On Wed, 2 Jan 2019 19:58:18 -0500 Viktor Dukhovni <postfix-us...@dukhovni.org> wrote:
> > On Jan 2, 2019, at 7:12 PM, Celejar <cele...@gmail.com> wrote: > > > > I'm configuring Postfix to relay mail via a smarthost, and I need to > > rewrite the sender address in order for the smarthost to accept the > > mail (and not reject it as 'relaying'). I'm using generic mapping to do > > this, and it works correctly on two of my systems (Debian Sid, > > running Postfix 3.3.2), but not on a third (Debian Stretch, running > > 3.1.8). I've tried all sorts of adjustments and debugging, and I'm at > > my wits' end. Below is the configuration and logging from the broken > > system: > > smtp_generic_maps (a.k.a. generic_maps) is (not surprisingly), done > in the smtp(8) delivery agent in real-time as the message is being > sent, and not in trivial-rewrite, which only resolves addresses > to standard form and resolves to a transport. Hence the "trivial" > in the name. > > Pre-queue rewriting (masquerading, canonical_maps and virtual_alias_maps > for just the recipient) happens in cleanup(8). Post-queue rewriting > happens in delivery agents, with just transport resolution in trivial > rewrite called from the queue-manager in between. > > Because the queue manager logs the envelope sender prior to delivery, > it always logs the original value, and recipient logging in delivery > agents is also the form before generic rewriting. The output of > generic rewriting is not logged on the sending system (except perhaps > in verbose logging that should not normally be enabled). Ah, okay - thanks for clearing this up. I was following the instructions in DEBUG_README, which say: To diagnose problems with address rewriting specify a "-v" option for the cleanup(8) and/or trivial-rewrite(8) daemon and the ADDRESS_REWRITING_README classifies "Generic mapping for outgoing SMTP mail" as a form of "Address rewriting when mail is delivered". I suggest that the instructions in DEBUG_README be clarified to distinguish between the different forms of address rewriting. As to the underlying problem, I may have figured it out: I switched to using canonical mapping, since that gets properly logged, and I saw that the rewrite is indeed happening correctly on all systems - but one still has the mail rejected, while the others get it accepted. I suspected that the problem may be in the way the email 'From:' header is being rewritten, and I used smtp_header_checks to investigate. Sure enough, the rewrite is happening differently on the two systems: Here's the bad system: Jan 3 15:09:10 alice postfix/qmgr[17481]: B0A33AC40093: from=<aaaaa...@zoho.com>, size=257, nrcpt=1 (queue active) Jan 3 15:09:12 alice postfix/smtp[17489]: B0A33AC40093: warning: header From: aaaaa...@zoho.com (root) Jan 3 15:09:12 alice postfix/smtp[17489]: B0A33AC40093: to=<cele...@gmail.com>, relay=smtp.zoho.com[204.141.43.189]:465, delay=1.5, delays=0.1/0.1/0.88/0.4, dsn=5.0.0, status=bounced (host smtp.zoho.com[204.141.43.189] said: 553 Relaying disallowed as @ (in reply to end of DATA command)) And here's one of the good ones: Jan 3 15:14:58 lila postfix/qmgr[14708]: 9AD005E18AD: from=<aaaaa...@zoho.com>, size=249, nrcpt=1 (queue active) Jan 3 15:15:00 lila postfix/smtp[14715]: 9AD005E18AD: warning: header From: root <aaaaa...@zoho.com> Jan 3 15:15:01 lila postfix/smtp[14715]: 9AD005E18AD: to=<cele...@gmail.com>, relay=smtp.zoho.com[204.141.43.189]:465, delay=2.8, delays=0.27/0.06/1.4/1.1, dsn=2.0.0, status=sent (250 Message received) IIUC, Zoho is being picky and rejecting the first form of the rewritten 'From:' header, with ' (root)' at the end. Does this seem right? I'm no email expert, but that certainly seems a somewhat uncommon form. How can I get Postfix do do something more standard? Celejar
