On Mar 24, 2010, at 12:40, Wietse Venema wrote:
> Daniel L'Hommedieu:
>> Hi all.
>>
>> I posted this the other day but got no replies, on or off list.
>> I'm really hoping someone might have an idea of what I can do
>> here. I've been looking into things for the last couple days and
>> have not made any progress.
>
> You forgot to follow the mailing list welcome message instructions.
> I'll repeat them below for your convenience.
>
> Hint: you need to show Postfix command output and Postfix logging.
>
> Wietse
>
> TO REPORT A PROBLEM see http://www.postfix.org/DEBUG_README.html#mail
>
> TO (UN)SUBSCRIBE see http://www.postfix.org/lists.html
Wietse,
Thank you for your response. This is what I see in /var/log/maillog when I
send this message:
> Mar 24 14:03:18 cary postfix/smtpd[12747]: connect from
> elasmtp-masked.atl.sa.earthlink.net[209.86.89.68]
> Mar 24 14:03:18 cary postfix/smtpd[12747]: NOQUEUE: reject: RCPT from
> elasmtp-masked.atl.sa.earthlink.net[209.86.89.68]: 554 5.7.1
> <r...@foo.example.com>: Relay access denied; from=<m...@example.net>
> to=<r...@foo.example.com> proto=ESMTP
> helo=<elasmtp-masked.atl.sa.earthlink.net>
> Mar 24 14:03:18 cary postfix/smtpd[12747]: disconnect from
> elasmtp-masked.atl.sa.earthlink.net[209.86.89.68]
Here is the output of postfinger:
> postfinger - postfix configuration on Wed Mar 24 14:06:11 EDT 2010
> version: 1.30
>
> --System Parameters--
> mail_version = 2.3.3
> hostname = foo.example.com
> uname = Linux foo.example.com 2.6.18-164.11.1.el5 #1 SMP Wed Jan 6 13:26:04
> EST 2010 x86_64 x86_64 x86_64 GNU/Linux
>
> --Packaging information--
> looks like this postfix comes from RPM package: postfix-2.3.3-2.1.el5_2
>
> --main.cf non-default parameters--
> alias_database = hash:/etc/postfix/aliases
> alias_maps = hash:/etc/postfix/aliases
> broken_sasl_auth_clients = yes
> home_mailbox = Maildir/
> mailbox_command = /usr/bin/procmail
> mailq_path = /usr/bin/mailq.postfix
> manpage_directory = /usr/share/man
> mynetworks = DDD.DD.D.0/24,DDD.DD.DD.0/24,127.0.0.0/8
> newaliases_path = /usr/bin/newaliases.postfix
> readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
> relayhost = smtp.example.com
> sample_directory = /usr/share/doc/postfix-2.3.3/samples
> sendmail_path = /usr/sbin/sendmail.postfix
> smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks,
> reject_unauth_destination
> smtpd_sasl_auth_enable = yes
> smtpd_tls_cert_file = /etc/pki/foo.example.com.crt
> smtpd_tls_key_file = /etc/pki/foo.example.com.key
> smtpd_tls_loglevel = 1
> smtpd_tls_received_header = yes
> smtpd_use_tls = yes
> smtp_generic_maps = hash:/etc/postfix/generic
> smtp_tls_note_starttls_offer = yes
> virtual_alias_maps = pcre:/etc/postfix/virtual_alias.pcre
>
> --master.cf--
> smtp inet n - n - - smtpd
> pickup fifo n - n 60 1 pickup
> cleanup unix n - n - 0 cleanup
> qmgr fifo n - n 300 1 qmgr
> tlsmgr unix - - n 1000? 1 tlsmgr
> rewrite unix - - n - - trivial-rewrite
> bounce unix - - n - 0 bounce
> defer unix - - n - 0 bounce
> trace unix - - n - 0 bounce
> verify unix - - n - 1 verify
> flush unix n - n 1000? 0 flush
> proxymap unix - - n - - proxymap
> smtp unix - - n - - smtp
> relay unix - - n - - smtp
> -o fallback_relay=
> showq unix n - n - - showq
> error unix - - n - - error
> discard unix - - n - - discard
> local unix - n n - - local
> virtual unix - n n - - virtual
> lmtp unix - - n - - lmtp
> anvil unix - - n - 1 anvil
> scache unix - - n - 1 scache
> maildrop unix - n n - - pipe
> flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
> old-cyrus unix - n n - - pipe
> flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m ${extension}
> ${user}
> cyrus unix - n n - - pipe
> user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m
> ${extension} ${user}
> uucp unix - n n - - pipe
> flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
> ($recipient)
> ifmail unix - n n - - pipe
> flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
> bsmtp unix - n n - - pipe
> flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient
>
> -- end of postfinger output --
The contents of /etc/postfix/virtual_alias.pcre are:
/^root@([^.]+\.)+subdomain\.example\.com$/
root-l...@lists.example.com
I appreciate any assistance the list can provide, even something as simple as a
hint of what I need to configure.
As Bob was, I am hoping that I can do some sort of wildcard so that I don't
have to add every single server to the destination list.
Daniel
> Thank you for using Postfix.
>> Thanks.
>>
>> Daniel
>>
>> ---
>>
>> Today I think I am trying to do something similar to what Bob Eastbrook was
>> discussing in late December. Here is what he said back then:
>>> Forgive me if this is a FAQ, but I've looked all over and I don't see it
>>> addressed.
>>>
>>> I have a wildcard MX record for *.example.com which points to
>>> mail.example.com. I know how to configure postfix to accept
>>> individual virtual domains such as host1.example.com, but how can I set it
>>> up to handle any domains which match the wildcard MX record?
>>> e.g.:
>>>
>>> b...@host1.example.com
>>> b...@host2.example.com
>>> b...@gibberish.example.com
>>>
>>> ... should all map to b...@mail.example.com. I'm only concerned about the
>>> user "bob" if that matters. I won't know in advance all the hosts in
>>> example.com, so I can't add them one at a time.
>>>
>>> Any ideas?
>>>
>>> Bob
>>
>> Specifically, I am trying to build a mail catcher for all of my servers. My
>> production servers run sendmail for outbound mail delivery, but on every one
>> of them I am blocking inbound mail connections. I have set up another
>> system, running postfix, for the purpose of catching mail to all of my
>> production server systems. (My production server systems are database and
>> web servers.)
>>
>> I implemented the solution suggested by Wietse, which I quote here:
>>> APPEND a regular expression map to your virtual_alias_maps
>>> definition.
>>>
>>> /etc/postfix/main.cf:
>>> virtual_alias_maps =
>>> ...stuff you perhaps already have...
>>> pcre:/etc/postfix/virtual_alias.pcre
>>>
>>> /etc/postfix/virtual_alias.pcre:
>>> # Send b...@whatever.example.com to b...@example.com.
>>> /^bob@([^.]+\.)+example\.com$/ b...@example.com
>>>
>>> Further reading:
>>> man 5 virtual (http://www.postfix.org/virtual.5.html)
>>> man 5 pcre_table (http://www.postfix.org/pcre_table.5.html)
>>> man pcrepattern (http://www.pcre.org/pcre.txt, look for section
>>> "PCREPATTERN")
>>
>> I am interested in catching mail to root, not "bob," but I'm sure that that
>> is immaterial. ;) I have root aliased as follows:
>> root: root-l...@lists.example.com
>>
>> The idea I have is that r...@foo.example.com will get caught by this mail
>> catcher, which will then redirect it to the mailing list on the mail list
>> server.
>>
>> I have an MX record for one of my systems, and I sent email to
>> r...@foo.example.com to test it. The mail did get handled by the mail
>> catcher, but instead of accepting the mail and forwarding it on, it rejected
>> it with "554 5.7.1 Relay access denied." In another test, I found that this
>> solution does work great for users with permission to relay on the mail
>> catcher (e.g., when I send to r...@foo.example.com through my mail catcher,
>> it redirects as desired), but not when the mail originates elsewhere.
>>
>> There is a single MX record for my servers, and it points to my mail
>> catcher, so I would've thought that mail for r...@foo.example.com, for which
>> my mail catcher is the lone MX handler, would get handled by postfix without
>> issue, instead of postfix seeing it as a relay.
>>
>> I'm sure I'm missing a simple step, but I'm not sure what. I seem to recall
>> that members of the postfix-users list typically want the output of postconf
>> or something similar, but I forget exactly what. Let me know, and I'll send
>> it.
>>
>> Thanks for any assistance you can provide.
>>
>> Daniel
>>
>>
