Phil Howard:
> On Tue, May 25, 2010 at 12:37, Wietse Venema <wie...@porcupine.org> wrote:
> > Phil Howard:
> >> On Tue, May 25, 2010 at 10:36, Wietse Venema <wie...@porcupine.org> wrote:
> >>
> >> > Postfix supports wildcards via regexp/pcre tables.
> >> >
> >> > ?1) You can use them for all the tables that define Postfix address
> >> > ? ?classes: mydestination + aliases, virtual_alias_domains +
> >> > ? ?virtual_alias_maps, virtual_mailbox_domains + virtual_mailbox_maps,
> >> > ? ?relay_domains + relay_recipient_maps.
> >> >
> >> > ? ?Simply replacing one domain name by another does not produce the
> >> > ? ?expected result.
> >>
> >> That's what I'm afraid of ... particularly if it can result in
> >> backscatter or open relay. ?I need to get the test of the valid user
> >> done at RCPT time, obviously. ?But the addressed domain could be
> >> foobar.example.com or xyzzy.example.com or anything else in front of
> >> the domain, without me knowing what these could be in advance. ?So I
> >> can't just have a table of all possible valid u...@hostpart.domain. ?I
> >> can have all valid u...@domain even though RCPT can name
> >> u...@hostpart.domain.
> >
> > Postfix supports wildcards via regexp/pcre tables:
> > /^u...@.*\.example\.com$/ will match the user in any subdomain of
> > example.com.
>
> But this is still going to be a big table with individual entries
> for all users?
You need one table entry per user somewhere, otherwise you can't
reject mail for users that don't exist.
> >> > ?2) Postfix 2.7 supports SMTP command rewriting (smtpd_command_filter)
> >> > ? ?However this would produce an incorrect error message:
> >> >
> >> > ? ?RCPT TO:<u...@foo.example.com>
> >> > ? ? ? ?smtpd_command_filter strips this to ``RCPT TO:<u...@example.com>''
> >> > ? ? ? ?The Postfix SMTP server then responds with:
> >> > ? ?550 5.1.1 <u...@example.com> User unknown
> >
> > In this example, the user really does not exist. Postfix does not
> > produce an error message when u...@example.com exists.
>
> But if I just use a pattern for "user", it's going to look valid no
> matter what username is mailed to, and my server becomes a backscatter
> source. So I need to have the user in there, it seems. Same problem
> as my other need to translate a domain.
In the example, Postfix replaces the domain in the RCPT TO command,
pretends that the client sends "RCPT TO:<u...@example.com>".
You still need one table entry per user somewhere, otherwise you
can't reject mail for users that don't exist.
Wietse
