Re: Getting reject_sender_login_mismatch/smtpd_sender_login_maps and mysql to work together

[Jeff Weinberger]

On Jan 6, 2009, at 5:59 PM, Wietse Venema wrote:

Jeff Weinberger:
I then added the line:
smtpd_sender_login_maps=hash:/path/to/map

to my main.cf and send a few messages. Postfix correctly allowed and
rejected all of the test messaages, and the logs showed the correct
reason for the rejection, and no log entries showing a successful  
match.

I then, again just to test, added a field to my virtual users table  
to
hold authorized addresses, and wrote the query noted above into a
mysql_sender_login_maps.cf file.

I used postmap -q to verify that the results of the query were  
correct
and were exactly the same as the results received when I used  
postmap -
q on the hash: file. They all were identical for the same lookup  
keys.

smtpd does the same lookups as "postmap -q".

If the result is different than when you run "postmap -q" by hand,
then it is almost certain that you are using a different search
key than Postfix uses.  Postfix does the lookups as documented in
the postconf(5) manual page:

smtpd_sender_login_maps (default: empty)
      Optional  lookup  table with the SASL login names that own  
sender (MAIL
      FROM) addresses.

      Specify zero or more "type:table"  lookup  tables.  With   
lookups  from
      indexed  files such as DB or DBM, or from networked tables  
such as NIS,
      LDAP or SQL, the following search operations are  done  with   
a  sender
      address of u...@domain:

      1) u...@domain
             This table lookup is always done and has the highest  
precedence.

      2) user
             This table lookup is done only  when  the  domain   
part  of  the
             sender  address  matches $myorigin, $mydestination,  
$inet_inter-
             faces or $proxy_interfaces.

      3) @domain
             This table lookup is done last and has the lowest  
precedence.

You can see what lookups Postfix does by setting the debug_peer_list
parameter in main.cf. For example:

# postconf -e debug_peer_list=static:all
# postfix reload

        Wietse

        Wietse

Thank you very much for your help.

I just responded to Viktor as well, and plead stupid.

I just re-ran all the same tests (by hand this time) and everything  
worked. All postmap-q commands gave the correct results, and all  
messages were accepted or rejected as expected. I checked the scripts  
I used earlier for logical errors and typos, but found none. so I have  
no idea why I was  getting odd results.

Never-the-less, all works now. I thank you and Victor for your  
generous help.

--Jeff