> Gmail-teopro a écrit :
>> Hello guys,
>> I have made a simple filter, following the example
>> here http://www.postfix.org/FILTER_README.html in order to insert a
>> number in the subject line of every message been sent.
>> The script of this filter is very similar with the example, in uses sed
>> to replace "Subject: " with "Subject: #$number" and autoincrements
>> $number every time it is triggered.
>> The filter is defined in master.cf:
>> # ==========================================================================
>> # service type private unpriv chroot wakeup maxproc command + args
>> # (yes) (yes) (yes) (never) (100)
>> # ==========================================================================
>> smtp inet n - n - - smtpd
>> # -o receive_override_options=no_address_mappings
>> 10025 inet n - n - - smtpd
>> # -o receive_override_options=no_address_mappings
>> #
>> .............
>> nrfilter unix - n n - 10 pipe
>> flags=Rq user=filter null_sender=
>> argv=/var/spool/filter/countscript -f ${sender} -- ${recipient}
>> dovecot unix - n n - - pipe
>> flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -d
>> $(recipient)
>> And is triggered from main.cf:
>> ......
>> sender_bcc_maps = hash:/etc/postfix/maps/sender_bcc
>> smtpd_recipient_restrictions =
>> check_sender_access hash:/etc/postfix/maps/sender_nrfilter,
>>>>(mydomain.tld FILTER nrfilter:)
>> permit_mynetworks,
>> permit_sasl_authenticated,
>> reject_unlisted_recipient,
>> reject_unauth_destination,
>> reject_unknown_recipient_domain,
>> reject_rbl_client sbl-xbl.spamhaus.org,
>> reject_rbl_client cbl.abuseat.org,
>> reject_rbl_client bl.spamcop.net,
>> reject_rbl_client zen.spamhaus.org
>> Every "filtered" message have to be bcc-ed into a local accout.
>> This Postfix serves one single virtual domain with virtual users defined
>> in mysql database.
>> Now I am asking your advice because:
>> 1. With the above configuration, the filter works ok but in the bcc
>> account I get 2 messages for each sent message(backscatter I guess).
>> 2. If I enable -o statement for the smtp services, I get only one
>> message in the bcc but the virtual aliasses are no more recognized by
>> Postfix
>> So, it will be great if you can give a suggetion on how can I have only
>> 1 message in bcc account keeping active the virtual aliasses.
>> 3. This problem is caused by faken...@mydomain.tld
>> <mailto:faken...@mydomain.tld>, claimig to be a mydomain.tld user, wich
>> triggers the filter but are finnaly rejected by cbl/rbl checks.
>> NOQUEUE: filter: RCPT from
>> host216-58-dynamic.1-79-r.retail.telecomitalia.it[79.1.58.216]:
>> <afiaac...@mydomain.tld>: Sender address
>> triggers FILTER nrfilter:; from=<afiaac...@mydomain.tld>
>> to=<ag...@mydomain.tld> proto=ESMTP helo=<uomo754a9bd9e5>
>> NOQUEUE: reject: RCPT from
>> host216-58-dynamic.1-79-r.retail.telecomitalia.it[79.1.58.216]: 450
>> 4.7.1 Service unavailable; Client host [79.1.58.216] blocked using
>> sbl-xbl.spamhaus.org; http://www.spamhaus.org/query/bl?ip=79.1.58.216;
>> from=<akinyiandar...@mydomain.tld> to=<ag...@mydomain.tld> proto=ESMTP
>> helo=<uomo754a9bd9e5>
>> If I move check_sender_access statement after cbl/rbl checks, the filter
>> is no more triggered by anyone.
>> Hoping I was clear enough, I am awaiting for your kind
>> suggestions/questions.
> unfortunately, it's not clear.
> - check_rbl_* is checked before the content_fileter, wherever you put
> you FILTER statement.
> - in general, you use -o ... to disable address rewrite before the
> filter. this way, alias, bcc, ... are only interpreted after your filter.
> if things work differently, then you have something else and you'll need
> to provide more information (config and logs).
@mouss, thanks for kind reply.
I'll be glad to provide any additional info in order to make me understand
better how Postfix works, and or course to solve the issues presented above.
My config files are followings:
master.cf
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
smtp inet n - n - - smtpd
# -o receive_override_options=no_address_mappings
10025 inet n - n - - smtpd
# -o receive_override_options=no_address_mappings
pickup fifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - n - - smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay unix - - n - - smtp
# -o fallback_relay=
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - n - - showq
error unix - - n - - error
retry unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
nrfilter unix - n n - 10 pipe
flags=Rq user=filter null_sender=
argv=/var/spool/filter/countscript -f ${sender} -- ${recipient}
dovecot unix - n n - - pipe
flags=DRhu user=vmail:vmail argv=/usr/libexec/dovecot/deliver -d $(recipient)
main.cf
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
mail_owner = postfix
setgid_group = postdrop
myhostname = test.server.ns
mydestination = localhost, $myhostname, $mydomain
mynetworks = /etc/postfix/maps/mynetworks_table
local_recipient_maps = unix:passwd.byname $alias_maps $virtual_mailbox_maps
$virtual_alias_list
unknown_local_recipient_reject_code = 550
home_mailbox =
mail_spool_directory = /var/spool/mail
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail
newaliases_path = /usr/bin/newaliases
mailq_path = /usr/bin/mailq
html_directory = /usr/doc/postfix/html
manpage_directory = /usr/man
sample_directory = /etc/postfix
readme_directory = /usr/doc/postfix
alias_maps = hash:/etc/postfix/maps/aliases
alias_database = hash:/etc/postfix/maps/aliases
#_________ Virtual settings start _______________________
#
virtual_mailbox_domains =
proxy:mysql:$config_directory/mysql/virtual_domains_maps.cf
virtual_mailbox_base = /var/spool/vmail
virtual_mailbox_maps =
proxy:mysql:$config_directory/mysql/virtual_mailbox_maps.cf
virtual_alias_maps = mysql:$config_directory/mysql/virtual_alias_maps.cf
virtual_minimum_uid = 1100
virtual_uid_maps = static:1100
virtual_gid_maps = static:1100
virtual_transport = dovecot
dovecot_destination_recipient_limit = 1
procmail_destination_recipient_limit = 1
transport_maps = hash:/etc/postfix/transport
virtual_mailbox_limit = 1024000000
local_transport=virtual
#
#_________ Virtual settings end ____________________________
#
#_______ SASL settings start _____________________________
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_exceptions_networks = $mynetworks
smtpd_sasl_security_options = noanonymous
smtpd_sasl_authenticated_header = yes
broken_sasl_auth_clients = yes
smtpd_sasl_type = dovecot
#_______ SASL settings end _____________________________
#
header_checks = regexp:/etc/postfix/header_checks
#
sender_bcc_maps = hash:/etc/postfix/maps/sender_bcc
mailbox_size_limit = 1024000000
bounce_queue_lifetime = 3h
maximal_queue_lifetime = 3h
smtpd_helo_required = yes
disable_vrfy_command = yes
non_fqdn_reject_code = 450
invalid_hostname_reject_code = 450
maps_rbl_reject_code = 450
smtpd_client_restrictions =
permit_mynetworks,
smtpd_recipient_restrictions =
check_sender_access hash:/etc/postfix/maps/sender_nrfilter,
permit_mynetworks,
permit_sasl_authenticated,
reject_unlisted_recipient,
reject_unauth_destination,
reject_unknown_recipient_domain,
reject_rbl_client sbl-xbl.spamhaus.org,
reject_rbl_client cbl.abuseat.org,
reject_rbl_client bl.spamcop.net,
reject_rbl_client zen.spamhaus.org
For anything else you think makes problems cear, just ask!
--
Best regards,
Gmail-teopro mailto:teo...@gmail.com
