Re: Mysql virtual + unionmap

Sun, 28 Mar 2021 22:35:41 -0700 

On Mon, Mar 29, 2021 at 12:35:39AM +0200, Gaëtan DEPRÉ wrote:

> I’d like x...@mydomain.dom being able to send mails from y...@mydomain.dom.
>
> The actual error is : 5.7.1 y...@domain.dom: Sender address rejected: not 
> owned by user x...@domain.dom

Have you tested your unionmap?  For a minimal example:

    $ postmap -q foo "unionmap:{static:bar,static:baz}"
    bar,baz

In your case the lookup key is the sender address, so it would be

    $ postmap -q y...@mydomain.dom "..."

where "..." is detailed below.

> I added this line in master.cf (just before mua restrictions) :
>     -o 
> smtpd_sender_login_maps=unionmap:{mysql:/etc/postfix/sql/sender-login-maps.cf,mysql:/etc/postfix/sql/sender_delegate_checks.cf}

It is far better to write the definion in main.cf, via:

    master.cf:
        -o smtpd_sender_login_maps=$mua_sender_login_maps

    main.cf:
        mua_sender_login_maps =
            
unionmap:{mysql:/etc/postfix/sql/sender-login-maps.cf,mysql:/etc/postfix/sql/sender_delegate_checks.cf}

making sure to add the override to *all* the submission-related
master.cf entries (port 587 and 465 if both are in use).

In which case you'd write:

    $ postmap -q y...@mydomain.dom "$(postconf -xh mua_sender_login_maps)"

but, given that the map files contain passwors, perhaps they're not
world-readable.  If so, run the command as "root".

For bonus points, with the submission entry assumed to be
"submission/inet", you could run either or both of:

    $ postmap -q y...@mydomain.dom "$(postconf -Phx 
submission/inet/smtpd_sender_login_maps)"
    $ postmap -q y...@mydomain.dom "$(postconf -Phx 
smtps/inet/smtpd_sender_login_maps)"

and report the output.

> query = SELECT email as user FROM virtual_users WHERE email='%s'
> query = SELECT owned as user FROM virtual_delegation WHERE owner='%s'
>
> MariaDB [mailserver]> select * from virtual_delegation;
> +----+----------------------+-------------------------+
> | id | owner                | owned                   |
> +----+----------------------+-------------------------+
> |  1 | x...@domain.dom       | y...@domain.dom          |
> +----+----------------------+-------------------------+

The second query is backwards, it should be:

    query = SELECT owner as user FROM virtual_delegation WHERE owned='%s'

-- 
    Viktor.

Reply via email to