  • mouss
    Message 1 of 4 , Mar 30, 2007
    • 0 Attachment
      Mauro Calderara wrote:
      > On Mar 27, 2007, at 5:03 PM, mouss wrote:
      >> Mauro Calderara wrote:
      >>> Hi everyone
      >>> I'm trying to get my postfix to expand/resolve the aliases (defined
      >>> in virtual_alias_maps) before passing things to the content filter.
      > [...]
      >>> in main.cf:
      >>> [...]
      >>> virtual_alias_maps = mysql:/etc/postfix/mysql/virtual_alias.cf
      >>> [...]
      >>> and in master.cf (for the smtpd that should resolve the aliases):
      >>> inet n - n - 16
      >>> smtpd
      >>> -o smtpd_helo_restrictions=
      >>> -o smtpd_sender_restrictions=
      >>> -o smtpd_client_restrictions=
      >>> -o smtpd_restriction_classes=
      >>> -o smtpd_recipient_restrictions=permit_mynetworks,reject
      >>> -o relay_recipient_maps=
      >>> -o smtpd_client_connection_count_limit=0
      >>> -o smtpd_client_connection_rate_limit=0
      >>> -o
      >>> recieve_override_options=no_unknown_recipient_checks,no_header_body_checks
      >>> -o transport_maps=
      >>> -o content_filter=filter:[]:10026
      >>> The rest of the setup looks like this: The other two smtpds that are
      >>> involved have '-o virtual_alias_maps=' amongst other things.
      >> don't do this. virtual_alias_maps are also used to validate recipients.
      > ok
      >>> We have an smtpd on port 25 that does before-queue-AV-filtering (yet
      >>> another bad idea[TM] but an explicit desing requirement from above)
      >>> and another one that takes the mail back from the filter and use
      >>> transport_maps there to route the mail to the corresponding backends.
      > [...]
      >> by default, smtpd will expand aliases. if it does not, then you
      >> disabled that.
      >> *) do not use -o virtual_....
      >> *) use receive_override_mapping=no_address_mappings
      > ok, I've done both now, seems not to work yet.
      >> in the smtpd on port 10025, but not on port 25. This way, alias
      >> expansion will occur in the smtpd 25 listener.
      > that sounds reasonable, but I think it does not work in our setup
      > because we do before-queue filtering with proxy_filter. the smtpd on
      > port 25 won't see the mail again, it goes to the one on 10025. The
      > latter one does not do the expansion yet but does the spamfiltering,
      > so if we expand the mails, it would need to be done before the smtpd
      > on 10025 (or on that smtpd before content_filter).
      > I thought I'd be smart and tried to insert another smtpd between the
      > before-queue-AV and the one with the content_filter using -o
      > relay_transport= That one would then run through all
      > the steps and not loose mail somewhere (like with proxy_filter and
      > content_filter).
      > This works so far for normal mailboxes, would that in your opinion be
      > a bearable way to do things?
      > With the alias I have the problem now (I had that before too, when the
      > smtpd after the content_filter did the alias-resolving) that I've got
      > a mailingloop. For some reason (my unability to configure things
      > properly that is) postfix sends out the mail alias@... again,
      > which comes then back in instead of sending out resolved@...
      > again and pass it through.
      > Thanks for any feedback
      > mauro
      >> for further details, post your master.cf.
      > that's with 4 smtpds, for the setup with 3 smtpds just think the
      > proxy_filter hand the mail back to the smtpd on port 10025:

      choose 3 or 4 (whichever you prefer) and show (an ascii diagram or a
      list of steps) the mail flow. if having something like

      smpd[1] -> F[1] -> smtpd[2] -> F[2] .... -> smtpd[n]
      and you want to expand aliases before F[k], then
      - enable address rewrite in smtpd[k-1]
      - disable it in all other smtpd's

      Note that mail received via sendmail is handled by pickup, not by smtpd
      (so things are different if your filters resend mail using the sendmail
