On Sat, Mar 24, 2012 at 01:21:57AM +0400, Василий Логачев wrote: > I have postfix version 2.9.1 compiled with MySQL support and > configured to check sender/recipient pairs. > Here is configuration: > > Mostly significant part of /etc/postfix/main.cf: > ---------------------------- > # classes to check senders/recipients > # > permitted_senders_mail2fax = check_sender_access > mysql:/etc/postfix/permitted_senders_mail2fax.cf, > reject > > smtpd_restriction_classes = permitted_senders_mail2fax > > smtpd_recipient_restrictions = check_recipient_access > hash:/etc/postfix/protected_recipients, > reject > ---------------------------- > > # cat /etc/postfix/protected_recipients > mail2...@recipient.domain.tld permitted_senders_mail2fax > > # cat /etc/postfix/permitted_senders_mail2fax.cf > hosts = 127.0.0.1 > user = mysqluser > password = mysqlpassword > dbname = faxcenter > table = users > select_field = 'OK' AS result > where_field = email > additional_conditions = OR email2='%s'
This is the obsolete query syntax that was replaced in Postfix 2.2, Feature 20050209. Why are you using the deprecated syntax? The "new" syntax (if you consider 2005 "new") is straightforward and clean. "query=..." and write the query in SQL. > I need to check 2 fields (email and email2) for permitted sender's > email, therefore i have > additional_conditions = OR email2='%s' > > All works fine, but... > When sender is permitted (found in table), i see only 1 SQL-request > in MySQL's logfile: > 120323 19:18:29 5428 Connect mysqluser@localhost on hostname > 5428 Query SELECT 'OK' AS result FROM users > WHERE email='goodsen...@domain1.tld' OR > email2='goodsen...@doamin1.tld' > > But when sender is not found in table, i see multiple queries in the > logfile: > 120323 19:12:17 5423 Connect mysqluser@localhost on hostname > 5423 Query SELECT 'OK' AS result FROM users > WHERE email='badsen...@domain2.tld' OR email2='badsen...@domain2.tld' > 5423 Query SELECT 'OK' AS result FROM users > WHERE email='domain2.tld' OR email2='domain2.tld' > 5423 Query SELECT 'OK' AS result FROM users > WHERE email='tld' OR email2='tld' > 5423 Query SELECT 'OK' AS result FROM users > WHERE email='badsender@' OR email2='badsender@' > 120323 19:13:17 5423 Quit > > I want to understand what for these 4 queries with local/domain > parts? And how to avoid this. Only one SELECT request with full > e-mail address is quiet enough. This is documented in the access(5) manual. You can limit queries performed by using %u and %d to match local-parts and domain-parts respectively. http://www.postfix.org/mysql_table.5.html -- http://rob0.nodns4.us/ -- system administration and consulting Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
