Loading ...
Sorry, an error occurred while loading the content.

279126Re: Accepting email regardless of address

Expand Messages
  • Jirka Bourek
    Aug 3, 2011
      Noel Jones wrote:
      > On 8/2/2011 9:31 AM, Jason Gauthier wrote:
      >> Greetings,
      >>
      >> Due to a new business requirement, I need to make a change with postfix that I am not certain how to handle.
      >> First, I use postfix as a relay only system. It does not do local delivery. Once it does it's tasks it passes the email to a backend email system.
      >> On the frontend, postfix handles several domains, and will bounce unknown email by using relay_recipients:
      >> relay_recipient_maps = hash:/etc/postfix/relay_recipients
      >>
      >> relay_recipients is populated from backend from legitimate email addresses. These makes the postfix system a nice 'bouncer' for unknowns :)
      >>
      >> Now, my requirements have changes. I have acquired a domain, we'll call it xyz.com. I don't host it, and never have. Therefore, I do not know what email addresses are valid. I would like to capture *any* email address sent to xyz.com and accept it, and deliver it somehow.
      >>
      >> I'm not sure how to accomplish this task yet, and looking for ideas. One inchoate idea I have, is translating all the email address to 'xyz.com' to an existing, valid, email address.
      >>
      >
      > [We use the term "reject" rather than "bounce". Reject means your
      > server never accepts the undeliverable mail, which is good. Bounce
      > means you accept the mail and then return it to the (frequently
      > forged) sender address, which is bad. Bouncing undeliverable mail
      > will clog up your mail server with undeliverable messages and will
      > eventually get you blacklisted.]
      >
      >
      >
      > First, to accept mail for that domain add the new domain to
      > relay_domains.
      > # main.cf
      > relay_domains =
      > ... exiting domains ...
      > xyz.example
      >
      >
      > Since you don't have a list of valid recipients for that domain, add
      > a wildcard for that domain to relay_recipient_maps and use recipient
      > address verification.
      > http://www.postfix.org/postconf.5.html#relay_recipient_maps
      > http://www.postfix.org/ADDRESS_VERIFICATION_README.html#recipient
      >
      > # relay_recipient
      > ... existing entries ...
      > @... OK
      >
      >
      > # main.cf
      > smtpd_recipient_restrictions =
      > permit_mynetworks
      > # permit_sasl_authenticated
      > reject_unauth_destination
      > check_recipient_access hash:/etc/postfix/verify_xyz
      > ... other existing stuff ...
      >
      > # verify_xyz
      > xyz.example reject_unverified_recipient
      >
      >
      >
      > Finally, to direct the accepted mail to the proper server, use a
      > transport_maps entry
      > http://www.postfix.org/postconf.5.html#transport_maps
      > http://www.postfix.org/transport.5.html
      >
      > # main.cf
      > transport_maps = hash:/etc/postfix/transport
      >
      > # transport
      > xyz.example relay:[ip.add.re.ss]
      >
      >
      >
      > -- Noel Jones

      If I may hijack the thread... is there a way to achieve this
      functionality with data stored in database (pgsql)?

      I came up with following Postfix configuration:

      smtpd_recipient_restrictions =
      reject_non_fqdn_recipient,
      reject_unknown_recipient_domain,
      check_recipient_access hash:/etc/postfix/restrictions/recipients,
      permit_mynetworks,
      reject_unauth_destination,
      permit

      relay_domains = pgsql:/etc/postfix/pgsql/vdomains.cf
      relay_recipient_maps = pgsql:/etc/postfix/pgsql/vmailbox.cf
      transport_maps = pgsql:/etc/postfix/pgsql/relays.cf

      vdomains.cf:
      SELECT 1 FROM mailroot.domains WHERE domain='%s'

      vmailbox.cf:
      query = SELECT home FROM mailroot.mailboxes JOIN
      mailroot.domains ON mailboxes.domains_id = domains.id
      WHERE mailboxes.enabled = true AND domains.enabled = true
      AND username = '%u' and domain = '%d'

      relays.cf:
      query = SELECT storage_path FROM mailroot.storages
      WHERE id = (SELECT storage_id FROM mailroot.domains
      WHERE domain = '%d' and enabled = true)

      This works for domains for whose I have list of mailboxes. However I'm
      unable to figure out a way to add "@..." into
      relay_recipient_maps. When I add "testing.domain" into domains table,
      Postfix sends only these queries:

      SELECT 1 FROM mailroot.domains WHERE domain='testing.domain'
      SELECT storage_path FROM mailroot.storages
      WHERE id = (SELECT storage_id FROM mailroot.domains
      WHERE domain = 'testing.domain' and enabled = true)
      SELECT home FROM mailroot.mailboxes JOIN
      mailroot.domains ON mailboxes.domains_id = domains.id
      WHERE mailboxes.enabled = true AND domains.enabled = true
      AND username = 'nonexistent' and domain = 'testing.domain'

      and I get "Recipient address rejected: User unknown in relay recipient
      table". Adding "@..." into table domains leads to "Relay
      access denied"

      I was expecting Postfix to send some query with "@..." (which
      would hint me what should I add into DB), but no such query in
      PostgreSQL log.

      Any ideas?
    • Show all 14 messages in this topic