I need to vary my outgoing SMTP credentials based on the sender's domain. I
have set `smtp_sender_dependent_authentication = yes` and
`smtp_sasl_password_maps`. However, I am unable to fully achieve my goal
because of a surprising behavior in the system.
My goal is to resolve most domains using a hash lookup. I will maintain a
file (domains) that looks like:
@example1.com credentials1
@example2.com credentials1
@example3.com credentials2
@example4.com credentials1
If the desired domain is not found in that file, only then do I want to
make a database lookup using the pgsql table type.
Based on the documentation and my observation, my expectation is that given
a sender address of us...@example5.com, and:
smtp_sasl_password_maps = table1 table2
The system will perform the following lookups:
table1: us...@example5.com
table2: us...@example5.com
table1: @example5.com
table2: @example5.com
table1: outgoing.smtp.server
table2: outgoing.smtp.server
Remember in my case, I never care about the user, so I only want to match
during that second pass when it looks up by domain. So to avoid doing any
postgresql lookups until I really need to, I tried:
smtp_sasl_password_maps = hash:domains pipemap{regexp:nouser,pgsql:
pgdomains.cf}
The nouser file contains one pattern:
/^(@.*)/ ${1}
The intent is: if the input does not start with @, no pattern will match
Because of the pipemap behavior, this will cause the postgres lookup to be
skipped when the input looks like us...@example5.com.
On the second pass, I expected the input to be @example5.com. In that case,
the pattern would match and return the same value, @example5.com, which
would then pass through to the pgsql table, and it would perform the
database query.
However, there appears to be special case logic for the regexp table, so
that it always gets us...@example5.com as the input, even on the second
pass!
Is there indeed special case logic for regexp? Is there any way for me to
disable/bypass it so I can do what I want?
Otherwise, since my domains hash file will never have users in it, my
system will ALWAYS have to query the database, before I get a chance to
look in the hash table just by domain.
I've been so impressed with the postfix configuration story, specifically
around tables, and I was feeling pretty good that I was able to put
together a system like this - only to be stumped by some very unexpected
behavior. Any suggestions on how to achieve what I want (resolve most
emails using the file, use the database on rare occasions as a last resort)
would be greatly appreciated.
Josh
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
