Tue, 19 Feb 2013 16:31:05 +0000 skrev Viktor Dukhovni <postfix-us...@dukhovni.org>:
> On Tue, Feb 19, 2013 at 12:21:35PM +0100, Titanus Eramius wrote: > > > I've tried with relay_domains, but it matches on domain-level which > > is too much. I then applied relay_recipient_maps, but it don't seem > > to have any effect, which means that addresses is still matched on > > domain basis. > > > > Every Postfix will have access to a complete list of recipients > > through MySQL. > > > > So the question becomes two-part: > > Why can't I get relay_recipient_maps to work? > > http://www.postfix.org/DEBUG_README.html#mail > http://www.postfix.org/STANDARD_CONFIGURATION_README.html#backup > > Wildcard entries in canonical_maps and virtual_alias_maps are the > most common reason for recipient validation failing to distinguish > between valid and invalid recipients. > Thank you for the response and sorry for the slow reply. The problem seems to be related with the virtual setup, but I'm not sure how to best describe and document it. Besides aptget.dk this server also hosts cogky.dk (among others), and while unknown recipients is being correctly rejected with a 550 when sent to aptget.dk, they are not when sent to the other virtual domains. Instead they are accepted and then returned by the MAILER_DAEMON, which in turn opens the server to backscatter. I have tried setting "local_recipient_maps = $virtual_mailbox_maps" in main.cf, but without any apparent effect. To be honest, I'm unsure if I have set "virtual_mailbox_maps" correct, but when testing it with postalias it seems to work titanus@aptget:/etc/postfix$ sudo postalias -q tita...@aptget.dk mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf aptget.dk/titanus/ When I test mysql_virtual_mailbox_maps.cf with a non-existent address, nothing is returned and the exit status is 1. What I would like to achieve, is that Postfix rejects mail to non-existent recipients before accepting mail. Thanks again, Titanus postconf -n alias_maps = hash:/etc/aliases bounce_template_file = /etc/postfix/bounce.cf broken_sasl_auth_clients = yes config_directory = /etc/postfix delay_warning_time = 4 disable_vrfy_command = yes dovecot_destination_recipient_limit = 1 inet_interfaces = 46.21.105.38 local_recipient_maps = $virtual_mailbox_maps mailman_destination_recipient_limit = 1 maximal_queue_lifetime = 15 message_size_limit = 26214400 mydestination = localhost mydomain = aptget.dk myhostname = aptget.aptget.dk mynetworks = 127.0.0.0/8 postscreen_dnsbl_action = enforce postscreen_dnsbl_sites = truncate.gbudb.net*2 b.barracudacentral.org*1 zen.spamhaus.org*1 bl.spamcop.net*1 postscreen_dnsbl_threshold = 2 postscreen_greet_action = enforce recipient_canonical_classes = envelope_recipient recipient_canonical_maps = hash:/etc/postfix/pfix-no-srs.cf, tcp:127.0.0.1:10002 sender_canonical_classes = envelope_sender sender_canonical_maps = hash:/etc/postfix/pfix-no-srs.cf, tcp:127.0.0.1:10001 smtp_tls_security_level = may smtp_tls_session_cache_database = btree:$data_directory/smtp_tls_session_cache smtpd_data_restrictions = reject_unauth_pipelining, reject_multi_recipient_bounce, smtpd_helo_required = yes smtpd_recipient_restrictions = reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_unauth_destination, smtpd_sasl_auth_enable = yes smtpd_sasl_exceptions_networks = $mynetworks smtpd_sasl_path = private/auth smtpd_sasl_security_options = noanonymous smtpd_sasl_type = dovecot smtpd_tls_ask_ccert = yes smtpd_tls_cert_file = /etc/ssl/self-signed/smtpd.crt smtpd_tls_key_file = /etc/ssl/self-signed/smtpd.key smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_security_level = may smtpd_tls_session_cache_database = btree:$data_directory/smtpd_tls_session_cache spamassassin_destination_recipient_limit = 1 tls_random_source = dev:/dev/urandom transport_maps = hash:/etc/postfix/transport.cf virtual_alias_maps = proxy:mysql:/etc/postfix/mysql_virtual_alias_maps.cf virtual_gid_maps = static:5000 virtual_mailbox_base = /home/vmail virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql_virtual_domains_maps.cf virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf virtual_transport = dovecot virtual_uid_maps = static:5000
