Well, from reading the subject I feel I made an obvious mistake and I lost something when I read the documentation. I asked many people and tried ServerFault to no avail and I'm tired of banging my head against the wall.
I'm trying to set up a very low traffic postfix mail server using: - A Simple content filter (http://www.postfix.org/FILTER_README.html#simple_filter). It's way simpler than the advanced one and the traffic is low. - dovecot as a delivery agent. (Because of maildir quotas and sieve filters) - `always_bcc` to keep copies of every mail sent. (Bussiness rules) My relevant configs are: master.cf ---------- smtp inet n - y - - smtpd -o content_filter=filter:dummy pickup unix n - y 60 1 pickup cleanup unix n - y - 0 cleanup qmgr unix n - n 300 1 qmgr tlsmgr unix - - y 1000? 1 tlsmgr rewrite unix - - y - - trivial-rewrite bounce unix - - y - 0 bounce defer unix - - y - 0 bounce trace unix - - y - 0 bounce verify unix - - y - 1 verify flush unix n - y 1000? 0 flush proxymap unix - - n - - proxymap proxywrite unix - - n - 1 proxymap smtp unix - - y - - smtp relay unix - - y - - smtp -o syslog_name=postfix/$service_name showq unix n - y - - showq error unix - - y - - error retry unix - - y - - error discard unix - - y - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - y - - lmtp anvil unix - - y - 1 anvil scache unix - - y - 1 scache postlog unix-dgram n - n - 1 postlogd uucp unix - n n - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) filter unix - n n - 10 pipe flags=Rq user=filter null_sender= argv=/var/spool/filter/scripts/filter.sh -f ${sender} -- ${recipient} dovecot unix - n n - - pipe flags=DRhu user=vmail:mail argv=/usr/lib/dovecot/dovecot-lda -f ${sender} -d ${recipient} ---------- main.cf (relevant parts only) ---------- always_bcc = seccopies@mydomain.example virtual_transport = dovecot dovecot_destination_recipient_limit = 1 ---------- /var/spool/filter/scripts/filter.sh ---------- #!/bin/sh /usr/bin/cat | /var/spool/filter/scripts/mailfilter | /usr/sbin/sendmail -G -i "$@" exit $? ---------- - All my users have emails in "(Initial).surname@mydomain.example" format - There are security groups that act as roles and each one has emails in "role@mydomain.example" format. - Basically, a role email function as an alias to several users. So, I can reuse the same Roles/Groups I use to set permissions, and not using the users directly. For example - my user email is y.hernandez@mydomain.example - I'm a member of role I.T.Department (informatics@mydomain.example) - I'm a member of some other roles, but my main role is "I.T.Department" - Because I'm a member of this group/role I have certain privileges, as the other members and every mail sent to informatics@mydomain.example will reach me and the other members. So far, so good... But my boss wants that every mail I send uses the informatics@mydomain.example (role) address instead of y.hernandez@mydomain.example (user). i.e., that every mail sent uses the principal role email, not the user email. `/var/spool/filter/scripts/mailfilter` is an in-house made filter that just does that (changes "from" addresses from "(Initial).surname@" to "role@" checking an LDAP server). It never fails (In case of any error condition, it just copies standard input into standard output and no modification is made, so no address change, but the mail is not lost). The problem is, when I send an email, it delivers two copies to seccopies@mydomain.example as seen in the logs, not one copy as expected. ---------- Dec 16 16:23:08 correo2 postfix/smtpd[32453]: connect from informatica1.mydomain.example[10.128.159.15] Dec 16 16:23:08 correo2 postfix/smtpd[32453]: DD925380C87: client=informatica1.mydomain.example[10.128.159.15], sasl_method=LOGIN, sasl_username=y.hernandez@mydomain.example Dec 16 16:23:08 correo2 postfix/cleanup[32456]: DD925380C87: message-id=<002401d91194$982edba0$c88c92e0$@mydomain.example> Dec 16 16:23:09 correo2 postfix/qmgr[32275]: DD925380C87: from=<y.hernandez@mydomain.example>, size=2749, nrcpt=2 (queue active) Dec 16 16:23:09 correo2 postfix/pickup[32274]: AAFEF380C8D: uid=110 from=<y.hernandez@mydomain.example> Dec 16 16:23:09 correo2 postfix/pipe[32457]: DD925380C87: to=<seccopies@mydomain.example>, relay=filter, delay=0.81, delays=0.11/0/0/0.7, dsn=2.0.0, status=sent (delivered via filter service) Dec 16 16:23:09 correo2 postfix/pipe[32457]: DD925380C87: to=<y.hernandez@mydomain.example>, orig_to=<informatics@mydomain.example>, relay=filter, delay=0.81, delays=0.11/0/0/0.7, dsn=2.0.0, status=sent (delivered via filter service) Dec 16 16:23:09 correo2 postfix/qmgr[32275]: DD925380C87: removed Dec 16 16:23:09 correo2 postfix/cleanup[32456]: AAFEF380C8D: message-id=<002401d91194$982edba0$c88c92e0$@mydomain.example> Dec 16 16:23:09 correo2 postfix/qmgr[32275]: AAFEF380C8D: from=<y.hernandez@mydomain.example>, size=2927, nrcpt=3 (queue active) Dec 16 16:23:10 correo2 dovecot: lda(seccopies@mydomain.example)<32488><2DSfML3hnGPofgAA0V72BQ>: msgid=<002401d91194$982edba0$c88c92e0$@mydomain.example>: saved mail to INBOX Dec 16 16:23:10 correo2 postfix/pipe[32473]: AAFEF380C8D: to=<seccopies@mydomain.example>, relay=dovecot, delay=1.1, delays=0.79/0/0/0.28, dsn=2.0.0, status=sent (delivered via dovecot service) Dec 16 16:23:10 correo2 dovecot: lda(seccopies@mydomain.example)<32490><Au2fML3hnGPqfgAA0V72BQ>: msgid=<002401d91194$982edba0$c88c92e0$@mydomain.example>: saved mail to INBOX Dec 16 16:23:10 correo2 postfix/pipe[32471]: AAFEF380C8D: to=<seccopies@mydomain.example>, relay=dovecot, delay=1.1, delays=0.79/0/0/0.34, dsn=2.0.0, status=sent (delivered via dovecot service) Dec 16 16:23:10 correo2 dovecot: lda(y.hernandez@mydomain.example)<32489><BE2gML3hnGPpfgAA0V72BQ>: msgid=<002401d91194$982edba0$c88c92e0$@mydomain.example>: saved mail to INBOX Dec 16 16:23:10 correo2 postfix/pipe[32470]: AAFEF380C8D: to=<y.hernandez@mydomain.example>, relay=dovecot, delay=1.1, delays=0.79/0/0/0.35, dsn=2.0.0, status=sent (delivered via dovecot service) Dec 16 16:23:10 correo2 postfix/qmgr[32275]: AAFEF380C8D: removed Dec 16 16:23:11 correo2 postfix/smtpd[32453]: disconnect from informatica1.mydomain.example[10.128.159.15] ehlo=1 auth=1 mail=1 rcpt=1 data=1 quit=1 commands=6 ---------- uid=110 is "filter" user uid. "From" is only changed in the headers, inside of the email, so it doesn't show on the logs. Everything is running as it should be except this double delivery detail. I haven't tried, but I am sure that if I remove dovecot from the equation, it all works. But I lose the sieve rules and maildir quotas. So... Any idea of how I can fix it?
