I'm using Postfix 3.2.0 from the FreeBSD ports collection
I experienced that access maps matches sub domains, even though
parent_domain_matches_subdomains is set to an empty value.
What did I miss? I only want the access map to match specific domain,
not sub domains.
The log show the access map only have the domain "spambox.dk" but this
apparently is matching "test.spambox.dk" as well:
--cut--
postfix/smtpd[53271]: generic_checks: name=check_recipient_access
status=0
postfix/smtpd[53271]: generic_checks: name=check_recipient_access
postfix/smtpd[53271]: check_mail_access: t...@test.spambox.dk
postfix/smtpd[53271]: ctable_locate: leave existing entry key
t...@example.com?t...@test.spambox.dk
postfix/smtpd[53271]: maps_find:
hash:/usr/local/etc/postfix/access_aliases.hash: t...@test.spambox.dk:
not found
postfix/smtpd[53271]: maps_find:
hash:/usr/local/etc/postfix/access_aliases.hash: test.spambox.dk: not
found
postfix/smtpd[53271]: maps_find:
hash:/usr/local/etc/postfix/access_aliases.hash:
hash:/usr/local/etc/postfix/access_aliases.hash(0,lock|fold_fix|utf8_request):
spambox.dk = OK
postfix/smtpd[53271]: mail_addr_find: t...@test.spambox.dk -> OK
postfix/smtpd[53271]: check_table_result:
hash:/usr/local/etc/postfix/access_aliases.hash OK t...@test.spambox.dk
--cut--
Postconf -n output:
--cut--
alias_database = hash:/etc/mail/aliases
alias_maps = hash:/etc/mail/aliases
biff = no
command_directory = /usr/local/sbin
compatibility_level = 2
daemon_directory = /usr/local/libexec/postfix
data_directory = /var/db/postfix
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd
$daemon_directory/$process_name $process_id & sleep 5
delay_warning_time = 4h
disable_vrfy_command = yes
html_directory = /usr/local/share/doc/postfix
inet_protocols = ipv4
mail_owner = postfix
mailbox_size_limit = 0
mailq_path = /usr/local/bin/mailq
manpage_directory = /usr/local/man
message_size_limit = 51200000
meta_directory = /usr/local/libexec/postfix
mynetworks = 127.0.0.0/8
mynetworks_style = host
newaliases_path = /usr/local/bin/newaliases
notify_classes = bounce, 2bounce, delay, resource, software
parent_domain_matches_subdomains =
policyd-spf_time_limit = 3600
queue_directory = /var/spool/postfix
readme_directory = /usr/local/share/doc/postfix
sample_directory = /usr/local/etc/postfix
sendmail_path = /usr/local/sbin/sendmail
setgid_group = maildrop
shlib_directory = /usr/local/lib/postfix
show_user_unknown_table_name = no
smtp_connection_cache_on_demand = no
smtp_tls_CAfile = /usr/local/share/certs/ca-root-nss.crt
smtp_tls_ciphers = medium
smtp_tls_loglevel = 1
smtp_tls_mandatory_protocols = !SSLv2, !SSLv3
smtp_tls_policy_maps =
hash:/usr/local/etc/postfix/maps_smtp_tls_policy.hash
smtp_tls_protocols = !SSLv2, !SSLv3
smtp_tls_security_level = may
smtpd_authorized_xforward_hosts = 127.0.0.1
smtpd_client_restrictions = permit_mynetworks, check_client_access
hash:/usr/local/etc/postfix/access_client.hash
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_discard_ehlo_keywords = silent-discard, dsn
smtpd_hard_error_limit = 5
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, check_helo_access
hash:/usr/local/etc/postfix/access_helo.hash, check_helo_access
hash:/usr/local/etc/postfix/access_helo_domain.hash
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated, reject_non_fqdn_recipient,
check_policy_service unix:private/policyd-spf
smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated,
check_recipient_access
pcre:/usr/local/etc/postfix/access_recipient.pcre,
check_recipient_access
hash:/usr/local/etc/postfix/access_recipient.hash,
check_recipient_access hash:/usr/local/etc/postfix/access_aliases.hash,
reject
smtpd_sender_restrictions = permit_mynetworks, reject_non_fqdn_sender,
check_sender_access pcre:/usr/local/etc/postfix/access_sender.pcre,
check_sender_access hash:/usr/local/etc/postfix/access_sender.hash,
check_sender_access
hash:/usr/local/etc/postfix/access_sender_domain.hash
smtpd_soft_error_limit = 2
smtpd_tls_cert_file = /etc/ssl/ssl.crt
smtpd_tls_ciphers = medium
smtpd_tls_dh1024_param_file = /usr/local/etc/postfix/dh2048.pem
smtpd_tls_dh512_param_file = /usr/local/etc/postfix/dh2048.pem
smtpd_tls_eecdh_grade = strong
smtpd_tls_key_file = /etc/ssl/ssl.key
smtpd_tls_loglevel = 1
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
smtpd_tls_protocols = !SSLv2, !SSLv3
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtputf8_enable = no
strict_rfc821_envelopes = yes
tls_random_exchange_name = /var/db/postfix/prng_exch
transport_maps = hash:/usr/local/etc/postfix/maps_transport.hash
unknown_local_recipient_reject_code = 550
--cut--
Best regards
Henrik Larsson
