On 06/11/2010 12:59 AM, Emmanuel Bailleul wrote:
Hello,
I'm currently working on a test box to verify the behavior of some features I'd
like to implement on a production mail relay server.
Among those are recipient_bcc_maps/sender_bcc_maps (to keep copies of certain
emails) and after-queue content_filter (to be able to block certain file types).
These two features alone work as expected/documented, but when used altogether produce
the non desired effect of generating 2 identical bccs : the first one seems to occur at
first submission and the second one after "resubmission" by the content_filter.
I have tried to override the 'recipient_bcc_maps' setting in master.cf but to
no avail.
Isn't this setting overridable by any means ? or maybe the same goal could be
achieved another way ?
Please find below the output of 'postconf -n', an extract of my master.cf, my
recipient_bcc file and related logs from a test (sending an email via smtp from
localhost) :
### postconf -n ###
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/sbin
data_directory = /var/lib/postfix
debug_peer_level = 2
html_directory = no
mail_owner = postfix
mailq_path = /usr/bin/mailq
manpage_directory = /usr/man
message_size_limit = 1024000
mydestination = $myhostname, zencore.$mydomain, localhost
mydomain = blah.org
myhostname = zencore.blah.org
mynetworks = 10.36.6.219/32
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = /usr/doc/postfix-2.6.5/readme
recipient_bcc_maps = hash:/etc/postfix/recipient_bcc
relay_domains = testdom.fr
sample_directory = /etc/postfix
sender_bcc_maps = hash:/etc/postfix/sender_bcc
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
smtpd_recipient_restrictions = permit_mynetworks check_recipient_access
hash:/etc/postfix/denied_recipients reject_unauth_destination
smtpd_sender_restrictions = permit_mynetworks reject_unknown_sender_domain
reject_non_fqdn_sender check_sender_access hash:/etc/postfix/sender_access
permit
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 550
###
### recipient_bcc file ###
@testdom.fr root
###
### master.cf ###
(snip)
smtp inet n - n - - smtpd
-o content_filter=filter:dummy
-o recipient_bcc_maps=
(snip)
filter unix - n n - - pipe
flags=Rq user=manu argv=/tmp/filter.sh -f ${sender} -- ${recipient}
###
### maillog ###
Jun 11 00:46:36 (none) postfix/smtpd[1979]: warning: dict_nis_init: NIS domain
name not set - NIS lookups disabled
Jun 11 00:46:36 (none) postfix/smtpd[1979]: connect from localhost[127.0.0.1]
Jun 11 00:47:04 (none) postfix/smtpd[1979]: B3DE110CE3:
client=localhost[127.0.0.1]
Jun 11 00:47:27 (none) postfix/cleanup[1984]: B3DE110CE3:
message-id=<20100610224704.b3de110...@zencore.blah.org>
Jun 11 00:47:27 (none) postfix/qmgr[1956]: B3DE110CE3: from=<u...@bonjour.fr>,
size=338, nrcpt=2 (queue active)
Jun 11 00:47:28 (none) postfix/pickup[1955]: 1DED810CE5: uid=1000
from=<u...@bonjour.fr>
Jun 11 00:47:28 (none) postfix/cleanup[1984]: 1DED810CE5:
message-id=<20100610224704.b3de110...@zencore.blah.org>
Jun 11 00:47:28 (none) postfix/pipe[1985]: B3DE110CE3: to=<m...@testdom.fr>,
relay=filter, delay=31, delays=31/0.02/0/0.16, dsn=2.0.0, status=sent (delivered via
filter service)
Jun 11 00:47:28 (none) postfix/pipe[1985]: B3DE110CE3:
to=<r...@zencore.blah.org>, relay=filter, delay=31, delays=31/0.02/0/0.16,
dsn=2.0.0, status=sent (delivered via filter service)
Jun 11 00:47:28 (none) postfix/qmgr[1956]: B3DE110CE3: removed
Jun 11 00:47:28 (none) postfix/qmgr[1956]: 1DED810CE5: from=<u...@bonjour.fr>,
size=453, nrcpt=3 (queue active)
Jun 11 00:47:28 (none) postfix/local[1991]: warning: dict_nis_init: NIS domain
name not set - NIS lookups disabled
Jun 11 00:47:28 (none) postfix/local[1991]: 1DED810CE5:
to=<r...@zencore.blah.org>, relay=local, delay=0.2, delays=0.13/0.04/0/0.03,
dsn=2.0.0, status=sent (delivered to mailbox)
Jun 11 00:47:28 (none) postfix/local[1991]: 1DED810CE5:
to=<r...@zencore.blah.org>, relay=local, delay=0.26, delays=0.13/0.07/0/0.05,
dsn=2.0.0, status=sent (delivered to mailbox)
Jun 11 00:47:28 (none) postfix/smtp[1992]: connect to
10.36.6.219[10.36.6.219]:25: Connection refused
Jun 11 00:47:28 (none) postfix/local[1993]: warning: dict_nis_init: NIS domain
name not set - NIS lookups disabled
Jun 11 00:47:28 (none) postfix/smtp[1992]: 1DED810CE5: to=<m...@testdom.fr>,
relay=none, delay=0.26, delays=0.13/0.11/0.01/0, dsn=4.4.1, status=deferred (connect
to 10.36.6.219[10.36.6.219]:25: Connection refused)
Jun 11 00:47:29 (none) postfix/smtpd[1979]: disconnect from localhost[127.0.0.1]
###
As seen in the logs, same email is delivered twice to root's mailbox (which I
can verify by opening it).
Note 1 : the 'connection refused' message is due to no real mail server being
present at the IP address. This is just for a test and I don't think it's
relevant for my problem.
Note 2 : for the test, I use a "NOOP" filter shell script which does nothing but
resubmitting mails via 'sendmail' command. I observed the same behavior with amavisd-new and smtp
"resubmission".
Those don't work at all in the same way.
The point of the transport is to resubmit the mail to a *different* smtp
listener, that has bcc_maps unset.
If you disable it on the main smtp listener, it won't do what you think.
Create a new smtp transport for your content filter, unset *_bcc_maps,
and re-inject via smtp.
That's how amavis does it (and not how you describe it).
J.
