On Mar 24, 2010, at 16:26, Wietse Venema wrote:
> Daniel L'Hommedieu:
>> On Mar 24, 2010, at 12:40, Wietse Venema wrote:
>>> Daniel L'Hommedieu:
>>>> Hi all.
>>>>
>>>> I posted this the other day but got no replies, on or off list.
>>>> I'm really hoping someone might have an idea of what I can do
>>>> here. I've been looking into things for the last couple days and
>>>> have not made any progress.
>>>
>>> You forgot to follow the mailing list welcome message instructions.
>>> I'll repeat them below for your convenience.
>>>
>>> Hint: you need to show Postfix command output and Postfix logging.
>>>
>>> Wietse
>>>
>>> TO REPORT A PROBLEM see http://www.postfix.org/DEBUG_README.html#mail
>>>
>>> TO (UN)SUBSCRIBE see http://www.postfix.org/lists.html
>>
>> Wietse,
>>
>> Thank you for your response. This is what I see in /var/log/maillog when I
>> send this message:
>>
>>> Mar 24 14:03:18 cary postfix/smtpd[12747]: connect from
>>> elasmtp-masked.atl.sa.earthlink.net[209.86.89.68]
>>> Mar 24 14:03:18 cary postfix/smtpd[12747]: NOQUEUE: reject: RCPT from
>>> elasmtp-masked.atl.sa.earthlink.net[209.86.89.68]: 554 5.7.1
>>> <r...@foo.example.com>: Relay access denied; from=<m...@example.net>
>>> to=<r...@foo.example.com> proto=ESMTP
>>> helo=<elasmtp-masked.atl.sa.earthlink.net>
>>> Mar 24 14:03:18 cary postfix/smtpd[12747]: disconnect from
>>> elasmtp-masked.atl.sa.earthlink.net[209.86.89.68]
>
> I assume that you want your Postfix to receive mail for
> r...@foo.example.com.
>
> Are there any domains under example.com that you don't want to receive?
>
> Are there any users that you don't want to receive?
>
> If all you want is treat anything.example.com as example.com, use:
>
> /etc/postfix/main.cf:
> mydestination = localhost example.com pcre:/etc/postfix/mydestination.pcre
>
> /etc/postfix/mydestination.pcre:
> /\.example\.com$/ whatever
>
> Where "whatever" may be any non-empty value.
>
> By design, Postfix *internals* do not depend on DNS, so that Postfix
> keeps working when the network is down.
Wietse,
I think this is the piece I was missing. My hosts are named as
hostname.department.example.com. I am building a mail catcher for my
department, so I want my Postfix to accept mail for
*...@*.department.example.com, and this PCRE is exactly what I was missing. As
I mentioned, I figured it had to be something simple.
More specifically, what I want is something that will catch
r...@*.department.example.com, so that the guy who runs the corporate mail
server doesn't get frustrated with the double-bounces that my department's
applications generate. If I can stay off of his radar, I am doing good, and
this mail catcher will help me do that.
Thanks.
Daniel
>
> Wietse
>
>
> Wietse
>
>> Here is the output of postfinger:
>>> postfinger - postfix configuration on Wed Mar 24 14:06:11 EDT 2010
>>> version: 1.30
>>>
>>> --System Parameters--
>>> mail_version = 2.3.3
>>> hostname = foo.example.com
>>> uname = Linux foo.example.com 2.6.18-164.11.1.el5 #1 SMP Wed Jan 6 13:26:04
>>> EST 2010 x86_64 x86_64 x86_64 GNU/Linux
>>>
>>> --Packaging information--
>>> looks like this postfix comes from RPM package: postfix-2.3.3-2.1.el5_2
>>>
>>> --main.cf non-default parameters--
>>> alias_database = hash:/etc/postfix/aliases
>>> alias_maps = hash:/etc/postfix/aliases
>>> broken_sasl_auth_clients = yes
>>> home_mailbox = Maildir/
>>> mailbox_command = /usr/bin/procmail
>>> mailq_path = /usr/bin/mailq.postfix
>>> manpage_directory = /usr/share/man
>>> mynetworks = DDD.DD.D.0/24,DDD.DD.DD.0/24,127.0.0.0/8
>>> newaliases_path = /usr/bin/newaliases.postfix
>>> readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
>>> relayhost = smtp.example.com
>>> sample_directory = /usr/share/doc/postfix-2.3.3/samples
>>> sendmail_path = /usr/sbin/sendmail.postfix
>>> smtpd_recipient_restrictions = permit_sasl_authenticated,
>>> permit_mynetworks, reject_unauth_destination
>>> smtpd_sasl_auth_enable = yes
>>> smtpd_tls_cert_file = /etc/pki/foo.example.com.crt
>>> smtpd_tls_key_file = /etc/pki/foo.example.com.key
>>> smtpd_tls_loglevel = 1
>>> smtpd_tls_received_header = yes
>>> smtpd_use_tls = yes
>>> smtp_generic_maps = hash:/etc/postfix/generic
>>> smtp_tls_note_starttls_offer = yes
>>> virtual_alias_maps = pcre:/etc/postfix/virtual_alias.pcre
>>>
>>> --master.cf--
>>> smtp inet n - n - - smtpd
>>> pickup fifo n - n 60 1 pickup
>>> cleanup unix n - n - 0 cleanup
>>> qmgr fifo n - n 300 1 qmgr
>>> tlsmgr unix - - n 1000? 1 tlsmgr
>>> rewrite unix - - n - - trivial-rewrite
>>> bounce unix - - n - 0 bounce
>>> defer unix - - n - 0 bounce
>>> trace unix - - n - 0 bounce
>>> verify unix - - n - 1 verify
>>> flush unix n - n 1000? 0 flush
>>> proxymap unix - - n - - proxymap
>>> smtp unix - - n - - smtp
>>> relay unix - - n - - smtp
>>> -o fallback_relay=
>>> showq unix n - n - - showq
>>> error unix - - n - - error
>>> discard unix - - n - - discard
>>> local unix - n n - - local
>>> virtual unix - n n - - virtual
>>> lmtp unix - - n - - lmtp
>>> anvil unix - - n - 1 anvil
>>> scache unix - - n - 1 scache
>>> maildrop unix - n n - - pipe
>>> flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
>>> old-cyrus unix - n n - - pipe
>>> flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m ${extension}
>>> ${user}
>>> cyrus unix - n n - - pipe
>>> user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m
>>> ${extension} ${user}
>>> uucp unix - n n - - pipe
>>> flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
>>> ($recipient)
>>> ifmail unix - n n - - pipe
>>> flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
>>> bsmtp unix - n n - - pipe
>>> flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop
>>> $recipient
>>>
>>> -- end of postfinger output --
>>
>> The contents of /etc/postfix/virtual_alias.pcre are:
>> /^root@([^.]+\.)+subdomain\.example\.com$/
>> root-l...@lists.example.com
>>
>> I appreciate any assistance the list can provide, even something as simple
>> as a hint of what I need to configure.
>>
>> As Bob was, I am hoping that I can do some sort of wildcard so that I don't
>> have to add every single server to the destination list.
>>
>> Daniel
>>
>>> Thank you for using Postfix.
>>>> Thanks.
>>>>
>>>> Daniel
>>>>
>>>> ---
>>>>
>>>> Today I think I am trying to do something similar to what Bob Eastbrook
>>>> was discussing in late December. Here is what he said back then:
>>>>> Forgive me if this is a FAQ, but I've looked all over and I don't see it
>>>>> addressed.
>>>>>
>>>>> I have a wildcard MX record for *.example.com which points to
>>>>> mail.example.com. I know how to configure postfix to accept
>>>>> individual virtual domains such as host1.example.com, but how can I set
>>>>> it up to handle any domains which match the wildcard MX record?
>>>>> e.g.:
>>>>>
>>>>> b...@host1.example.com
>>>>> b...@host2.example.com
>>>>> b...@gibberish.example.com
>>>>>
>>>>> ... should all map to b...@mail.example.com. I'm only concerned about the
>>>>> user "bob" if that matters. I won't know in advance all the hosts in
>>>>> example.com, so I can't add them one at a time.
>>>>>
>>>>> Any ideas?
>>>>>
>>>>> Bob
>>>>
>>>> Specifically, I am trying to build a mail catcher for all of my servers.
>>>> My production servers run sendmail for outbound mail delivery, but on
>>>> every one of them I am blocking inbound mail connections. I have set up
>>>> another system, running postfix, for the purpose of catching mail to all
>>>> of my production server systems. (My production server systems are
>>>> database and web servers.)
>>>>
>>>> I implemented the solution suggested by Wietse, which I quote here:
>>>>> APPEND a regular expression map to your virtual_alias_maps
>>>>> definition.
>>>>>
>>>>> /etc/postfix/main.cf:
>>>>> virtual_alias_maps =
>>>>> ...stuff you perhaps already have...
>>>>> pcre:/etc/postfix/virtual_alias.pcre
>>>>>
>>>>> /etc/postfix/virtual_alias.pcre:
>>>>> # Send b...@whatever.example.com to b...@example.com.
>>>>> /^bob@([^.]+\.)+example\.com$/ b...@example.com
>>>>>
>>>>> Further reading:
>>>>> man 5 virtual (http://www.postfix.org/virtual.5.html)
>>>>> man 5 pcre_table (http://www.postfix.org/pcre_table.5.html)
>>>>> man pcrepattern (http://www.pcre.org/pcre.txt, look for section
>>>>> "PCREPATTERN")
>>>>
>>>> I am interested in catching mail to root, not "bob," but I'm sure that
>>>> that is immaterial. ;) I have root aliased as follows:
>>>> root: root-l...@lists.example.com
>>>>
>>>> The idea I have is that r...@foo.example.com will get caught by this mail
>>>> catcher, which will then redirect it to the mailing list on the mail list
>>>> server.
>>>>
>>>> I have an MX record for one of my systems, and I sent email to
>>>> r...@foo.example.com to test it. The mail did get handled by the mail
>>>> catcher, but instead of accepting the mail and forwarding it on, it
>>>> rejected it with "554 5.7.1 Relay access denied." In another test, I found
>>>> that this solution does work great for users with permission to relay on
>>>> the mail catcher (e.g., when I send to r...@foo.example.com through my
>>>> mail catcher, it redirects as desired), but not when the mail originates
>>>> elsewhere.
>>>>
>>>> There is a single MX record for my servers, and it points to my mail
>>>> catcher, so I would've thought that mail for r...@foo.example.com, for
>>>> which my mail catcher is the lone MX handler, would get handled by postfix
>>>> without issue, instead of postfix seeing it as a relay.
>>>>
>>>> I'm sure I'm missing a simple step, but I'm not sure what. I seem to
>>>> recall that members of the postfix-users list typically want the output of
>>>> postconf or something similar, but I forget exactly what. Let me know, and
>>>> I'll send it.
>>>>
>>>> Thanks for any assistance you can provide.
>>>>
>>>> Daniel
>>>>
>>>>
>>
>>
>>
