virtual_alias_maps >>> definition. >>> >>> /etc/postfix/main.cf: >>> virtual_alias_maps = >>> ...stuff you perhaps already have... >>> pcre:/etc/postfix/virtual_alias.pcre >>> >>> /etc/postfix/virtual_alias.pcre: >>> # Send bob(a)whatever.example.com to bob(a)example.com. >>> /^bob@([^.]+\.)+example\.com$/ bob(a)example.com >>> >>> Further reading: >>> man 5 virtual (http://www.postfix.org/virtual.5.html) >>> man 5 pcre_table (http://www.postfix.org/pcre_table.5.html) >>> man pcrepattern (http://www.pcre.org/pcre.txt, look for section "PCREPATTERN") >> >> I am interested in catching mail to root, not "bob," but I'm sure that that is immaterial. ;) I have root aliased as follows: >> root: root-list(a)lists.example.com >> >> The idea I have is that root(a)foo.example.com will get caught by this mail catcher, which will then redirect it to the mailing list on the mail list server. >> >> I have an MX record for one of my systems, and I sent email to root(a)foo.example.com to test it. The mail did get handled by the mail catcher, but instead of accepting the mail and forwarding it on, it rejected it with "554 5.7.1 Relay access denied." In another test, I found that this solution does work great for users with permission to relay on the mail catcher (e.g., when I send to root(a)foo.example.com through my mail catcher, it redirects as desired), but not when the mail originates elsewhere. >> >> There is a single MX record for my servers, and it points to my mail catcher, so I would've thought that mail for root(a)foo.example.com, for which my mail catcher is the lone MX handler, would get handled by postfix without issue, instead of postfix seeing it as a relay. >> >> I'm sure I'm missing a simple step, but I'm not sure what. I seem to recall that members of the postfix-users list typically want the output of postconf or something similar, but I forget exactly what. Let me know, and I'll send it. >> >> Thanks for any assistance you can provide. >> >> Daniel >> >>
From: Wietse Venema on 24 Mar 2010 16:26 Daniel L'Hommedieu: > On Mar 24, 2010, at 12:40, Wietse Venema wrote: > > Daniel L'Hommedieu: > >> Hi all. > >> > >> I posted this the other day but got no replies, on or off list. > >> I'm really hoping someone might have an idea of what I can do > >> here. I've been looking into things for the last couple days and > >> have not made any progress. > > > > You forgot to follow the mailing list welcome message instructions. > > I'll repeat them below for your convenience. > > > > Hint: you need to show Postfix command output and Postfix logging. > > > > Wietse > > > > TO REPORT A PROBLEM see http://www.postfix.org/DEBUG_README.html#mail > > > > TO (UN)SUBSCRIBE see http://www.postfix.org/lists.html > > Wietse, > > Thank you for your response. This is what I see in /var/log/maillog when I send this message: > > > Mar 24 14:03:18 cary postfix/smtpd[12747]: connect from elasmtp-masked.atl.sa.earthlink.net[209.86.89.68] > > Mar 24 14:03:18 cary postfix/smtpd[12747]: NOQUEUE: reject: RCPT from elasmtp-masked.atl.sa.earthlink.net[209.86.89.68]: 554 5.7.1 <root(a)foo.example.com>: Relay access denied; from=<me(a)example.net> to=<root(a)foo.example.com> proto=ESMTP helo=<elasmtp-masked.atl.sa.earthlink.net> > > Mar 24 14:03:18 cary postfix/smtpd[12747]: disconnect from elasmtp-masked.atl.sa.earthlink.net[209.86.89.68] I assume that you want your Postfix to receive mail for root(a)foo.example.com. Are there any domains under example.com that you don't want to receive? Are there any users that you don't want to receive? If all you want is treat anything.example.com as example.com, use: /etc/postfix/main.cf: mydestination = localhost example.com pcre:/etc/postfix/mydestination.pcre /etc/postfix/mydestination.pcre: /\.example\.com$/ whatever Where "whatever" may be any non-empty value. By design, Postfix *internals* do not depend on DNS, so that Postfix keeps working when the network is down. Wietse Wietse > Here is the output of postfinger: > > postfinger - postfix configuration on Wed Mar 24 14:06:11 EDT 2010 > > version: 1.30 > > > > --System Parameters-- > > mail_version = 2.3.3 > > hostname = foo.example.com > > uname = Linux foo.example.com 2.6.18-164.11.1.el5 #1 SMP Wed Jan 6 13:26:04 EST 2010 x86_64 x86_64 x86_64 GNU/Linux > > > > --Packaging information-- > > looks like this postfix comes from RPM package: postfix-2.3.3-2.1.el5_2 > > > > --main.cf non-default parameters-- > > alias_database = hash:/etc/postfix/aliases > > alias_maps = hash:/etc/postfix/aliases > > broken_sasl_auth_clients = yes > > home_mailbox = Maildir/ > > mailbox_command = /usr/bin/procmail > > mailq_path = /usr/bin/mailq.postfix > > manpage_directory = /usr/share/man > > mynetworks = DDD.DD.D.0/24,DDD.DD.DD.0/24,127.0.0.0/8 > > newaliases_path = /usr/bin/newaliases.postfix > > readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES > > relayhost = smtp.example.com > > sample_directory = /usr/share/doc/postfix-2.3.3/samples > > sendmail_path = /usr/sbin/sendmail.postfix > > smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination > > smtpd_sasl_auth_enable = yes > > smtpd_tls_cert_file = /etc/pki/foo.example.com.crt > > smtpd_tls_key_file = /etc/pki/foo.example.com.key > > smtpd_tls_loglevel = 1 > > smtpd_tls_received_header = yes > > smtpd_use_tls = yes > > smtp_generic_maps = hash:/etc/postfix/generic > > smtp_tls_note_starttls_offer = yes > > virtual_alias_maps = pcre:/etc/postfix/virtual_alias.pcre > > > > --master.cf-- > > smtp inet n - n - - smtpd > > pickup fifo n - n 60 1 pickup > > cleanup unix n - n - 0 cleanup > > qmgr fifo n - n 300 1 qmgr > > tlsmgr unix - - n 1000? 1 tlsmgr > > rewrite unix - - n - - trivial-rewrite > > bounce unix - - n - 0 bounce > > defer unix - - n - 0 bounce > > trace unix - - n - 0 bounce > > verify unix - - n - 1 verify > > flush unix n - n 1000? 0 flush > > proxymap unix - - n - - proxymap > > smtp unix - - n - - smtp > > relay unix - - n - - smtp > > -o fallback_relay= > > showq unix n - n - - showq > > error unix - - n - - error > > discard unix - - n - - discard > > local unix - n n - - local > > virtual unix - n n - - virtual > > lmtp unix - - n - - lmtp > > anvil unix - - n - 1 anvil > > scache unix - - n - 1 scache > > maildrop unix - n n - - pipe > > flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient} > > old-cyrus unix - n n - - pipe > > flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m ${extension} ${user} > > cyrus unix - n n - - pipe > > user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m ${extension} ${user} > > uucp unix - n n - - pipe > > flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) > > ifmail unix - n n - - pipe > > flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) > > bsmtp unix - n n - - pipe > > flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient > > > > -- end of postfinger output -- > > The contents of /etc/postfix/virtual_alias.pcre are: > /^root@([^.]+\.)+subdomain\.example\.com$/ root-list(a)lists.example.com > > I appreciate any assistance the list can provide, even something as simple as a hint of what I need to configure. > > As Bob was, I am hoping that I can do some sort of wildcard so that I don't have to add every single server to the destination list. > > Daniel > > > Thank you for using Postfix. > >> Thanks. > >> > >> Daniel > >> > >> --- > >> > >> Today I think I am trying to do something similar to what Bob Eastbrook was discussing in late December. Here is what he said back then: > >>> Forgive me if this is a FAQ, but I've looked all over and I don't see it addressed. > >>> > >>> I have a wildcard MX record for *.example.com which points to mail.example.com. I know how to configure postfix to accept > >>> individual virtual domains such as host1.example.com, but how can I set it up to handle any domains which match the wildcard MX record? > >>> e.g.: > >>> > >>> bob(a)host1.example.com > >>> bob(a)host2.example.com > >>> bob(a)gibberish.example.com > >>> > >>> ... should all map to bob(a)mail.example.com. I'm only concerned about the user "bob" if that matters. I won't know in advance all the hosts in example.com, so I can't add them one at a time. > >>> > >>> Any ideas? > >>> > >>> Bob > >> > >> Specifically, I am trying to build a mail catcher for all of my servers. My production servers run sendmail for outbound mail delivery, but on every one of them I am blocking inbound mail connections. I have set up another system, running postfix, for the purpose of catching mail to all of my production server systems. (My production server systems are database and web servers.) > >> > >> I implemented the solution suggested by Wietse, which I quote here: > >>> APPEND a regular expression map to your virtual_alias_maps > >>> definition. > >>> > >>> /etc/postfix/main.cf: > >>> virtual_alias_maps = > >>> ...stuff you perhaps already have... > >>> pcre:/etc/postfix/virtual_alias.pcre > >>> > >>> /etc/postfix/virtual_alias.pcre: > >>> # Send bob(a)whatever.example.com to bob(a)example.com. > >>> /^bob@([^.]+\.)+example\.com$/ bob(a)example.com > >>> > >>> Further reading: > >>> man 5 virtual (http://www.postfix.org/virtual.5.html) > >>> man 5 pcre_table (http://www.postfix.org/pcre_table.5.html) > >>> man pcrepattern (http://www.pcre.org/pcre.txt, look for section "PCREPATTERN") > >> > >> I am interested in catching mail to root, not "bob," but I'm sure that that is immaterial. ;) I have root aliased as follows: > >> root: root-list(a)lists.example.com > >> > >> The idea I have is that root(a)foo.example.com will get caught by this mail catcher, which will then redirect it to the mailing list on the mail list server. > >> > >> I have an MX record for one of my systems, and I sent email to root(a)foo.example.com to test it. The mail did get handled by the mail catcher, but instead of accepting the mail and forwarding it on, it rejected it with "554 5.7.1 Relay access denied." In another test, I found that this solution does work great for users with permission to relay on the mail catcher (e.g., when I send to root(a)foo.example.com through my mail catcher, it redirects as desired), but not when the mail originates elsewhere. > >> > >> There is a single MX record for my servers, and it points to my mail catcher, so I would've thought that mail for root(a)foo.example.com, for which my mail catcher is the lone MX handler, would get handled by postfix without issue, instead of postfix seeing it as a relay. > >> > >> I'm sure I'm missing a simple step, but I'm not sure what. I seem to recall that members of the postfix-users list typically want the output of postconf or something similar, but I forget exactly what. Let me know, and I'll send it. > >> > >> Thanks for any assistance you can provide. > >> > >> Daniel > >> > >> > > >
From: Daniel L'Hommedieu on 24 Mar 2010 17:08 On Mar 24, 2010, at 16:26, Wietse Venema wrote: > Daniel L'Hommedieu: >> On Mar 24, 2010, at 12:40, Wietse Venema wrote: >>> Daniel L'Hommedieu: >>>> Hi all. >>>> >>>> I posted this the other day but got no replies, on or off list. >>>> I'm really hoping someone might have an idea of what I can do >>>> here. I've been looking into things for the last couple days and >>>> have not made any progress. >>> >>> You forgot to follow the mailing list welcome message instructions. >>> I'll repeat them below for your convenience. >>> >>> Hint: you need to show Postfix command output and Postfix logging. >>> >>> Wietse >>> >>> TO REPORT A PROBLEM see http://www.postfix.org/DEBUG_README.html#mail >>> >>> TO (UN)SUBSCRIBE see http://www.postfix.org/lists.html >> >> Wietse, >> >> Thank you for your response. This is what I see in /var/log/maillog when I send this message: >> >>> Mar 24 14:03:18 cary postfix/smtpd[12747]: connect from elasmtp-masked.atl.sa.earthlink.net[209.86.89.68] >>> Mar 24 14:03:18 cary postfix/smtpd[12747]: NOQUEUE: reject: RCPT from elasmtp-masked.atl.sa.earthlink.net[209.86.89.68]: 554 5.7.1 <root(a)foo.example.com>: Relay access denied; from=<me(a)example.net> to=<root(a)foo.example.com> proto=ESMTP helo=<elasmtp-masked.atl.sa.earthlink.net> >>> Mar 24 14:03:18 cary postfix/smtpd[12747]: disconnect from elasmtp-masked.atl.sa.earthlink.net[209.86.89.68] > > I assume that you want your Postfix to receive mail for > root(a)foo.example.com. > > Are there any domains under example.com that you don't want to receive? > > Are there any users that you don't want to receive? > > If all you want is treat anything.example.com as example.com, use: > > /etc/postfix/main.cf: > mydestination = localhost example.com pcre:/etc/postfix/mydestination.pcre > > /etc/postfix/mydestination.pcre: > /\.example\.com$/ whatever > > Where "whatever" may be any non-empty value. > > By design, Postfix *internals* do not depend on DNS, so that Postfix > keeps working when the network is down. Wietse, I think this is the piece I was missing. My hosts are named as hostname.department.example.com. I am building a mail catcher for my department, so I want my Postfix to accept mail for *@*.department.example.com, and this PCRE is exactly what I was missing. As I mentioned, I figured it had to be something simple. More specifically, what I want is something that will catch root@*.department.example.com, so that the guy who runs the corporate mail server doesn't get frustrated with the double-bounces that my department's applications generate. If I can stay off of his radar, I am doing good, and this mail catcher will help me do that. Thanks. Daniel > > Wietse > > > Wietse > >> Here is the output of postfinger: >>> postfinger - postfix configuration on Wed Mar 24 14:06:11 EDT 2010 >>> version: 1.30 >>> >>> --System Parameters-- >>> mail_version = 2.3.3 >>> hostname = foo.example.com >>> uname = Linux foo.example.com 2.6.18-164.11.1.el5 #1 SMP Wed Jan 6 13:26:04 EST 2010 x86_64 x86_64 x86_64 GNU/Linux >>> >>> --Packaging information-- >>> looks like this postfix comes from RPM package: postfix-2.3.3-2.1.el5_2 >>> >>> --main.cf non-default parameters-- >>> alias_database = hash:/etc/postfix/aliases >>> alias_maps = hash:/etc/postfix/aliases >>> broken_sasl_auth_clients = yes >>> home_mailbox = Maildir/ >>> mailbox_command = /usr/bin/procmail >>> mailq_path = /usr/bin/mailq.postfix >>> manpage_directory = /usr/share/man >>> mynetworks = DDD.DD.D.0/24,DDD.DD.DD.0/24,127.0.0.0/8 >>> newaliases_path = /usr/bin/newaliases.postfix >>> readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES >>> relayhost = smtp.example.com >>> sample_directory = /usr/share/doc/postfix-2.3.3/samples >>> sendmail_path = /usr/sbin/sendmail.postfix >>> smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination >>> smtpd_sasl_auth_enable = yes >>> smtpd_tls_cert_file = /etc/pki/foo.example.com.crt >>> smtpd_tls_key_file = /etc/pki/foo.example.com.key >>> smtpd_tls_loglevel = 1 >>> smtpd_tls_received_header = yes >>> smtpd_use_tls = yes >>> smtp_generic_maps = hash:/etc/postfix/generic >>> smtp_tls_note_starttls_offer = yes >>> virtual_alias_maps = pcre:/etc/postfix/virtual_alias.pcre >>> >>> --master.cf-- >>> smtp inet n - n - - smtpd >>> pickup fifo n - n 60 1 pickup >>> cleanup unix n - n - 0 cleanup >>> qmgr fifo n - n 300 1 qmgr >>> tlsmgr unix - - n 1000? 1 tlsmgr >>> rewrite unix - - n - - trivial-rewrite >>> bounce unix - - n - 0 bounce >>> defer unix - - n - 0 bounce >>> trace unix - - n - 0 bounce >>> verify unix - - n - 1 verify >>> flush unix n - n 1000? 0 flush >>> proxymap unix - - n - - proxymap >>> smtp unix - - n - - smtp >>> relay unix - - n - - smtp >>> -o fallback_relay= >>> showq unix n - n - - showq >>> error unix - - n - - error >>> discard unix - - n - - discard >>> local unix - n n - - local >>> virtual unix - n n - - virtual >>> lmtp unix - - n - - lmtp >>> anvil unix - - n - 1 anvil >>> scache unix - - n - 1 scache >>> maildrop unix - n n - - pipe >>> flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient} >>> old-cyrus unix - n n - - pipe >>> flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m ${extension} ${user} >>> cyrus unix - n n - - pipe >>> user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m ${extension} ${user} >>> uucp unix - n n - - pipe >>> flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) >>> ifmail unix - n n - - pipe >>> flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) >>> bsmtp unix - n n - - pipe >>> flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient >>> >>> -- end of postfinger output -- >> >> The contents of /etc/postfix/virtual_alias.pcre are: >> /^root@([^.]+\.)+subdomain\.example\.com$/ root-list(a)lists.example.com >> >> I appreciate any assistance the list can provide, even something as simple as a hint of what I need to configure. >> >> As Bob was, I am hoping that I can do some sort of wildcard so that I don't have to add every single server to the destination list. >> >> Daniel >> >>> Thank you for using Postfix. >>>> Thanks. >>>> >>>> Daniel >>>> >>>> --- >>>> >>>> Today I think I am trying to do something similar to what Bob Eastbrook was discussing in late December. Here is what he said back then: >>>>> Forgive me if this is a FAQ, but I've looked all over and I don't see it addressed. >>>>> >>>>> I have a wildcard MX record for *.example.com which points to mail.example.com. I know how to configure postfix to accept >>>>> individual virtual domains such as host1.example.com, but how can I set it up to handle any domains which match the wildcard MX record? >>>>> e.g.: >>>>> >>>>> bob(a)host1.example.com >>>>> bob(a)host2.example.com >>>>> bob(a)gibberish.example.com >>>>> >>>>> ... should all map to bob(a)mail.example.com. I'm only concerned about the user "bob" if that matters. I won't know in advance all the hosts in example.com, so I can't add them one at a time. >>>>> >>>>> Any ideas? >>>>> >>>>> Bob >>>> >>>> Specifically, I am trying to build a mail catcher for all of my servers. My production servers run sendmail for outbound mail delivery, but on every one of them I am blocking inbound mail connections. I have set up another system, running postfix, for the purpose of catching mail to all of my production server systems. (My production server systems are database and web servers.) >>>> >>>> I implemented the solution suggested by Wietse, which I quote here: >>>>> APPEND a regular expression map to your virtual_alias_maps >>>>> definition. >>>>> >>>>> /etc/postfix/main.cf: >>>>> virtual_alias_maps = >>>>> ...stuff you perhaps already have... >>>>> pcre:/etc/postfix/virtual_alias.pcre >>>>> >>>>> /etc/postfix/virtual_alias.pcre: >>>>> # Send bob(a)whatever.example.com to bob(a)example.com. >>>>> /^bob@([^.]+\.)+example\.com$/ bob(a)example.com >>>>> >>>>> Further reading: >>>>> man 5 virtual (http://www.postfix.org/virtual.5.html) >>>>> man 5 pcre_table (http://www.postfix.org/pcre_table.5.html) >>>>> man pcrepattern (http://www.pcre.org/pcre.txt, look for section "PCREPATTERN") >>>> >>>> I am interested in catching mail to root, not "bob," but I'm sure that that is immaterial. ;) I have root aliased as follows: >>>> root: root-list(a)lists.example.com >>>> >>>> The idea I have is that root(a)foo.example.com will get caught by this mail catcher, which will then redirect it to the mailing list on the mail list server. >>>> >>>> I have an MX record for one of my systems, and I sent email to root(a)foo.example.com to test it. The mail did get handled by the mail catcher, but instead of accepting the mail and forwarding it on, it rejected it with "554 5.7.1 Relay access denied." In another test, I found that this solution does work great for users with permission to relay on the mail catcher (e.g., when I send to root(a)foo.example.com through my mail catcher, it redirects as desired), but not when the mail originates elsewhere. >>>> >>>> There is a single MX record for my servers, and it points to my mail catcher, so I would've thought that mail for root(a)foo.example.com, for which my mail catcher is the lone MX handler, would get handled by postfix without issue, instead of postfix seeing it as a relay. >>>> >>>> I'm sure I'm missing a simple step, but I'm not sure what. I seem to recall that members of the postfix-users list typically want the output of postconf or something similar, but I forget exactly what. Let me know, and I'll send it. >>>> >>>> Thanks for any assistance you can provide. >>>> >>>> Daniel >>>> >>>> >> >> >>
|
Next
|
Last
Pages: 1 2 Prev: mail for xxxx loops back to myself Next: Relaying and backskatter problem |