Am 15.01.2025 um 17:22 schrieb Wietse Venema via Postfix-users:
Florian Piekert via Postfix-users:
Hello postfix-users,
I run pf 3.10-20250107 on ubuntu 24.04.
I use sender_bcc_maps and recipient_bcc_maps with pcre: mapping. The files are
simple.
However, I am puzzled by some behaviour of postfix that doesn't fit my
expectation somehow.
In my main.cf the corresponding directives are
---8<---
always_bcc =
recipient_bcc_maps = pcre:$meta_directory/administrator_recipient_bcc.pcre
sender_bcc_maps = pcre:$meta_directory/administrator_sender_bcc.pcre
lmtp_destination_recipient_limit = 1
---8<---
Some recipient on my machine receives emails from some firewall, where the
sender email is more or less
/^spalertd@.*$/ ignorethis
I do not want a copy of mails from those senders. Therefore I have added it to
the
sender_bcc_maps-File (expression as above). (ignorethis is an alias for |cat >
/dev/null).
However, I still get copies of those emails.
Why?
When I do
root@butterfly:/etc/postfix# echo spale...@xyz.com | postmap -q -
pcre:/etc/postfix/administrator_sender_bcc.pcre
spale...@xyz.com ignorethis
So in theory, it should NOT deliver a bcc copy. Right?
When looking at the
https://www.postfix.org/postconf.5.html
manual entries for sender_bcc_maps and recipient_bcc_maps, both have in common
they get evaluated when an external email enters postfix.
This applies to the spale...@xyz.com mails.
I do not have spalertd@ in recipient_bcc_maps.
Now the funny thought to my question. Does the ORDER of the main.cf directives
play a role?
Hm, no, it doesn't.
Where is my mental mistake?
You forgot to include logs with the address that the message is
delivered to. I expect that the address will not have the domain
that you assumed.
I do not assume any specific domain:
/^spalertd@.*$/ ignorethis
is the entry. the above domain'ized example was just that.
One such example is
Jan 15 12:40:47 butterfly postfix/smtpd[3017372]: connect from
p5b166dd3.dip0.t-ipconnect.de[91.22.109.211]
Jan 15 12:40:47 butterfly rspamd[2737815]: <cb9964>; proxy;
proxy_accept_socket: accepted milter connection from ::1 port 34620
Jan 15 12:40:47 butterfly postfix/smtpd[3017372]: setting up TLS connection
from p5b166dd3.dip0.t-ipconnect.de[91.22.109.211]
Jan 15 12:40:47 butterfly postfix/smtpd[3017372]:
p5b166dd3.dip0.t-ipconnect.de[91.22.109.211]: TLS cipher list
"aNULL:-aNULL:HIGH:MEDIUM:!SEED:!IDEA:!3DES:!RC2:!RC4:!RC5:!kDH:!kECDH:!aDSS:!MD5:+RC4:@STRENGTH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES:!CBC3-SHA:!aNULL"
Jan 15 12:40:47 butterfly postfix/smtpd[3017372]: SSL_accept:before SSL
initialization
Jan 15 12:40:47 butterfly postfix/smtpd[3017372]: SSL_accept:before SSL
initialization
Jan 15 12:40:47 butterfly postfix/smtpd[3017372]: SSL_accept:SSLv3/TLS read
client hello
Jan 15 12:40:47 butterfly postfix/smtpd[3017372]: SSL_accept:SSLv3/TLS write
server hello
Jan 15 12:40:47 butterfly postfix/smtpd[3017372]: SSL_accept:SSLv3/TLS write
change cipher spec
Jan 15 12:40:47 butterfly postfix/smtpd[3017372]: SSL_accept:TLSv1.3 write
encrypted extensions
Jan 15 12:40:47 butterfly postfix/smtpd[3017372]: SSL_accept:SSLv3/TLS write
certificate request
Jan 15 12:40:47 butterfly postfix/smtpd[3017372]: SSL_accept:SSLv3/TLS write
certificate
Jan 15 12:40:47 butterfly postfix/smtpd[3017372]: SSL_accept:TLSv1.3 write
server certificate verify
Jan 15 12:40:47 butterfly postfix/smtpd[3017372]: SSL_accept:SSLv3/TLS write
finished
Jan 15 12:40:47 butterfly postfix/smtpd[3017372]: SSL_accept:TLSv1.3 early data
Jan 15 12:40:47 butterfly postfix/smtpd[3017372]: SSL_accept:TLSv1.3 early data
Jan 15 12:40:47 butterfly postfix/smtpd[3017372]: SSL_accept:SSLv3/TLS read
client certificate
Jan 15 12:40:47 butterfly postfix/smtpd[3017372]: SSL_accept:SSLv3/TLS read
finished
Jan 15 12:40:47 butterfly postfix/smtpd[3017372]:
p5b166dd3.dip0.t-ipconnect.de[91.22.109.211]: Issuing session ticket, key
expiration: 1736948962
Jan 15 12:40:47 butterfly postfix/smtpd[3017372]:
p5b166dd3.dip0.t-ipconnect.de[91.22.109.211]: save session
9F4E31956CE5A1F0DC0E2CAFB1A122DB82774AF1CAEA9027A9879169221A1F90&s=smtpd&l=805306576
to smtpd cache
Jan 15 12:40:47 butterfly postfix/tlsmgr[2739560]: put smtpd session
id=9F4E31956CE5A1F0DC0E2CAFB1A122DB82774AF1CAEA9027A9879169221A1F90&s=smtpd&l=805306576
[data 142 bytes]
Jan 15 12:40:47 butterfly postfix/tlsmgr[2739560]: write smtpd TLS cache entry
9F4E31956CE5A1F0DC0E2CAFB1A122DB82774AF1CAEA9027A9879169221A1F90&s=smtpd&l=805306576:
time=1736941247 [data 142 bytes]
Jan 15 12:40:47 butterfly postfix/smtpd[3017372]: SSL_accept:SSLv3/TLS write
session ticket
Jan 15 12:40:47 butterfly postfix/smtpd[3017372]: Anonymous TLS connection
established from p5b166dd3.dip0.t-ipconnect.de[91.22.109.211]: TLSv1.3 with
cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519
server-signature ECDSA (prime256v1) server-digest SHA256
Jan 15 12:40:47 butterfly postfix/smtpd[3017372]: 225A9F8B1D1:
client=p5b166dd3.dip0.t-ipconnect.de[91.22.109.211]
Jan 15 12:40:47 butterfly rspamd[2737815]: <cb9964>; milter;
rspamd_milter_process_command: got connection from 91.22.109.211:54610
Jan 15 12:40:47 butterfly postfix/cleanup[3017381]: 225A9F8B1D1:
message-id=<20250115114047.0569B7FC40@UTM.Flebbe.local>
Jan 15 12:40:47 butterfly rspamd[2737815]: <225A9F>; proxy; rspamd_message_parse: loaded message;
id: <20250115114047.0569B7FC40@UTM.Flebbe.local>; queue-id: <225A9F8B1D1>; size: 39363;
checksum: <9cc9167e14a4f0c3146fb102296e644b>
Jan 15 12:40:47 butterfly rspamd[2737815]: <225A9F>; proxy;
rspamd_mime_part_detect_language: detected part language: de
Jan 15 12:40:47 butterfly rspamd[2737815]: <225A9F>; lua; common.lua:113: p0f: result -
fingerprintfound: "Linux 2.2.x-3.x - score: 0"
Jan 15 12:40:47 butterfly rspamd[2737815]: <225A9F>; lua; common.lua:113: p0f: result -
fingerprintfound: "link=DSL - score: 0"
Jan 15 12:40:47 butterfly rspamd[2737815]: <225A9F>; lua; common.lua:113: p0f: result -
fingerprintfound: "distance=7 - score: 0"
Jan 15 12:40:47 butterfly rspamd[2737815]: <225A9F>; dkim_signing;
lua_dkim_tools.lua:195: mail is ineligible for signing
Jan 15 12:40:47 butterfly rspamd[2737815]: <225A9F>; proxy;
rspamd_spf_maybe_return: not stored SPF record for UTM.Flebbe.local
(0xa4aa40bbeec59e2b) in LRU cache; flags=4; ttl=0
Jan 15 12:40:47 butterfly rspamd[2737815]: <225A9F>; arc;
lua_dkim_tools.lua:193: mail was sent to us
...
Jan 15 12:40:48 butterfly rspamd[2737815]: <225A9F>; proxy; rspamd_task_write_log: id:
<20250115114047.0569B7FC40@UTM.Flebbe.local>, qid: <225A9F8B1D1>, ip: 91.22.109.211, from:
<spalertd@UTM.Flebbe.local>, (default: F (no action): [-30.85/14.00]
[WHITELIST_SPALERTD_SENDER(-50.00){spalertd@UTM.Flebbe.local;},BAYES_SPAM(10.59){100.00%;},HFILTER_HELO_5(3.73){UTM.Flebbe.local;},NEURAL_HAM(-2.99){-0.999;},RBL_SPAMHAUS_PBL(2.49){91.22.109.211:from;},HFILTER_FROMHOST_NORES_A_OR_MX(1.86){utm.flebbe.local;},AUTH_NA(1.24){},GENERIC_REPUTATION(0.63){0.5099798897269;},MX_INVALID(0.62){},IP_REPUTATION_SPAM(0.38){asn:
3320(-0.18), country: DE(-0.01), ip:
91.22.109.211(0.26);},MIME_HTML_ONLY(0.24){},ONCE_RECEIVED(0.24){},MANY_INVISIBLE_PARTS(0.06){1;},ARC_NA(0.00){},ASN(0.00){asn:3320,
ipnet:91.0.0.0/10,
country:DE;},DMARC_NA(0.00){utm.flebbe.local;},FROM_EQ_ENVFROM(0.00){},FROM_HAS_DN(0.00){},HAS_DATA_URI(0.00){},MID_RHS_MATCH_FROM(0.00){},MIME_TRACE(0.00){0:~;},MISSING_XM_UA(0.00){},P0F(0.00){Li
nux
2.2.x-3.x;link=DSL;distance=7;},RCPT_COUNT_ONE(0.00){1;},RCVD_COUNT_ONE(0.00){1;},RCVD_TLS_LAST(0.00){},R_DKIM_NA(0.00){},R_SPF_NA(0.00){no
SPF record;},TO_DN_ALL(0.00){},TO_MATCH_ENVRCPT_ALL(0.00){}]), len: 39363, time: 1672.614ms, dns
req: 19, digest: <9cc9167e14a4f0c3146fb102296e644b>, rcpts:
<recipi...@targetdom.ain>, mime_rcpts: <recipi...@targetdom.ain>
Jan 15 12:40:48 butterfly rspamd[2737815]: <225A9F>; proxy;
rspamd_protocol_http_reply: regexp statistics: 0 pcre regexps scanned, 2 regexps
matched, 179 regexps total, 61 regexps cached, 0B scanned using pcre, 41.41KiB
scanned total
Jan 15 12:40:48 butterfly postfix/qmgr[2738072]: 225A9F8B1D1:
from=<spalertd@UTM.Flebbe.local>, size=39826, nrcpt=3 (queue active)
Jan 15 12:40:48 butterfly rspamd[2737815]: <4656dc>; proxy;
proxy_milter_finish_handler: finished milter connection
Jan 15 12:40:48 butterfly postfix/smtpd[3017372]: disconnect from
p5b166dd3.dip0.t-ipconnect.de[91.22.109.211] ehlo=2 starttls=1 mail=1 rcpt=1
data=1 quit=1 commands=7
Jan 15 12:40:48 butterfly postfix/local[3017383]: 225A9F8B1D1:
to=<admin_bcc_targetm...@butterfly.post-peine.de>, relay=local, delay=1.7,
delays=1.7/0/0/0, dsn=2.0.0, status=sent (delivered to maildir)
Jan 15 12:40:48 butterfly postfix/local[3017382]: 225A9F8B1D1:
to=<ignoret...@butterfly.post-peine.de>, relay=local, delay=1.7,
delays=1.7/0/0/0, dsn=2.0.0, status=sent (delivered to command:
/usr/local/sbin/devnull)
Jan 15 12:40:48 butterfly postfix/pipe[3017534]: 225A9F8B1D1:
to=<recipi...@targetdom.ain>, orig_to=<recipi...@targetdom.ain>, relay=dovecot,
delay=1.7, delays=1.7/0/0/0.01, dsn=2.0.0, status=sent (delivered via dovecot service)
Jan 15 12:40:48 butterfly postfix/qmgr[2738072]: 225A9F8B1D1: removed
In this example the message is send to the admin_bcc_targetmail AND the
ignorethis match in sender_bcc_maps.
Both sender_bcc_maps and recipient_bcc_maps files have
/^.*$/ admin_bcc_targetmail
at their ends.
So I assume for the sender_bcc_maps the ignorethis is hit, but additionally the
catch-all in the recipient_bcc_maps. Right?
Thanks Wietse and all of you!
@Jaroslaw: kool wasn't aware of that. Thanks!
Florian
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
