Loading ...
Sorry, an error occurred while loading the content.

Always Bcc and discard difficulty

Expand Messages
  • Greg Wood
    Okay. I ve tried many configs but now concede defeat. Can anyone put me on the right road? Assume I have a new clean install. What I am trying to do is:-
    Message 1 of 9 , Oct 30, 2006
    • 0 Attachment
      Okay. I've tried many configs but now concede defeat. Can anyone put me
      on the right road?

      Assume I have a new clean install.

      What I am trying to do is:- Postfix for a single domain with approx 30
      users. Mail is fetched by fetchmail from an isp catchall (multidrop) account.

      Finance director wants Bcc (for review) of all useful mail, in and out (ie not the
      rejected mail and notices.) I dont want to be editing special maps
      every time a new user comes or goes.

      I want all mail notices sent to my personal user box for checking BUT I
      want to be able to discard mail for some specific user names (50% of
      all our spam comes to a specific nonexistent user name on our domain!)
      ie once I see that a specific name is coming up regularly with spam I
      want to eliminate all future mail with that name. However, if that
      mail has other legitimate user names on it I dont want those users to
      not get the mail! I want to be notified of other incorrectly addressed mail. (eg niel@etc.... instead of neil@etc...)

      I must assume that this is possible with Postfix. Can anyone help?
    • Wietse Venema
      ... You can use a transport map to route mail for a specific user to the discard(8) deliver agent. This requires Postfix 2.2 or later. Wietse
      Message 2 of 9 , Oct 30, 2006
      • 0 Attachment
        Greg Wood:
        > Okay. I've tried many configs but now concede defeat. Can anyone put me
        > on the right road?
        >
        > Assume I have a new clean install.
        >
        > What I am trying to do is:- Postfix for a single domain with approx 30
        > users. Mail is fetched by fetchmail from an isp catchall (multidrop) account.
        >
        > Finance director wants Bcc (for review) of all useful mail, in and out (ie not the
        > rejected mail and notices.) I dont want to be editing special maps
        > every time a new user comes or goes.
        >
        > I want all mail notices sent to my personal user box for checking BUT I
        > want to be able to discard mail for some specific user names (50% of
        > all our spam comes to a specific nonexistent user name on our domain!)
        > ie once I see that a specific name is coming up regularly with spam I
        > want to eliminate all future mail with that name. However, if that
        > mail has other legitimate user names on it I dont want those users to
        > not get the mail! I want to be notified of other incorrectly addressed mail. (eg niel@etc.... instead of neil@etc...)
        >
        > I must assume that this is possible with Postfix. Can anyone help?

        You can use a transport map to route mail for a specific user to
        the discard(8) deliver agent. This requires Postfix 2.2 or later.

        Wietse
      • /dev/rob0
        ... I d suggest rethinking the basic design here. Host the mail yourself; eliminate the ISP server and the catchall. All your problems (as I see them) would
        Message 3 of 9 , Oct 30, 2006
        • 0 Attachment
          On Monday 30 October 2006 09:31, Greg Wood wrote:
          > What I am trying to do is:- Postfix for a single domain with approx
          > 30 users. Mail is fetched by fetchmail from an isp catchall
          > (multidrop) account.

          I'd suggest rethinking the basic design here. Host the mail yourself;
          eliminate the ISP server and the catchall. All your problems (as I see
          them) would then be gone.

          > I dont want to be editing special maps every time a new user
          > comes or goes.

          Unfortunately that's the way it is. You (or someone) has to maintain
          your list of valid users. But it will all work more smoothly when you
          are hosting your own domain (MX points to your IP address.)
          --
          Offlist mail to this address is discarded unless
          "/dev/rob0" or "not-spam" is in Subject: header
        • Greg Wood
          Hi rob0 All local dsl connections are dynamic IP address only! Greg /dev/rob0 wrote: On Monday 30 October 2006 09:31, Greg Wood wrote: What I am trying to do
          Message 4 of 9 , Oct 30, 2006
          • 0 Attachment

            Hi  rob0

            All local dsl connections are dynamic IP address only!

            Greg
            /dev/rob0 wrote:
            On Monday 30 October 2006 09:31, Greg Wood wrote:
              
            What I am trying to do is:- Postfix for a single domain with approx
            30 users. Mail is fetched by fetchmail from an isp catchall
            (multidrop) account.
                
            I'd suggest rethinking the basic design here. Host the mail yourself; 
            eliminate the ISP server and the catchall. All your problems (as I see 
            them) would then be gone.
            
              
            I dont want to be editing special maps every time a new user
            comes or goes.
                
            Unfortunately that's the way it is. You (or someone) has to maintain 
            your list of valid users. But it will all work more smoothly when you 
            are hosting your own domain (MX points to your IP address.)
              
          • Greg Wood
            ... Am still getting notification from mailer-daemon AND copy of the email with notice :- Recipient address rejected: User unknown in local recipient table
            Message 5 of 9 , Oct 30, 2006
            • 0 Attachment
              Wietse Venema wrote:

              >Greg Wood:
              >
              >
              >>Okay. I've tried many configs but now concede defeat. Can anyone put me
              >>on the right road?
              >>
              >>Assume I have a new clean install.
              >>
              >>What I am trying to do is:- Postfix for a single domain with approx 30
              >>users. Mail is fetched by fetchmail from an isp catchall (multidrop) account.
              >>
              >>Finance director wants Bcc (for review) of all useful mail, in and out (ie not the
              >>rejected mail and notices.) I dont want to be editing special maps
              >>every time a new user comes or goes.
              >>
              >>I want all mail notices sent to my personal user box for checking BUT I
              >>want to be able to discard mail for some specific user names (50% of
              >>all our spam comes to a specific nonexistent user name on our domain!)
              >>ie once I see that a specific name is coming up regularly with spam I
              >>want to eliminate all future mail with that name. However, if that
              >>mail has other legitimate user names on it I dont want those users to
              >>not get the mail! I want to be notified of other incorrectly addressed mail. (eg niel@etc.... instead of neil@etc...)
              >>
              >>I must assume that this is possible with Postfix. Can anyone help?
              >>
              >>
              >
              >You can use a transport map to route mail for a specific user to
              >the discard(8) deliver agent. This requires Postfix 2.2 or later.
              >
              > Wietse
              >
              >
              >
              >
              >
              Am still getting notification from mailer-daemon AND copy of the email
              with notice :-

              Recipient address rejected: User unknown in local recipient table

              main.cf
              transport_maps = hash:/etc/postfix/transport

              /etc/postfix/transport
              auser@... discard:silently

              Which action takes place first, the transport maps or local recipient maps?
              Seems its rejected because the user name is not a listed user on my domain. Or is my implementation wrong?

              Greg
            • mouss
              ... Is this box running linux? if so, disable selinux/apparmor/$friends (check /var/log/messages, /var/log/secure, /var/log/audit, ... for signs )
              Message 6 of 9 , Oct 31, 2006
              • 0 Attachment
                Greg Wood wrote:
                > Hello mouss,
                >
                > Thank you for the help thus far. I have a further problem.
                >
                > I am now getting a mail log file:
                > " warning: connect to transport discard: Operation not permitted "

                Is this box running linux? if so, disable selinux/apparmor/$friends
                (check /var/log/messages, /var/log/secure, /var/log/audit, ... for "signs")
              • Greg Wood
                Hello mouss, Absolutely spot on. Apparmor blocking the transport. (2nd time it s caught me out. It blocked cyrus as well.) Was easily reset to allow access.
                Message 7 of 9 , Nov 1, 2006
                • 0 Attachment
                  Hello mouss,

                  Absolutely spot on. Apparmor blocking the transport. (2nd time it's
                  caught me out. It blocked cyrus as well.) Was easily reset to allow access.

                  Thank you to all on a great forum.

                  Greg

                  mouss wrote:

                  > Greg Wood wrote:
                  >
                  >> Hello mouss,
                  >>
                  >> Thank you for the help thus far. I have a further problem.
                  >>
                  >> I am now getting a mail log file:
                  >> " warning: connect to transport discard: Operation not permitted "
                  >
                  >
                  > Is this box running linux? if so, disable selinux/apparmor/$friends
                  > (check /var/log/messages, /var/log/secure, /var/log/audit, ... for
                  > "signs")
                  >
                  >
                  >
                  >
                • Greg Wood
                  I spoke too soon :-( I have eliminated the mailer-daemon and copy of email being sent to admin@example.com. But a copy is still going to always_bcc (I guess
                  Message 8 of 9 , Nov 2, 2006
                  • 0 Attachment
                    I spoke too soon :-(

                    I have eliminated the mailer-daemon and copy of email being sent to
                    admin@....

                    But a copy is still going to always_bcc (I guess the clue is in the
                    "always")
                    I would prefer if there was a way to prevent this but I am guessing I
                    need to use recipient_bcc_maps and sender_bcc_maps.

                    If so, I would like to know if I can point the maps to the unix user
                    list (and later to ldap) so that updating user changes only need be done
                    in one place. I expect something like sender_bcc_maps =
                    hash:/etc/postfix/sender_bcc.

                    But I am not sure of the syntax for the :/etc/postfix/sender_bcc file
                    to point to unix users.

                    Thanks in anticipation.

                    Greg

                    Greg Wood wrote:

                    > Hello mouss,
                    >
                    > Absolutely spot on. Apparmor blocking the transport. (2nd time it's
                    > caught me out. It blocked cyrus as well.) Was easily reset to allow
                    > access.
                    >
                    > Thank you to all on a great forum.
                    >
                    > Greg
                    >
                    > mouss wrote:
                    >
                    >> Greg Wood wrote:
                    >>
                    >>> Hello mouss,
                    >>>
                    >>> Thank you for the help thus far. I have a further problem.
                    >>>
                    >>> I am now getting a mail log file:
                    >>> " warning: connect to transport discard: Operation not permitted "
                    >>
                    >>
                    >>
                    >> Is this box running linux? if so, disable selinux/apparmor/$friends
                    >> (check /var/log/messages, /var/log/secure, /var/log/audit, ... for
                    >> "signs")
                    >>
                    >>
                    >>
                    >>
                    >
                  • mouss
                    ... I know of no example where recipient_bcc_maps is not better than always_bcc. the latter loses the recipient. recipient_bcc_maps = pcre:$dir/recipient_bcc #
                    Message 9 of 9 , Nov 2, 2006
                    • 0 Attachment
                      Greg Wood wrote:
                      > I spoke too soon :-(
                      >
                      > I have eliminated the mailer-daemon and copy of email being sent to
                      > admin@....
                      >
                      > But a copy is still going to always_bcc (I guess the clue is in the
                      > "always")
                      > I would prefer if there was a way to prevent this but I am guessing I
                      > need to use recipient_bcc_maps and sender_bcc_maps.
                      >
                      > If so, I would like to know if I can point the maps to the unix user
                      > list (and later to ldap) so that updating user changes only need be
                      > done in one place. I expect something like sender_bcc_maps =
                      > hash:/etc/postfix/sender_bcc.
                      >
                      > But I am not sure of the syntax for the :/etc/postfix/sender_bcc file
                      > to point to unix users.

                      I know of no example where recipient_bcc_maps is not better than
                      always_bcc. the latter loses the recipient.

                      recipient_bcc_maps = pcre:$dir/recipient_bcc

                      # cat recipient_bcc
                      /(.*)@domain\.example$/ $1@...

                      then apply the same discard virtual alias to these as well:
                      badrcpt@... badrcpt@...

                      Now, depending on how many domains are managed by this postfix, you can
                      simplify your rules.
                      provide a full description of the setup for more infos.
                    Your message has been successfully submitted and would be delivered to recipients shortly.