Am 15.01.2025 um 17:22 schrieb Wietse Venema via Postfix-users:
Florian Piekert via Postfix-users:
Hello postfix-users,

I run pf 3.10-20250107 on ubuntu 24.04.

I use sender_bcc_maps and recipient_bcc_maps with pcre: mapping. The files are 
simple.

However, I am puzzled by some behaviour of postfix that doesn't fit my 
expectation somehow.

In my main.cf the corresponding directives are
---8<---
always_bcc =
recipient_bcc_maps = pcre:$meta_directory/administrator_recipient_bcc.pcre
sender_bcc_maps = pcre:$meta_directory/administrator_sender_bcc.pcre
lmtp_destination_recipient_limit = 1
---8<---

Some recipient on my machine receives emails from some firewall, where the 
sender email is more or less

/^spalertd@.*$/        ignorethis

I do not want a copy of mails from those senders. Therefore I have added it to 
the
sender_bcc_maps-File (expression as above). (ignorethis is an alias for |cat > 
/dev/null).

However, I still get copies of those emails.

Why?

When I do
root@butterfly:/etc/postfix# echo spale...@xyz.com | postmap -q - 
pcre:/etc/postfix/administrator_sender_bcc.pcre
spale...@xyz.com        ignorethis

So in theory, it should NOT deliver a bcc copy. Right?

When looking at the
https://www.postfix.org/postconf.5.html
manual entries for sender_bcc_maps and recipient_bcc_maps, both have in common 
they get evaluated when an external email enters postfix.
This applies to the spale...@xyz.com mails.

I do not have spalertd@ in recipient_bcc_maps.

Now the funny thought to my question. Does the ORDER of the main.cf directives 
play a role?

Hm, no, it doesn't.

Where is my mental mistake?

You forgot to include logs with the address that the message is
delivered to. I expect that the address will not have the domain
that you assumed.

I do not assume any specific domain:

/^spalertd@.*$/        ignorethis

is the entry. the above domain'ized example was just that.

One such example is
Jan 15 12:40:47 butterfly postfix/smtpd[3017372]: connect from 
p5b166dd3.dip0.t-ipconnect.de[91.22.109.211]
Jan 15 12:40:47 butterfly rspamd[2737815]: <cb9964>; proxy; 
proxy_accept_socket: accepted milter connection from ::1 port 34620
Jan 15 12:40:47 butterfly postfix/smtpd[3017372]: setting up TLS connection 
from p5b166dd3.dip0.t-ipconnect.de[91.22.109.211]
Jan 15 12:40:47 butterfly postfix/smtpd[3017372]: 
p5b166dd3.dip0.t-ipconnect.de[91.22.109.211]: TLS cipher list 
"aNULL:-aNULL:HIGH:MEDIUM:!SEED:!IDEA:!3DES:!RC2:!RC4:!RC5:!kDH:!kECDH:!aDSS:!MD5:+RC4:@STRENGTH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES:!CBC3-SHA:!aNULL"
Jan 15 12:40:47 butterfly postfix/smtpd[3017372]: SSL_accept:before SSL 
initialization
Jan 15 12:40:47 butterfly postfix/smtpd[3017372]: SSL_accept:before SSL 
initialization
Jan 15 12:40:47 butterfly postfix/smtpd[3017372]: SSL_accept:SSLv3/TLS read 
client hello
Jan 15 12:40:47 butterfly postfix/smtpd[3017372]: SSL_accept:SSLv3/TLS write 
server hello
Jan 15 12:40:47 butterfly postfix/smtpd[3017372]: SSL_accept:SSLv3/TLS write 
change cipher spec
Jan 15 12:40:47 butterfly postfix/smtpd[3017372]: SSL_accept:TLSv1.3 write 
encrypted extensions
Jan 15 12:40:47 butterfly postfix/smtpd[3017372]: SSL_accept:SSLv3/TLS write 
certificate request
Jan 15 12:40:47 butterfly postfix/smtpd[3017372]: SSL_accept:SSLv3/TLS write 
certificate
Jan 15 12:40:47 butterfly postfix/smtpd[3017372]: SSL_accept:TLSv1.3 write 
server certificate verify
Jan 15 12:40:47 butterfly postfix/smtpd[3017372]: SSL_accept:SSLv3/TLS write 
finished
Jan 15 12:40:47 butterfly postfix/smtpd[3017372]: SSL_accept:TLSv1.3 early data
Jan 15 12:40:47 butterfly postfix/smtpd[3017372]: SSL_accept:TLSv1.3 early data
Jan 15 12:40:47 butterfly postfix/smtpd[3017372]: SSL_accept:SSLv3/TLS read 
client certificate
Jan 15 12:40:47 butterfly postfix/smtpd[3017372]: SSL_accept:SSLv3/TLS read 
finished
Jan 15 12:40:47 butterfly postfix/smtpd[3017372]: 
p5b166dd3.dip0.t-ipconnect.de[91.22.109.211]: Issuing session ticket, key 
expiration: 1736948962
Jan 15 12:40:47 butterfly postfix/smtpd[3017372]: 
p5b166dd3.dip0.t-ipconnect.de[91.22.109.211]: save session 
9F4E31956CE5A1F0DC0E2CAFB1A122DB82774AF1CAEA9027A9879169221A1F90&s=smtpd&l=805306576
 to smtpd cache
Jan 15 12:40:47 butterfly postfix/tlsmgr[2739560]: put smtpd session 
id=9F4E31956CE5A1F0DC0E2CAFB1A122DB82774AF1CAEA9027A9879169221A1F90&s=smtpd&l=805306576
 [data 142 bytes]
Jan 15 12:40:47 butterfly postfix/tlsmgr[2739560]: write smtpd TLS cache entry 
9F4E31956CE5A1F0DC0E2CAFB1A122DB82774AF1CAEA9027A9879169221A1F90&s=smtpd&l=805306576:
 time=1736941247 [data 142 bytes]
Jan 15 12:40:47 butterfly postfix/smtpd[3017372]: SSL_accept:SSLv3/TLS write 
session ticket
Jan 15 12:40:47 butterfly postfix/smtpd[3017372]: Anonymous TLS connection 
established from p5b166dd3.dip0.t-ipconnect.de[91.22.109.211]: TLSv1.3 with 
cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange x25519 
server-signature ECDSA (prime256v1) server-digest SHA256
Jan 15 12:40:47 butterfly postfix/smtpd[3017372]: 225A9F8B1D1: 
client=p5b166dd3.dip0.t-ipconnect.de[91.22.109.211]
Jan 15 12:40:47 butterfly rspamd[2737815]: <cb9964>; milter; 
rspamd_milter_process_command: got connection from 91.22.109.211:54610
Jan 15 12:40:47 butterfly postfix/cleanup[3017381]: 225A9F8B1D1: 
message-id=<20250115114047.0569B7FC40@UTM.Flebbe.local>
Jan 15 12:40:47 butterfly rspamd[2737815]: <225A9F>; proxy; rspamd_message_parse: loaded message; 
id: <20250115114047.0569B7FC40@UTM.Flebbe.local>; queue-id: <225A9F8B1D1>; size: 39363; 
checksum: <9cc9167e14a4f0c3146fb102296e644b>
Jan 15 12:40:47 butterfly rspamd[2737815]: <225A9F>; proxy; 
rspamd_mime_part_detect_language: detected part language: de
Jan 15 12:40:47 butterfly rspamd[2737815]: <225A9F>; lua; common.lua:113: p0f: result - 
fingerprintfound: "Linux 2.2.x-3.x - score: 0"
Jan 15 12:40:47 butterfly rspamd[2737815]: <225A9F>; lua; common.lua:113: p0f: result - 
fingerprintfound: "link=DSL - score: 0"
Jan 15 12:40:47 butterfly rspamd[2737815]: <225A9F>; lua; common.lua:113: p0f: result - 
fingerprintfound: "distance=7 - score: 0"
Jan 15 12:40:47 butterfly rspamd[2737815]: <225A9F>; dkim_signing; 
lua_dkim_tools.lua:195: mail is ineligible for signing
Jan 15 12:40:47 butterfly rspamd[2737815]: <225A9F>; proxy; 
rspamd_spf_maybe_return: not stored SPF record for UTM.Flebbe.local 
(0xa4aa40bbeec59e2b) in LRU cache; flags=4; ttl=0
Jan 15 12:40:47 butterfly rspamd[2737815]: <225A9F>; arc; 
lua_dkim_tools.lua:193: mail was sent to us
...
Jan 15 12:40:48 butterfly rspamd[2737815]: <225A9F>; proxy; rspamd_task_write_log: id: 
<20250115114047.0569B7FC40@UTM.Flebbe.local>, qid: <225A9F8B1D1>, ip: 91.22.109.211, from: 
<spalertd@UTM.Flebbe.local>, (default: F (no action): [-30.85/14.00] 
[WHITELIST_SPALERTD_SENDER(-50.00){spalertd@UTM.Flebbe.local;},BAYES_SPAM(10.59){100.00%;},HFILTER_HELO_5(3.73){UTM.Flebbe.local;},NEURAL_HAM(-2.99){-0.999;},RBL_SPAMHAUS_PBL(2.49){91.22.109.211:from;},HFILTER_FROMHOST_NORES_A_OR_MX(1.86){utm.flebbe.local;},AUTH_NA(1.24){},GENERIC_REPUTATION(0.63){0.5099798897269;},MX_INVALID(0.62){},IP_REPUTATION_SPAM(0.38){asn:
 3320(-0.18), country: DE(-0.01), ip: 
91.22.109.211(0.26);},MIME_HTML_ONLY(0.24){},ONCE_RECEIVED(0.24){},MANY_INVISIBLE_PARTS(0.06){1;},ARC_NA(0.00){},ASN(0.00){asn:3320,
 ipnet:91.0.0.0/10, 
country:DE;},DMARC_NA(0.00){utm.flebbe.local;},FROM_EQ_ENVFROM(0.00){},FROM_HAS_DN(0.00){},HAS_DATA_URI(0.00){},MID_RHS_MATCH_FROM(0.00){},MIME_TRACE(0.00){0:~;},MISSING_XM_UA(0.00){},P0F(0.00){Li
nux 
2.2.x-3.x;link=DSL;distance=7;},RCPT_COUNT_ONE(0.00){1;},RCVD_COUNT_ONE(0.00){1;},RCVD_TLS_LAST(0.00){},R_DKIM_NA(0.00){},R_SPF_NA(0.00){no
 SPF record;},TO_DN_ALL(0.00){},TO_MATCH_ENVRCPT_ALL(0.00){}]), len: 39363, time: 1672.614ms, dns 
req: 19, digest: <9cc9167e14a4f0c3146fb102296e644b>, rcpts: 
<recipi...@targetdom.ain>, mime_rcpts: <recipi...@targetdom.ain>
Jan 15 12:40:48 butterfly rspamd[2737815]: <225A9F>; proxy; 
rspamd_protocol_http_reply: regexp statistics: 0 pcre regexps scanned, 2 regexps 
matched, 179 regexps total, 61 regexps cached, 0B scanned using pcre, 41.41KiB 
scanned total
Jan 15 12:40:48 butterfly postfix/qmgr[2738072]: 225A9F8B1D1: 
from=<spalertd@UTM.Flebbe.local>, size=39826, nrcpt=3 (queue active)
Jan 15 12:40:48 butterfly rspamd[2737815]: <4656dc>; proxy; 
proxy_milter_finish_handler: finished milter connection
Jan 15 12:40:48 butterfly postfix/smtpd[3017372]: disconnect from 
p5b166dd3.dip0.t-ipconnect.de[91.22.109.211] ehlo=2 starttls=1 mail=1 rcpt=1 
data=1 quit=1 commands=7
Jan 15 12:40:48 butterfly postfix/local[3017383]: 225A9F8B1D1: 
to=<admin_bcc_targetm...@butterfly.post-peine.de>, relay=local, delay=1.7, 
delays=1.7/0/0/0, dsn=2.0.0, status=sent (delivered to maildir)
Jan 15 12:40:48 butterfly postfix/local[3017382]: 225A9F8B1D1: 
to=<ignoret...@butterfly.post-peine.de>, relay=local, delay=1.7, 
delays=1.7/0/0/0, dsn=2.0.0, status=sent (delivered to command: 
/usr/local/sbin/devnull)
Jan 15 12:40:48 butterfly postfix/pipe[3017534]: 225A9F8B1D1: 
to=<recipi...@targetdom.ain>, orig_to=<recipi...@targetdom.ain>, relay=dovecot, 
delay=1.7, delays=1.7/0/0/0.01, dsn=2.0.0, status=sent (delivered via dovecot service)
Jan 15 12:40:48 butterfly postfix/qmgr[2738072]: 225A9F8B1D1: removed

In this example the message is send to the admin_bcc_targetmail AND the 
ignorethis match in sender_bcc_maps.

Both sender_bcc_maps and recipient_bcc_maps files have
/^.*$/  admin_bcc_targetmail
at their ends.

So I assume for the sender_bcc_maps the ignorethis is hit, but additionally the 
catch-all in the recipient_bcc_maps. Right?

Thanks Wietse and all of you!

@Jaroslaw: kool wasn't aware of that. Thanks!

Florian
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org

Reply via email to