On Sat, 18 May 2013, Ansgar Wiechers wrote:
On 2013-05-18 d...@safeport.com wrote:
My problem is a regexp table used to fold domains that should be
delivered to the same mailbox stopped working. I solved the problem
by adding a hash table with all the extra names. This is a big
administrative deal (to us) as it adds several thousand emails to
maintain and sync as changes are made.
This system is a postfix-cyrus running on FreeBSD 8.2
From main.cf:
[cut]
First and foremost: ALWAYS post the output of "postconf -n", NEVER the
quote the contents of main.cf. Only the former is guaranteed to be your
active configuration.
I have done this at the bottom minus the tls/sasl setup
That said, what you posted of your configuration does not list the
domain safeport.us as either a local or a relay domain. That's most
likely the reason why you get a "relay access denied". Change the line
virtual_alias_domains = $virtual_alias_maps
into this:
virtual_alias_domains = safeport.us
Furthermore, $mydestination is for local delivery of mail of which your
server is the final destination. $relay_domains is for relaying mail for
domains that your server is NOT the final destination of. Do NOT mix the
two. Remove $mydestination from $relay_domains.
Your suggestion, which works, actually spawns two questions. My setup with
relay_domains = $mydestination worked for 6+ months. The problem arose when I
upgraded our name servers to FreeBSD 9.1 and/or added another entry to the
regexp table virtual.regexp. This is a timing only observation, I do not
attribute the problem to either change. My FreeBSD mentor runs exactly the same
configuration. The only difference being his system is FreeBSD-cyrus-kerberos,
we do not use kerberos.
When I first installed postfix-cyrus I simply hacked a working configuration. As
I learned more about postfix, I assumed the relay_domains setting was required
to relay email addressed to a...@lighthouse.safeport.com or to domains in the
virtual table. Following your suggestion, I see this is not the case. It does
not however cause a problem. I originally had only relay_domains =
$mydestination, adding the other values trying to get the regexp table back in
play.
When my original configuration was working, it had to be the case that the
translation done by virtual.regexp happened before a delivery decision was made.
So I did something to cause postfix to attempt to deliver those addresses before
translation is done. I have high hopes relay_domains = virtual.regexp will
work. If not, adding another hash table should.
Email comes addressed to a...@lighthouse.safeport.com, to an address in virtual,
or to an address whose domain is translated by virtual.regexp to an address in
virtual. Messages are delivered to a cyrus mailbox (e.g. doug) or forwarded on
to an external address.
While I would love to know what happened, I thank you for a solution
Doug
_______________
postconf -n
allow_untrusted_routing = no
broken_sasl_auth_clients = yes
command_directory = /usr/local/sbin
config_directory = /usr/local/etc/postfix
daemon_directory = /usr/local/libexec/postfix
data_directory = /var/db/postfix
debug_peer_level = 2
html_directory = /usr/local/share/doc/postfix
local_recipient_maps =
mail_owner = postfix
mailbox_size_limit = 200000000
mailbox_transport = lmtp:unix:/var/imap/socket/lmtp
mailq_path = /usr/local/bin/mailq
manpage_directory = /usr/local/man
message_size_limit = 100000000
mynetworks_style = subnet
myorigin = $myhostname
newaliases_path = /usr/local/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = /usr/local/share/doc/postfix
recipient_delimiter = +
relay_domains = safeport.us
sample_directory = /usr/local/etc/postfix
sendmail_path = /usr/local/sbin/sendmail
setgid_group = maildrop
smtpd_enforce_tls = no
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated,
reject_invalid_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient,
reject_unknown_recipient_domain, eject_unknown_sender_domain,
reject_unauth_destination, check_client_access
hash:/usr/local/etc/postfix/access, reject_unauth_pipelining,
check_policy_service inet:127.0.0.1:10023, reject_rbl_client bl.spamcop.net
smtpd_use_tls = yes
unknown_local_recipient_reject_code = 450
virtual_alias_domains = $virtual_alias_maps
virtual_alias_maps = hash:/usr/local/etc/postfix/virtual
hash:/usr/local/etc/postfix/virtual1
regexp:/usr/local/etc/postfix/virtual.regexp
_____
Douglas Denault
http://www.safeport.com
d...@safeport.com
Voice: 301-217-9220
Fax: 301-217-9277
