Jeff Weinberger:
> I then added the line:
>
> smtpd_sender_login_maps=hash:/path/to/map
>
> to my main.cf and send a few messages. Postfix correctly allowed and
> rejected all of the test messaages, and the logs showed the correct
> reason for the rejection, and no log entries showing a successful match.
>
> I then, again just to test, added a field to my virtual users table to
> hold authorized addresses, and wrote the query noted above into a
> mysql_sender_login_maps.cf file.
>
> I used postmap -q to verify that the results of the query were correct
> and were exactly the same as the results received when I used postmap -
> q on the hash: file. They all were identical for the same lookup keys.
smtpd does the same lookups as "postmap -q".
If the result is different than when you run "postmap -q" by hand,
then it is almost certain that you are using a different search
key than Postfix uses. Postfix does the lookups as documented in
the postconf(5) manual page:
smtpd_sender_login_maps (default: empty)
Optional lookup table with the SASL login names that own sender (MAIL
FROM) addresses.
Specify zero or more "type:table" lookup tables. With lookups from
indexed files such as DB or DBM, or from networked tables such as NIS,
LDAP or SQL, the following search operations are done with a sender
address of u...@domain:
1) u...@domain
This table lookup is always done and has the highest precedence.
2) user
This table lookup is done only when the domain part of the
sender address matches $myorigin, $mydestination, $inet_inter-
faces or $proxy_interfaces.
3) @domain
This table lookup is done last and has the lowest precedence.
You can see what lookups Postfix does by setting the debug_peer_list
parameter in main.cf. For example:
# postconf -e debug_peer_list=static:all
# postfix reload
Wietse
Wietse
