[pfx] relayhost and backup MX
Hello list, My postfix has setup another MTA for relay host, relayhost = [relay_ip] If I setup this postfix as backup mx for a domain, such as foo.com. will messages for foo.com relay from relay_ip too, or go directly to the primary MX? Thanks in advance. -- sent from https://dkinbox.com/ ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: relayhost and backup MX
On 21.05.23 15:53, Tom Reed via Postfix-users wrote: My postfix has setup another MTA for relay host, relayhost = [relay_ip] If I setup this postfix as backup mx for a domain, such as foo.com. will messages for foo.com relay from relay_ip too, or go directly to the primary MX? messages will go TO the relay_ip unless you override it in transport_maps. example.com relay:example.com -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety. -- Benjamin Franklin, 1759 ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: relayhost and backup MX
On 21.05.23 15:53, Tom Reed via Postfix-users wrote: My postfix has setup another MTA for relay host, relayhost = [relay_ip] If I setup this postfix as backup mx for a domain, such as foo.com. will messages for foo.com relay from relay_ip too, or go directly to the primary MX? On 21.05.23 11:38, Matus UHLAR - fantomas via Postfix-users wrote: messages will go TO the relay_ip unless you override it in transport_maps. example.com relay:example.com sorry, correct: example.com relay:[primary-mx.example.com] so we don't deliver to backup MX addresses. the first example is fine for exemptions we aren't backup MX for. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. Silvester Stallone: Father of the RISC concept. ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: relayhost and backup MX
> On 21.05.23 15:53, Tom Reed via Postfix-users wrote: >>My postfix has setup another MTA for relay host, >> >>relayhost = [relay_ip] >> >>If I setup this postfix as backup mx for a domain, such as foo.com. >>will messages for foo.com relay from relay_ip too, or go directly to the >>primary MX? > > messages will go TO the relay_ip unless you override it in transport_maps. > > example.com relay:example.com > > Can backup MX use primary MX as relay server then? backup mx domain and relayed domain are different ones. Thank you. -- sent from https://dkinbox.com/ ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] per-domain header/body checks?
Hi, I'm using multi-instance postfix-3.7.2 on fedora37 and would like to be able to control which header and body checks apply to which domain in a specific instance. I'm looking for advice on the best way to do this. I have about ten domains right now, and would probably need a number of policies that control filtering for these domains. I was thinking I could create a new instance for each domain, but I only have a limited number of IP addresses. Is it possible to do this using content filters with a multi-instance postfix configuration? Do you have any examples of how this might work? I also recall reading about using a milter for this, but would that require me to develop my own application for this? Or is there one already created and supported that might help here? I've used if/endif conditionals in check_recipient_access in the past, but this doesn't work for header/body checks? I'm not sure where to start, so I'm also not sure what other config details I should provide to help make this determination. ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: per-domain header/body checks?
Alex via Postfix-users: > Hi, > I'm using multi-instance postfix-3.7.2 on fedora37 and would like to be > able to control which header and body checks apply to which domain in a > specific instance. I'm looking for advice on the best way to do this. > > I have about ten domains right now, and would probably need a number of > policies that control filtering for these domains. I was thinking I could > create a new instance for each domain, but I only have a limited number of > IP addresses. Is it possible to do this using content filters with a > multi-instance postfix configuration? Do you have any examples of how this > might work? > > I also recall reading about using a milter for this, but would that require > me to develop my own application for this? Or is there one already created > and supported that might help here? > > I've used if/endif conditionals in check_recipient_access in the past, but > this doesn't work for header/body checks? > > I'm not sure where to start, so I'm also not sure what other config details > I should provide to help make this determination. I'd say, start with one instance per domain. The 'cost' of doing so is really small. Wietse ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: per-domain header/body checks?
Wietse Venema via Postfix-users: > Alex via Postfix-users: > > Hi, > > I'm using multi-instance postfix-3.7.2 on fedora37 and would like to be > > able to control which header and body checks apply to which domain in a > > specific instance. I'm looking for advice on the best way to do this. > > > > I have about ten domains right now, and would probably need a number of > > policies that control filtering for these domains. I was thinking I could > > create a new instance for each domain, but I only have a limited number of > > IP addresses. Is it possible to do this using content filters with a > > multi-instance postfix configuration? Do you have any examples of how this > > might work? > > > > I also recall reading about using a milter for this, but would that require > > me to develop my own application for this? Or is there one already created > > and supported that might help here? > > > > I've used if/endif conditionals in check_recipient_access in the past, but > > this doesn't work for header/body checks? > > > > I'm not sure where to start, so I'm also not sure what other config details > > I should provide to help make this determination. > > I'd say, start with one instance per domain. The 'cost' of doing so > is really small. Once you run out of IP addresses, you will need policy selection based on the recipient domain. For example: internet -> front-end Postfix instance -> filter -> back-end Postfix instance The front-end Postfix instance uses transport_maps to select a suitable filter. example.com: smtp: example.org: smtp: Each filter then delivers to the back-end Postfix. Wietse ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: content filter sends mail twice
Hi,
Can I follow up on this? I can't figure out why always_bcc mail is being
sent through the default content filter while mail designated for my
domain-specific transport is sent through another in my multi-instance
postfix config. I'd like the always_bcc user mail to still benefit from
being filtered through amavis, but through the transport designed for the
domain for which it was intended.
local_transport = error:5.1.1 Mailbox unavailable
default_transport = smtp:[127.0.0.1]:10024
relay_transport = $default_transport
virtual_transport = $default_transport
transport_maps = ${indexed}transport
/etc/postfix-120/transport
domain1.comalex:[127.0.0.1]:10029
I've tried adding "receive_override_options = no_address_mappings" in
main.cf but it seems to be ignored.
I thought it might be helpful to show the log entries (except for the more
involved amavisd entries). cable.example.com is my mail router. domain1.com
is the recipient domain. I believe this shows how the mail goes from
gmail.com to the domain1.com transport on port 10029 (amavisd). Both emails
were then sent back to postfix-out on 10025 to be relayed on (or the
always_bcc user to be delivered locally).
Maybe this is even the preferred approach? I'm not used to seeing it this
way, but I would think the transport corresponding with the recipient would
be the one that should be used for the always_bcc user.
May 21 13:40:12 cable postfix-120/qmgr[3714211]: 494948B53: from=<
mysqlstud...@gmail.com>, size=3214, nrcpt=2 (queue active)
May 21 13:40:12 cable amavis[3558243]: (3558243-06) ESMTP [127.0.0.1]:10024
/var/spool/amavisd/tmp/amavis-20230521T020900-3558243-jefENl_V: <
mysqlstud...@gmail.com> -> SIZE=3214 Received:
from cable.example.com ([145.239.111.120]) by localhost (cable.example.com
[127.0.0.1]) (amavis, port 10024) with ESMTP for ;
Sun, 21 May 2023 13:40:12 -0400 (EDT)
May 21 13:40:12 cable amavis[3558246]: (3558246-06) ESMTP [127.0.0.1]:10029
/var/spool/amavisd/tmp/amavis-20230521T032452-3558246-T4MBowCR: <
mysqlstud...@gmail.com> -> Received: from
cable.example.com ([145.239.111.120]) by localhost (cable.example.com
[127.0.0.1]) (amavis, port 10029) with ESMTP for ; Sun,
21 May 2023 13:40:12 -0400 (EDT)
May 21 13:40:18 cable amavis[3558246]: (3558246-06) yz4rjN5FRAbF FWD from <
mysqlstud...@gmail.com> -> , BODY=7BIT 250 2.0.0 from
MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 0671630014B43
May 21 13:40:18 cable amavis[3558243]: (3558243-06) 1GoUW-HU8Lsg FWD from <
mysqlstud...@gmail.com> -> , BODY=7BIT 250
2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as
070A730014B58
May 21 13:40:18 cable postfix/alex/smtp[3719703]: 494948B53: to=<
jre...@domain1.com>, relay=127.0.0.1[127.0.0.1]:10029, delay=6.9,
delays=1.2/0.02/0.01/5.7, dsn=2.0.0, status=sent (250 2.0.0 from
MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 0671630014B43)
May 21 13:40:19 cable postfix-out/smtp[3719782]: 0671630014B43: to=<
jre...@domain1.com>, relay=68.195.111.42[68.195.111.42]:25, delay=1.2,
delays=0.01/0.02/0.82/0.33, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as
E293A8078BEB)
Thanks,
Alex
>> > Maybe my issue is that the always_bcc user is going through a transport
>> at
>> > all, and instead should just be delivered locally, or perhaps processed
>> > only by the local_transport? How can I do that?
>> >
>> > I recall many years ago doing that, before I set up multi-instance
>> postfix.
>>
>> A not uncommon issue is that virtual alias expansion or other address
>> rewriting actions are performed twice, once on each side of a
>> content_filter. This is covered in the "Advanced content filter:
>> requesting that all mail is filtered" section of:
>>
>> http://www.postfix.org/FILTER_README.html#advanced_filter
>>
>> (receive_override_options).
>>
>> And of course you can always go multi-instance, and configure suitable
>> rewriting for the pre and post filter instances.
>>
>
> Yes, that's exactly what I'd like to do. I have multi-instance already
> configured, but adding always_bcc to postfix-out doesn't seem to work.
>
> I've also just experimented with "receive_override_options =
> no_address_mappings" (I also remember doing that many years ago, but would
> have never been able to figure that out on my own this time), and it now
> just doesn't actually create a copy of the email for the always_bcc user.
>
> Ideas on how to do it in my postfix-out instance? Ideally, I'd like it to
> have been processed by amavis so I can benefit from the additional header
> info.
>
>
>
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: per-domain header/body checks?
Hi, On Sun, May 21, 2023 at 12:39 PM Wietse Venema via Postfix-users < postfix-users@postfix.org> wrote: > Wietse Venema via Postfix-users: > > Alex via Postfix-users: > > > Hi, > > > I'm using multi-instance postfix-3.7.2 on fedora37 and would like to be > > > able to control which header and body checks apply to which domain in a > > > specific instance. I'm looking for advice on the best way to do this. > > > > > > I have about ten domains right now, and would probably need a number of > > > policies that control filtering for these domains. I was thinking I > could > > > create a new instance for each domain, but I only have a limited > number of > > > IP addresses. Is it possible to do this using content filters with a > > > multi-instance postfix configuration? Do you have any examples of how > this > > > might work? > > > > > > I also recall reading about using a milter for this, but would that > require > > > me to develop my own application for this? Or is there one already > created > > > and supported that might help here? > > > > > > I've used if/endif conditionals in check_recipient_access in the past, > but > > > this doesn't work for header/body checks? > > > > > > I'm not sure where to start, so I'm also not sure what other config > details > > > I should provide to help make this determination. > > > > I'd say, start with one instance per domain. The 'cost' of doing so > > is really small. > > Once you run out of IP addresses, you will need policy selection > based on the recipient domain. For example: > > internet -> front-end Postfix instance -> filter -> back-end Postfix > instance > > The front-end Postfix instance uses transport_maps to select a suitable > filter. > > example.com: smtp: > example.org: smtp: > > Each filter then delivers to the back-end Postfix. > This implies one IP per domain as well, correct? Which then also means one MX for each domain, plus a backup. This is my current postmulti setup for this server: $ postmulti -l - - y /etc/postfix postfix-out mta y /etc/postfix-out postfix-120 mta y /etc/postfix-120 In your above scenario, the filter instance is my postfix-120, correct? This is where I would add the header and body checks? ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: per-domain header/body checks?
I'm using multi-instance postfix-3.7.2 on fedora37 and would like to be able to control which header and body checks apply to which domain in a specific instance. I'm looking for advice on the best way to do this. I'd say, start with one instance per domain. The 'cost' of doing so is really small. Or the more specialized/complex way is to custom code a scripting milter with like MIMEDefang or MailMunge. ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: per-domain header/body checks?
Alex via Postfix-users: > > > I'd say, start with one instance per domain. The 'cost' of doing so > > > is really small. > > > > Once you run out of IP addresses, you will need policy selection > > based on the recipient domain. For example: > > > > internet -> front-end Postfix instance -> filter -> back-end Postfix > > instance > > > > The front-end Postfix instance uses transport_maps to select a suitable > > filter. > > > > example.com: smtp: > > example.org: smtp: > > > > Each filter then delivers to the back-end Postfix. > > > > This implies one IP per domain as well, correct? No. One front-end instance can receive mail for N domains, and they can share (MX) IP addresses. You can have multiple front ends, again that is not required for per-domain filters to work. Wietse ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: per-domain header/body checks?
Hi, On Sun, May 21, 2023 at 4:41 PM Wietse Venema via Postfix-users < postfix-users@postfix.org> wrote: > Alex via Postfix-users: > > > > I'd say, start with one instance per domain. The 'cost' of doing so > > > > is really small. > > > > > > Once you run out of IP addresses, you will need policy selection > > > based on the recipient domain. For example: > > > > > > internet -> front-end Postfix instance -> filter -> back-end > Postfix > > > instance > > > > > > The front-end Postfix instance uses transport_maps to select a suitable > > > filter. > > > > > > example.com: smtp: > > > example.org: smtp: > > > > > > Each filter then delivers to the back-end Postfix. > > > > > > > This implies one IP per domain as well, correct? > > No. One front-end instance can receive mail for N domains, and they > can share (MX) IP addresses. > > You can have multiple front ends, again that is not required for > per-domain filters to work. > I'm starting to understand and really appreciate your help. Can I ask you to provide me with an example of what you mean? Are you referring to what's outlined in FILTER_README as an after-queue filter? How would I reference my header_checks.pcre from within the shell script filter? example.com: smtp:/usr/bin/filter-example.com.sh I would then need to send the email to the port where amavisd is listening to process mail for that specific domain, correct? amavisd would then send the email to the back-end postfix to be delivered. ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: per-domain header/body checks?
Alex via Postfix-users: > Hi, > > On Sun, May 21, 2023 at 4:41?PM Wietse Venema via Postfix-users < > postfix-users@postfix.org> wrote: > > > Alex via Postfix-users: > > > > > I'd say, start with one instance per domain. The 'cost' of doing so > > > > > is really small. > > > > > > > > Once you run out of IP addresses, you will need policy selection > > > > based on the recipient domain. For example: > > > > > > > > internet -> front-end Postfix instance -> filter -> back-end > > Postfix > > > > instance > > > > > > > > The front-end Postfix instance uses transport_maps to select a suitable > > > > filter. > > > > > > > > example.com: smtp: > > > > example.org: smtp: > > > > > > > > Each filter then delivers to the back-end Postfix. > > > > > > This implies one IP per domain as well, correct? > > > > No. One front-end instance can receive mail for N domains, and they > > can share (MX) IP addresses. > > > > You can have multiple front ends, again that is not required for > > per-domain filters to work. > > I'm starting to understand and really appreciate your help. Can I ask you > to provide me with an example of what you mean? Are you referring to what's That is shown above, expressed in terms of transport maps and customized content filters in-between general-purpose Postfix instances. header/body checks don't generalize beyond narrow use cases. Wietse ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: per-domain header/body checks?
Hi, > > > > internet -> front-end Postfix instance -> filter -> back-end > > > Postfix > > > > > instance > > > > > > > > > > The front-end Postfix instance uses transport_maps to select a > suitable > > > > > filter. > > > > > > > > > > example.com: smtp: > > > > > example.org: smtp: > > > > > > > > > > Each filter then delivers to the back-end Postfix. > > > > > > > > This implies one IP per domain as well, correct? > > > > > > No. One front-end instance can receive mail for N domains, and they > > > can share (MX) IP addresses. > > > > > > You can have multiple front ends, again that is not required for > > > per-domain filters to work. > > > > I'm starting to understand and really appreciate your help. Can I ask you > > to provide me with an example of what you mean? Are you referring to > what's > > That is shown above, expressed in terms of transport maps and > customized content filters in-between general-purpose Postfix > instances. > > header/body checks don't generalize beyond narrow use cases. > I'm trying really hard, but I just don't understand what you mean. I set up multi-instance with Viktor's help some time ago, where each instance essentially processes mail for a somewhat related group of domains. Adding transport maps to the front-end instance would be different than what I remember doing with Viktor. I don't have any content filters set up in the front-end postfix. How do I connect the front-end postfix with the filters? I think this is something I can implement, but I need more of a description of how it should work, please. ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: per-domain header/body checks?
Alex via Postfix-users: > Hi, > > > > > > internet -> front-end Postfix instance -> filter -> back-end > > > > Postfix > > > > > > instance > > > > > > > > > > > > The front-end Postfix instance uses transport_maps to select a > > suitable > > > > > > filter. > > > > > > > > > > > > example.com: smtp: > > > > > > example.org: smtp: > > > > > > > > > > > > Each filter then delivers to the back-end Postfix. > > > > > > > > > > This implies one IP per domain as well, correct? > > > > > > > > No. One front-end instance can receive mail for N domains, and they > > > > can share (MX) IP addresses. > > > > > > > > You can have multiple front ends, again that is not required for > > > > per-domain filters to work. > > > > > > I'm starting to understand and really appreciate your help. Can I ask you > > > to provide me with an example of what you mean? Are you referring to > > what's > > > > That is shown above, expressed in terms of transport maps and > > customized content filters in-between general-purpose Postfix > > instances. > > > > header/body checks don't generalize beyond narrow use cases. > > > > I'm trying really hard, but I just don't understand what you mean. I set up > multi-instance with Viktor's help some time ago, where each instance > essentially processes mail for a somewhat related group of domains. Adding > transport maps to the front-end instance would be different than what I > remember doing with Viktor. > > I don't have any content filters set up in the front-end postfix. How do I > connect the front-end postfix with the filters? > > I think this is something I can implement, but I need more of a description > of how it should work, please. According to the subject, you appear to be looking for per-domain header/body check. That is not the right tool, and I would not spend my cycles on a design for that. Instead I recommend filters between a front and back-end instance, using transport_maps to select a filter depending on the domain. I recall that you are familiar with Amavis as a content filter. That would be a better tool for the job. Each domain can then have its own Amavis config that receives mail on its own port. Wietse ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: per-domain header/body checks?
Hi, > According to the subject, you appear to be looking for per-domain > header/body check. That is not the right tool, and I would not > spend my cycles on a design for that. > > Instead I recommend filters between a front and back-end instance, > using transport_maps to select a filter depending on the domain. > I recall that you are familiar with Amavis as a content filter. > That would be a better tool for the job. Each domain can then have > its own Amavis config that receives mail on its own port. > I am coming to the same realization. Thank you so much. ___ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: per-domain header/body checks?
On Sun, May 21, 2023 at 06:26:34PM -0400, Alex via Postfix-users wrote:
> I don't have any content filters set up in the front-end postfix. How do I
> connect the front-end postfix with the filters?
For per-domain message content modification you need to first "split the
envelope", so that each copy of the original message has recipients for
just one domain. This is of course of the case already, because the
envelope was split by recipient domain at the source MTA, but some MTAs
can detect that multiple domains share the same MX host(s) and send a
single message for multiple recipient domains.
There are two ways to split the envelope:
- Use multiple (logical) MX hosts.
* If the domain count is small enough, and you have sufficiently
many (IPv4) addresses, you can set up a separate front-end
instance for each domain.
- Use a single MX host, and do the content modification in
multiple backend instances.
* This requires a separate backend port(!) per-domain. All
the backend instances can listen on different ports of the same
loopback IP addresses.
Outline:
* Multi-instance configuration with a single frontend instance
receiving SMTP traffic from the public Internet on behalf of all the
domains.
foo.example. IN MX 0 smtp.shared.example.
bar.example. IN MX 0 smtp.shared.example.
baz.example. IN MX 0 smtp.shared.example.
* Frontend instance (smtp.shared.example), splits the envelope:
main.cf:
# Listens on the public IP address
inet_interfaces = 192.0.2.1
relay_domains = foo.example, bar.example, baz.example
relay_recipient_maps = ...
transport_maps = inline:{
{ foo.example = scan:127.0.0.1:25001 }
{ bar.example = scan:127.0.0.1:25002 }
{ baz.example = scan:127.0.0.1:25003 }
}
default_transport = scan:127.0.0.1:25000
master.cf:
scan unix ... smtp
-o smtp_send_xforward_command=yes
* Backend instances implement per-domain message content modification:
"foo" instance:
main.cf:
inet_interfaces = 127.0.0.1
smtpd_authorized_xforward_hosts = 127.0.0.1
master.cf:
25001 inet ... smtpd
"bar" instance:
main.cf:
inet_interfaces = 127.0.0.1
smtpd_authorized_xforward_hosts = 127.0.0.1
master.cf:
25002 inet ... smtpd
"baz" instance:
main.cf:
inet_interfaces = 127.0.0.1
smtpd_authorized_xforward_hosts = 127.0.0.1
master.cf:
25003 inet ... smtpd
"default" instance: handles outbound messages, e.g. bounces,
or recipient domains that don't need custom processing.
main.cf:
inet_interfaces = 127.0.0.1
smtpd_authorized_xforward_hosts = 127.0.0.1
master.cf:
25000 inet ... smtpd
The content transformations can be per-backend milters, per-backend
content_filters, or just header/body checks if sufficient. In each
backend instance the recipients will all be in the dedicated domain.
You can also deploy multiple amavis or similar SMTP proxies to listen
on the 127.0.0.1:2500X ports, and do the content filtering "in-flight".
Always consider how bounces will be routed, and also locally generated
mail from cron, ...
--
Viktor.
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
[pfx] Re: content filter sends mail twice
On Sun, May 21, 2023 at 02:05:31PM -0400, Alex via Postfix-users wrote:
> Can I follow up on this? I can't figure out why always_bcc mail is being
> sent through the default content filter while mail designated for my
> domain-specific transport is sent through another in my multi-instance
> postfix config. I'd like the always_bcc user mail to still benefit from
> being filtered through amavis, but through the transport designed for the
> domain for which it was intended.
The BCC recipient is processed in much the same way as any other message
recipient. The only special handling that comes to mind is DSN, where
this recipient is treated as if NOTIFY=NEVER were specified.
> local_transport = error:5.1.1 Mailbox unavailable
> default_transport = smtp:[127.0.0.1]:10024
> relay_transport = $default_transport
> virtual_transport = $default_transport
> transport_maps = ${indexed}transport
Perhaps the BCC recipient (domain) did not match any transport
table keys, but the real recipient did?
>
> /etc/postfix-120/transport
> domain1.comalex:[127.0.0.1]:10029
What is the domain part of the always BCC address.
> May 21 13:40:12 cable postfix-120/qmgr[3714211]: 494948B53: from=<
> mysqlstud...@gmail.com>, size=3214, nrcpt=2 (queue active)
This message has two recipients, one original and one BCC.
> May 21 13:40:12 cable amavis[3558243]: (3558243-06) ESMTP [127.0.0.1]:10024
> /var/spool/amavisd/tmp/amavis-20230521T020900-3558243-jefENl_V: <
> mysqlstud...@gmail.com> -> SIZE=3214 Received:
> from cable.example.com ([145.239.111.120]) by localhost (cable.example.com
> [127.0.0.1]) (amavis, port 10024) with ESMTP for ;
> Sun, 21 May 2023 13:40:12 -0400 (EDT)
The Bcc address does not match
"domain1.com", and unsurprisingly went to the default transport.
> May 21 13:40:18 cable postfix/alex/smtp[3719703]: 494948B53: to=<
> jre...@domain1.com>, relay=127.0.0.1[127.0.0.1]:10029, delay=6.9,
> delays=1.2/0.02/0.01/5.7, dsn=2.0.0, status=sent (250 2.0.0 from
> MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 0671630014B43)
You neglected to share the other delivery log entry. Presumably BCC
address via port 10024.
The BCC address does not "inherit" the transport entry of any particular
original recipient of the message, it gets resolved to a
transport:nexthop "naturally".
--
Viktor.
___
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
