Loading ...
Sorry, an error occurred while loading the content.

Re: set a catch-all for users that not exists in database

Expand Messages
  • David Touzeau
    ... yes excuse me here it is the postconf -n 2bounce_notice_recipient = postmaster address_verify_negative_cache = yes address_verify_negative_expire_time = 3d
    Message 1 of 22 , Jul 1 6:48 AM
    • 0 Attachment
      On 01/07/2010 15:17, Markus Schönhaber wrote:
      > 01.07.2010 14:40, David Touzeau:
      >
      >> here it is the main.cf
      >
      > Post the output of
      > postconf -n
      > next time
      >
      >> 2bounce_notice_recipient = postmaster
      >> address_verify_negative_cache = yes
      >> address_verify_negative_expire_time = 3d
      >> address_verify_negative_refresh_time = 3h
      >> address_verify_poll_count = 3
      >> address_verify_poll_delay = 3s
      >> address_verify_positive_expire_time = 31d
      >> address_verify_positive_refresh_time = 7d
      >> address_verify_sender = double-bounce
      >> alias_database = hash:/etc/postfix/aliases
      >> alias_maps = hash:/etc/postfix/aliases
      >> append_dot_mydomain = no
      >> biff = no
      >> bounce_notice_recipient = postmaster
      >> bounce_queue_lifetime = 5d
      >> bounce_service_name = bounce
      >> bounce_size_limit = 50000
      >> bounce_template_file = /etc/postfix/bounce.template.cf
      >> broken_sasl_auth_clients = yes
      >> config_directory = /etc/postfix
      >> connection_cache_status_update_time = 600s
      >> connection_cache_ttl_limit = 2s
      >> content_filter =
      >> default_destination_concurrency_limit = 20
      >> default_destination_recipient_limit = 50
      >> default_process_limit = 100
      >> delay_notice_recipient = postmaster
      >> disable_dns_lookups = no
      >> double_bounce_sender = double-bounce
      >> empty_address_recipient = MAILER-DAEMON
      >> enable_original_recipient = yes
      >> error_notice_recipient = postmaster
      >> header_address_token_limit = 10240
      >> header_checks =
      >> ignore_mx_lookup_error = no
      >> in_flow_delay = 1s
      >> inet_interfaces = all
      >> initial_destination_concurrency = 5
      >> local_destination_concurrency_limit = 2
      >> local_recipient_maps =
      >> mailbox_size_limit = 102400000
      >> mailbox_transport = lmtp:unix:/var/spool/postfix/var/run/cyrus/socket/lmtp
      >> maximal_backoff_time = 4000s
      >> maximal_queue_lifetime = 5d
      >> message_size_limit = 102400000
      >> mime_header_checks =
      >> mime_nesting_limit = 100
      >> minimal_backoff_time = 300s
      >> mydestination =
      >> myhostname = server-mail.touzeau.biz.touzeau.biz.local.local
      >> mynetworks = 172.16.40.0/24
      >> myorigin = /etc/mailname
      >> qmgr_message_recipient_limit = 20000
      >> qmgr_message_recipient_minimum = 10
      >> queue_run_delay = 300s
      >> readme_directory = no
      >> receive_override_options =
      >> recipient_canonical_maps =
      >> recipient_delimiter = +
      >> relay_recipient_maps =
      >> relayhost =
      >> smtp_connect_timeout = 30s
      >> smtp_connection_cache_on_demand = yes
      >> smtp_connection_cache_time_limit = 2s
      >> smtp_connection_reuse_time_limit = 300s
      >> smtp_destination_concurrency_limit = $default_destination_concurrency_limit
      >> smtp_helo_timeout = 300s
      >> smtp_sasl_password_maps = hash:/etc/postfix/smtp_sasl_password
      >> smtp_send_xforward_command = yes
      >> smtp_sender_dependent_authentication = no
      >> smtp_tls_mandatory_protocols = SSLv3,TLSv1
      >> smtp_tls_session_cache_database =
      >> btree:/var/lib/postfix/smtpd_tls_session_cache
      >> smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
      >> smtpd_client_connection_count_limit = 50
      >> smtpd_client_connection_rate_limit = 0
      >> smtpd_client_message_rate_limit = 0
      >> smtpd_client_new_tls_session_rate_limit = 0
      >> smtpd_client_recipient_rate_limit = 0
      >> smtpd_client_restrictions = check_client_access
      >> ldap:smtpd_client_restrictions_check_client_access
      >> smtpd_error_sleep_time = 1s
      >> smtpd_hard_error_limit = 20
      >> smtpd_recipient_limit = 1000
      >> smtpd_recipient_restrictions =
      >> permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
      >> smtpd_reject_unlisted_recipient = yes
      >> smtpd_restriction_classes =
      >> smtpd_sasl_authenticated_header = yes
      >> smtpd_sasl_exceptions_networks =
      >> smtpd_sasl_local_domain =
      >> smtpd_sasl_path = smtpd
      >> smtpd_sasl_security_options = noanonymous
      >> smtpd_soft_error_limit = 10
      >> smtpd_timeout = 300
      >> smtpd_tls_CAfile = /etc/ssl/certs/postfix/ca.csr
      >> smtpd_tls_ask_ccert = no
      >> smtpd_tls_auth_only = no
      >> smtpd_tls_cert_file = /etc/ssl/certs/postfix/ca.crt
      >> smtpd_tls_key_file = /etc/ssl/certs/postfix/ca.key
      >> smtpd_tls_received_header = yes
      >> smtpd_tls_req_ccert = no
      >> smtpd_tls_security_level = may
      >> smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
      >> smtpd_use_tls = yes
      >> undisclosed_recipients_header = To: undisclosed-recipients:;
      >> virtual_alias_maps = hash:/etc/postfix/virtual
      >> virtual_gid_maps = static:5000
      >> virtual_mailbox_limit = 102400000
      >> virtual_transport = $mailbox_transport
      >> virtual_uid_maps = static:5000
      >>
      >> content of /etc/postfix/virtual
      >> ------------------------------------
      >> @... all-users@...
      >
      > which differs significantly from what you claimed previously being the
      > content of your "virtual maps".
      >
      >>
      >> content of /etc/postfix/aliases
      >> ------------------------------------
      >>
      >> user1 user1@...
      >> user2 user2@...
      >> all-users all-users@...
      >>
      >>
      >> piece of log when sending from external to user1
      >>
      >> Jul 1 14:38:37 server-mail postfix/cleanup[8627]: 67B7F2BCC:
      >> message-id=<20100701123823.67B7F2BCC@...>
      >> Jul 1 14:38:37 server-mail postfix/qmgr[4773]: 67B7F2BCC:
      >> from=<toto@...>, size=415, nrcpt=1 (queue active)
      >> Jul 1 14:38:37 server-mail postfix/smtp[8737]: 67B7F2BCC:
      >> to=<all-users@...>, orig_to=<user1@...>, ....
      >>
      >> so user1 exists but postfix whant to send to all-users@... has
      >> the catch all
      >
      > Which is exactly what you instructed postfix to do with the above
      > /etc/postfix/virtual map.
      > Note: alias_maps and alias_database are only used by the local(8)
      > delivery agent, but since your "mydestination" is empty, "company.tld"
      > isn't a local domain.
      > http://www.postfix.org/ADDRESS_CLASS_README.html
      >



      yes

      excuse me

      here it is the postconf -n

      2bounce_notice_recipient = postmaster
      address_verify_negative_cache = yes
      address_verify_negative_expire_time = 3d
      address_verify_negative_refresh_time = 3h
      address_verify_poll_count = 3
      address_verify_poll_delay = 3s
      address_verify_positive_expire_time = 31d
      address_verify_positive_refresh_time = 7d
      address_verify_sender = double-bounce
      alias_database = hash:/etc/postfix/aliases
      alias_maps = hash:/etc/postfix/aliases
      append_dot_mydomain = no
      biff = no
      bounce_notice_recipient = postmaster
      bounce_queue_lifetime = 5d
      bounce_service_name = bounce
      bounce_size_limit = 50000
      bounce_template_file = /etc/postfix/bounce.template.cf
      broken_sasl_auth_clients = yes
      config_directory = /etc/postfix
      connection_cache_status_update_time = 600s
      connection_cache_ttl_limit = 2s
      content_filter =
      default_destination_concurrency_limit = 20
      default_destination_recipient_limit = 50
      default_process_limit = 100
      delay_notice_recipient = postmaster
      disable_dns_lookups = no
      double_bounce_sender = double-bounce
      empty_address_recipient = MAILER-DAEMON
      enable_original_recipient = yes
      error_notice_recipient = postmaster
      header_address_token_limit = 10240
      header_checks =
      ignore_mx_lookup_error = no
      in_flow_delay = 1s
      inet_interfaces = all
      initial_destination_concurrency = 5
      local_destination_concurrency_limit = 2
      local_recipient_maps =
      mailbox_size_limit = 102400000
      mailbox_transport = lmtp:unix:/var/spool/postfix/var/run/cyrus/socket/lmtp
      maximal_backoff_time = 4000s
      maximal_queue_lifetime = 5d
      message_size_limit = 102400000
      mime_header_checks =
      mime_nesting_limit = 100
      minimal_backoff_time = 300s
      mydestination = hash:/etc/postfix/mydestination
      myhostname = server-mail.touzeau.biz.touzeau.biz.local.local
      mynetworks = 172.16.40.0/24
      myorigin = /etc/mailname
      qmgr_message_recipient_limit = 20000
      qmgr_message_recipient_minimum = 10
      queue_run_delay = 300s
      readme_directory = no
      receive_override_options =
      recipient_bcc_maps = hash:/etc/postfix/recipient_bcc
      recipient_canonical_maps =
      recipient_delimiter = +
      relay_domains = hash:/etc/postfix/relay_domains
      relay_recipient_maps =
      relayhost =
      sender_canonical_maps = hash:/etc/postfix/sender_canonical
      sender_dependent_relayhost_maps =
      hash:/etc/postfix/sender_dependent_relayhost
      smtp_connect_timeout = 30s
      smtp_connection_cache_on_demand = yes
      smtp_connection_cache_time_limit = 2s
      smtp_connection_reuse_time_limit = 300s
      smtp_destination_concurrency_limit = $default_destination_concurrency_limit
      smtp_helo_timeout = 300s
      smtp_sasl_password_maps = hash:/etc/postfix/smtp_sasl_password
      smtp_send_xforward_command = yes
      smtp_sender_dependent_authentication = no
      smtp_tls_mandatory_protocols = SSLv3,TLSv1
      smtp_tls_session_cache_database =
      btree:/var/lib/postfix/smtpd_tls_session_cache
      smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
      smtpd_client_connection_count_limit = 50
      smtpd_client_connection_rate_limit = 0
      smtpd_client_message_rate_limit = 0
      smtpd_client_new_tls_session_rate_limit = 0
      smtpd_client_recipient_rate_limit = 0
      smtpd_client_restrictions = check_client_access
      ldap:smtpd_client_restrictions_check_client_access
      smtpd_error_sleep_time = 1s
      smtpd_hard_error_limit = 20
      smtpd_recipient_limit = 1000
      smtpd_recipient_restrictions =
      permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
      smtpd_reject_unlisted_recipient = yes
      smtpd_restriction_classes =
      smtpd_sasl_authenticated_header = yes
      smtpd_sasl_exceptions_networks =
      smtpd_sasl_local_domain =
      smtpd_sasl_path = smtpd
      smtpd_sasl_security_options = noanonymous
      smtpd_soft_error_limit = 10
      smtpd_timeout = 300
      smtpd_tls_CAfile = /etc/ssl/certs/postfix/ca.csr
      smtpd_tls_ask_ccert = no
      smtpd_tls_auth_only = no
      smtpd_tls_cert_file = /etc/ssl/certs/postfix/ca.crt
      smtpd_tls_key_file = /etc/ssl/certs/postfix/ca.key
      smtpd_tls_received_header = yes
      smtpd_tls_req_ccert = no
      smtpd_tls_security_level = may
      smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
      smtpd_use_tls = yes
      transport_maps = hash:/etc/postfix/transport
      undisclosed_recipients_header = To: undisclosed-recipients:;
      virtual_alias_maps = hash:/etc/postfix/virtual
      virtual_gid_maps = static:5000
      virtual_mailbox_domains =
      virtual_mailbox_limit = 102400000
      virtual_transport = $mailbox_transport
      virtual_uid_maps = static:5000


      i have set mydestination, sorry it was a fresh install for this discuss.

      here it is the piece of log when sending a mail

      ul 1 15:45:18 server-mail postfix/cleanup[2923]: 226B42BCC:
      message-id=<20100701134510.226B42BCC@...>
      Jul 1 15:45:18 server-mail postfix/qmgr[11911]: 226B42BCC:
      from=<user@...>, size=398, nrcpt=1 (queue active)
      Jul 1 15:45:18 server-mail cyrus/master[3239]: about to exec
      /usr/lib/cyrus/bin/lmtpd
      Jul 1 15:45:18 server-mail cyrus/lmtpunix[3239]: executed
      Jul 1 15:45:18 server-mail cyrus/lmtpunix[3239]: accepted connection
      Jul 1 15:45:18 server-mail cyrus/lmtpunix[3239]: lmtp connection
      preauth'd as postman
      Jul 1 15:45:18 server-mail cyrus/lmtpunix[3239]:
      verify_user(user.all-users) failed: Mailbox does not exist
      Jul 1 15:45:18 server-mail postfix/lmtp[3238]: 226B42BCC:
      to=<all-users@...>, orig_to=<user1@...>,
      relay=server-mail.touzeau.biz.touzeau.biz.local.local[/var/spool/postfix/var/run/cyrus/socket/lmtp],

      so what's interesting :

      user@... -> user1@...

      The expected behavior is to send to user1@... but in real state
      postfix translate user1 to the catch all:

      user@... -> user1@... -> all-users@...
      to=<all-users@...>, orig_to=<user1@...>

      what i have missed ??


      best regards
    • Markus Schönhaber
      ... What are the contents of /etc/postfix/mydestination? Did you postmap it? BTW: what s the point in explicitly setting so many configuration variables to
      Message 2 of 22 , Jul 1 7:34 AM
      • 0 Attachment
        01.07.2010 15:48, David Touzeau:

        > here it is the postconf -n
        >
        > 2bounce_notice_recipient = postmaster
        > address_verify_negative_cache = yes
        > address_verify_negative_expire_time = 3d
        > address_verify_negative_refresh_time = 3h
        > address_verify_poll_count = 3
        > address_verify_poll_delay = 3s
        > address_verify_positive_expire_time = 31d
        > address_verify_positive_refresh_time = 7d
        > address_verify_sender = double-bounce
        > alias_database = hash:/etc/postfix/aliases
        > alias_maps = hash:/etc/postfix/aliases
        > append_dot_mydomain = no
        > biff = no
        > bounce_notice_recipient = postmaster
        > bounce_queue_lifetime = 5d
        > bounce_service_name = bounce
        > bounce_size_limit = 50000
        > bounce_template_file = /etc/postfix/bounce.template.cf
        > broken_sasl_auth_clients = yes
        > config_directory = /etc/postfix
        > connection_cache_status_update_time = 600s
        > connection_cache_ttl_limit = 2s
        > content_filter =
        > default_destination_concurrency_limit = 20
        > default_destination_recipient_limit = 50
        > default_process_limit = 100
        > delay_notice_recipient = postmaster
        > disable_dns_lookups = no
        > double_bounce_sender = double-bounce
        > empty_address_recipient = MAILER-DAEMON
        > enable_original_recipient = yes
        > error_notice_recipient = postmaster
        > header_address_token_limit = 10240
        > header_checks =
        > ignore_mx_lookup_error = no
        > in_flow_delay = 1s
        > inet_interfaces = all
        > initial_destination_concurrency = 5
        > local_destination_concurrency_limit = 2
        > local_recipient_maps =
        > mailbox_size_limit = 102400000
        > mailbox_transport = lmtp:unix:/var/spool/postfix/var/run/cyrus/socket/lmtp
        > maximal_backoff_time = 4000s
        > maximal_queue_lifetime = 5d
        > message_size_limit = 102400000
        > mime_header_checks =
        > mime_nesting_limit = 100
        > minimal_backoff_time = 300s
        > mydestination = hash:/etc/postfix/mydestination
        > myhostname = server-mail.touzeau.biz.touzeau.biz.local.local
        > mynetworks = 172.16.40.0/24
        > myorigin = /etc/mailname
        > qmgr_message_recipient_limit = 20000
        > qmgr_message_recipient_minimum = 10
        > queue_run_delay = 300s
        > readme_directory = no
        > receive_override_options =
        > recipient_bcc_maps = hash:/etc/postfix/recipient_bcc
        > recipient_canonical_maps =
        > recipient_delimiter = +
        > relay_domains = hash:/etc/postfix/relay_domains
        > relay_recipient_maps =
        > relayhost =
        > sender_canonical_maps = hash:/etc/postfix/sender_canonical
        > sender_dependent_relayhost_maps =
        > hash:/etc/postfix/sender_dependent_relayhost
        > smtp_connect_timeout = 30s
        > smtp_connection_cache_on_demand = yes
        > smtp_connection_cache_time_limit = 2s
        > smtp_connection_reuse_time_limit = 300s
        > smtp_destination_concurrency_limit = $default_destination_concurrency_limit
        > smtp_helo_timeout = 300s
        > smtp_sasl_password_maps = hash:/etc/postfix/smtp_sasl_password
        > smtp_send_xforward_command = yes
        > smtp_sender_dependent_authentication = no
        > smtp_tls_mandatory_protocols = SSLv3,TLSv1
        > smtp_tls_session_cache_database =
        > btree:/var/lib/postfix/smtpd_tls_session_cache
        > smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
        > smtpd_client_connection_count_limit = 50
        > smtpd_client_connection_rate_limit = 0
        > smtpd_client_message_rate_limit = 0
        > smtpd_client_new_tls_session_rate_limit = 0
        > smtpd_client_recipient_rate_limit = 0
        > smtpd_client_restrictions = check_client_access
        > ldap:smtpd_client_restrictions_check_client_access
        > smtpd_error_sleep_time = 1s
        > smtpd_hard_error_limit = 20
        > smtpd_recipient_limit = 1000
        > smtpd_recipient_restrictions =
        > permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
        > smtpd_reject_unlisted_recipient = yes
        > smtpd_restriction_classes =
        > smtpd_sasl_authenticated_header = yes
        > smtpd_sasl_exceptions_networks =
        > smtpd_sasl_local_domain =
        > smtpd_sasl_path = smtpd
        > smtpd_sasl_security_options = noanonymous
        > smtpd_soft_error_limit = 10
        > smtpd_timeout = 300
        > smtpd_tls_CAfile = /etc/ssl/certs/postfix/ca.csr
        > smtpd_tls_ask_ccert = no
        > smtpd_tls_auth_only = no
        > smtpd_tls_cert_file = /etc/ssl/certs/postfix/ca.crt
        > smtpd_tls_key_file = /etc/ssl/certs/postfix/ca.key
        > smtpd_tls_received_header = yes
        > smtpd_tls_req_ccert = no
        > smtpd_tls_security_level = may
        > smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
        > smtpd_use_tls = yes
        > transport_maps = hash:/etc/postfix/transport
        > undisclosed_recipients_header = To: undisclosed-recipients:;
        > virtual_alias_maps = hash:/etc/postfix/virtual
        > virtual_gid_maps = static:5000
        > virtual_mailbox_domains =
        > virtual_mailbox_limit = 102400000
        > virtual_transport = $mailbox_transport
        > virtual_uid_maps = static:5000
        >
        >
        > i have set mydestination, sorry it was a fresh install for this discuss.

        What are the contents of /etc/postfix/mydestination? Did you postmap it?

        BTW: what's the point in explicitly setting so many configuration
        variables to their default values?

        > here it is the piece of log when sending a mail
        >
        > ul 1 15:45:18 server-mail postfix/cleanup[2923]: 226B42BCC:
        > message-id=<20100701134510.226B42BCC@...>
        > Jul 1 15:45:18 server-mail postfix/qmgr[11911]: 226B42BCC:
        > from=<user@...>, size=398, nrcpt=1 (queue active)
        > Jul 1 15:45:18 server-mail cyrus/master[3239]: about to exec
        > /usr/lib/cyrus/bin/lmtpd
        > Jul 1 15:45:18 server-mail cyrus/lmtpunix[3239]: executed
        > Jul 1 15:45:18 server-mail cyrus/lmtpunix[3239]: accepted connection
        > Jul 1 15:45:18 server-mail cyrus/lmtpunix[3239]: lmtp connection
        > preauth'd as postman
        > Jul 1 15:45:18 server-mail cyrus/lmtpunix[3239]:
        > verify_user(user.all-users) failed: Mailbox does not exist

        So you've probably created a source for backscatter - which can happen
        very easily when you break recipient validation (which at least three
        people on this list have warned you of doing).

        > Jul 1 15:45:18 server-mail postfix/lmtp[3238]: 226B42BCC:
        > to=<all-users@...>, orig_to=<user1@...>,
        > relay=server-mail.touzeau.biz.touzeau.biz.local.local[/var/spool/postfix/var/run/cyrus/socket/lmtp],
        >
        > so what's interesting :
        >
        > user@... -> user1@...
        >
        > The expected behavior is to send to user1@... but in real state
        > postfix translate user1 to the catch all:
        >
        > user@... -> user1@... -> all-users@...
        > to=<all-users@...>, orig_to=<user1@...>
        >
        > what i have missed ??

        You missed to show the log entries for the complete mail transaction
        starting from the point where the mail enters the system till final
        delivery.

        --
        Regards
        mks
      • David Touzeau
        ... here it is : Jul 1 16:48:08 server-mail postfix/smtpd[21427]: connect from unknown[172.16.40.1] Jul 1 16:48:30 server-mail cyrus/master[27446]: process
        Message 3 of 22 , Jul 1 7:49 AM
        • 0 Attachment
          On 01/07/2010 16:34, Markus Schönhaber wrote:
          > 01.07.2010 15:48, David Touzeau:
          >
          >> here it is the postconf -n
          >>
          >> 2bounce_notice_recipient = postmaster
          >> address_verify_negative_cache = yes
          >> address_verify_negative_expire_time = 3d
          >> address_verify_negative_refresh_time = 3h
          >> address_verify_poll_count = 3
          >> address_verify_poll_delay = 3s
          >> address_verify_positive_expire_time = 31d
          >> address_verify_positive_refresh_time = 7d
          >> address_verify_sender = double-bounce
          >> alias_database = hash:/etc/postfix/aliases
          >> alias_maps = hash:/etc/postfix/aliases
          >> append_dot_mydomain = no
          >> biff = no
          >> bounce_notice_recipient = postmaster
          >> bounce_queue_lifetime = 5d
          >> bounce_service_name = bounce
          >> bounce_size_limit = 50000
          >> bounce_template_file = /etc/postfix/bounce.template.cf
          >> broken_sasl_auth_clients = yes
          >> config_directory = /etc/postfix
          >> connection_cache_status_update_time = 600s
          >> connection_cache_ttl_limit = 2s
          >> content_filter =
          >> default_destination_concurrency_limit = 20
          >> default_destination_recipient_limit = 50
          >> default_process_limit = 100
          >> delay_notice_recipient = postmaster
          >> disable_dns_lookups = no
          >> double_bounce_sender = double-bounce
          >> empty_address_recipient = MAILER-DAEMON
          >> enable_original_recipient = yes
          >> error_notice_recipient = postmaster
          >> header_address_token_limit = 10240
          >> header_checks =
          >> ignore_mx_lookup_error = no
          >> in_flow_delay = 1s
          >> inet_interfaces = all
          >> initial_destination_concurrency = 5
          >> local_destination_concurrency_limit = 2
          >> local_recipient_maps =
          >> mailbox_size_limit = 102400000
          >> mailbox_transport = lmtp:unix:/var/spool/postfix/var/run/cyrus/socket/lmtp
          >> maximal_backoff_time = 4000s
          >> maximal_queue_lifetime = 5d
          >> message_size_limit = 102400000
          >> mime_header_checks =
          >> mime_nesting_limit = 100
          >> minimal_backoff_time = 300s
          >> mydestination = hash:/etc/postfix/mydestination
          >> myhostname = server-mail.touzeau.biz.touzeau.biz.local.local
          >> mynetworks = 172.16.40.0/24
          >> myorigin = /etc/mailname
          >> qmgr_message_recipient_limit = 20000
          >> qmgr_message_recipient_minimum = 10
          >> queue_run_delay = 300s
          >> readme_directory = no
          >> receive_override_options =
          >> recipient_bcc_maps = hash:/etc/postfix/recipient_bcc
          >> recipient_canonical_maps =
          >> recipient_delimiter = +
          >> relay_domains = hash:/etc/postfix/relay_domains
          >> relay_recipient_maps =
          >> relayhost =
          >> sender_canonical_maps = hash:/etc/postfix/sender_canonical
          >> sender_dependent_relayhost_maps =
          >> hash:/etc/postfix/sender_dependent_relayhost
          >> smtp_connect_timeout = 30s
          >> smtp_connection_cache_on_demand = yes
          >> smtp_connection_cache_time_limit = 2s
          >> smtp_connection_reuse_time_limit = 300s
          >> smtp_destination_concurrency_limit = $default_destination_concurrency_limit
          >> smtp_helo_timeout = 300s
          >> smtp_sasl_password_maps = hash:/etc/postfix/smtp_sasl_password
          >> smtp_send_xforward_command = yes
          >> smtp_sender_dependent_authentication = no
          >> smtp_tls_mandatory_protocols = SSLv3,TLSv1
          >> smtp_tls_session_cache_database =
          >> btree:/var/lib/postfix/smtpd_tls_session_cache
          >> smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
          >> smtpd_client_connection_count_limit = 50
          >> smtpd_client_connection_rate_limit = 0
          >> smtpd_client_message_rate_limit = 0
          >> smtpd_client_new_tls_session_rate_limit = 0
          >> smtpd_client_recipient_rate_limit = 0
          >> smtpd_client_restrictions = check_client_access
          >> ldap:smtpd_client_restrictions_check_client_access
          >> smtpd_error_sleep_time = 1s
          >> smtpd_hard_error_limit = 20
          >> smtpd_recipient_limit = 1000
          >> smtpd_recipient_restrictions =
          >> permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination
          >> smtpd_reject_unlisted_recipient = yes
          >> smtpd_restriction_classes =
          >> smtpd_sasl_authenticated_header = yes
          >> smtpd_sasl_exceptions_networks =
          >> smtpd_sasl_local_domain =
          >> smtpd_sasl_path = smtpd
          >> smtpd_sasl_security_options = noanonymous
          >> smtpd_soft_error_limit = 10
          >> smtpd_timeout = 300
          >> smtpd_tls_CAfile = /etc/ssl/certs/postfix/ca.csr
          >> smtpd_tls_ask_ccert = no
          >> smtpd_tls_auth_only = no
          >> smtpd_tls_cert_file = /etc/ssl/certs/postfix/ca.crt
          >> smtpd_tls_key_file = /etc/ssl/certs/postfix/ca.key
          >> smtpd_tls_received_header = yes
          >> smtpd_tls_req_ccert = no
          >> smtpd_tls_security_level = may
          >> smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
          >> smtpd_use_tls = yes
          >> transport_maps = hash:/etc/postfix/transport
          >> undisclosed_recipients_header = To: undisclosed-recipients:;
          >> virtual_alias_maps = hash:/etc/postfix/virtual
          >> virtual_gid_maps = static:5000
          >> virtual_mailbox_domains =
          >> virtual_mailbox_limit = 102400000
          >> virtual_transport = $mailbox_transport
          >> virtual_uid_maps = static:5000
          >>
          >>
          >> i have set mydestination, sorry it was a fresh install for this discuss.
          >
          > What are the contents of /etc/postfix/mydestination? Did you postmap it?
          >
          > BTW: what's the point in explicitly setting so many configuration
          > variables to their default values?
          >
          >> here it is the piece of log when sending a mail
          >>
          >> ul 1 15:45:18 server-mail postfix/cleanup[2923]: 226B42BCC:
          >> message-id=<20100701134510.226B42BCC@...>
          >> Jul 1 15:45:18 server-mail postfix/qmgr[11911]: 226B42BCC:
          >> from=<user@...>, size=398, nrcpt=1 (queue active)
          >> Jul 1 15:45:18 server-mail cyrus/master[3239]: about to exec
          >> /usr/lib/cyrus/bin/lmtpd
          >> Jul 1 15:45:18 server-mail cyrus/lmtpunix[3239]: executed
          >> Jul 1 15:45:18 server-mail cyrus/lmtpunix[3239]: accepted connection
          >> Jul 1 15:45:18 server-mail cyrus/lmtpunix[3239]: lmtp connection
          >> preauth'd as postman
          >> Jul 1 15:45:18 server-mail cyrus/lmtpunix[3239]:
          >> verify_user(user.all-users) failed: Mailbox does not exist
          >
          > So you've probably created a source for backscatter - which can happen
          > very easily when you break recipient validation (which at least three
          > people on this list have warned you of doing).
          >
          >> Jul 1 15:45:18 server-mail postfix/lmtp[3238]: 226B42BCC:
          >> to=<all-users@...>, orig_to=<user1@...>,
          >> relay=server-mail.touzeau.biz.touzeau.biz.local.local[/var/spool/postfix/var/run/cyrus/socket/lmtp],
          >>
          >> so what's interesting :
          >>
          >> user@... -> user1@...
          >>
          >> The expected behavior is to send to user1@... but in real state
          >> postfix translate user1 to the catch all:
          >>
          >> user@... -> user1@... -> all-users@...
          >> to=<all-users@...>, orig_to=<user1@...>
          >>
          >> what i have missed ??
          >
          > You missed to show the log entries for the complete mail transaction
          > starting from the point where the mail enters the system till final
          > delivery.
          >


          here it is :


          Jul 1 16:48:08 server-mail postfix/smtpd[21427]: connect from
          unknown[172.16.40.1]
          Jul 1 16:48:30 server-mail cyrus/master[27446]: process 20566 exited,
          status 0
          Jul 1 16:48:31 server-mail cyrus/master[27446]: process 21226 exited,
          status 0
          Jul 1 16:49:01 server-mail postfix/smtpd[21427]: 47CF02BCC:
          client=unknown[172.16.40.1]
          Jul 1 16:49:11 server-mail postfix/cleanup[22048]: 47CF02BCC:
          message-id=<20100701144901.47CF02BCC@...>
          Jul 1 16:49:11 server-mail postfix/qmgr[21345]: 47CF02BCC:
          from=<user1@...>, size=420, nrcpt=1 (queue active)
          Jul 1 16:49:11 server-mail cyrus/master[22266]: about to exec
          /usr/lib/cyrus/bin/lmtpd
          Jul 1 16:49:11 server-mail cyrus/lmtpunix[22266]: executed
          Jul 1 16:49:11 server-mail cyrus/lmtpunix[22266]: accepted connection
          Jul 1 16:49:11 server-mail cyrus/lmtpunix[22266]: lmtp connection
          preauth'd as postman
          Jul 1 16:49:11 server-mail cyrus/lmtpunix[22266]: WARNING: sieve script
          /var/spool/cyrus/sieve/a/all-users/defaultbc doesn't exist: No such file
          or directory
          Jul 1 16:49:11 server-mail cyrus/lmtpunix[22266]: Delivered:
          <20100701144901.47CF02BCC@...>
          to mailbox: user.all-users
          Jul 1 16:49:11 server-mail postfix/lmtp[22265]: 47CF02BCC:
          to=<all-users@...>, orig_to=<user1@...>,
          relay=server-mail.touzeau.biz.touzeau.biz.local.local[/var/spool/postfix/var/run/cyrus/socket/lmtp],
          delay=41, delays=41/0.02/0.03/0.07, dsn=2.1.5, status=sent (250 2.1.5 Ok)
          Jul 1 16:49:11 server-mail postfix/qmgr[21345]: 47CF02BCC: removed
        • Markus Schönhaber
          ... So you ve sent a mail from user1@company.tld to user1@company.tld and it was delivered to all-users@company.tld. What are the contents of
          Message 4 of 22 , Jul 1 8:22 AM
          • 0 Attachment
            01.07.2010 16:49, David Touzeau:

            > On 01/07/2010 16:34, Markus Schönhaber wrote:

            Again:

            >> What are the contents of /etc/postfix/mydestination? Did you postmap it?

            And:

            >> BTW: what's the point in explicitly setting so many configuration
            >> variables to their default values?


            > Jul 1 16:48:08 server-mail postfix/smtpd[21427]: connect from
            > unknown[172.16.40.1]
            > Jul 1 16:48:30 server-mail cyrus/master[27446]: process 20566 exited,
            > status 0
            > Jul 1 16:48:31 server-mail cyrus/master[27446]: process 21226 exited,
            > status 0
            > Jul 1 16:49:01 server-mail postfix/smtpd[21427]: 47CF02BCC:
            > client=unknown[172.16.40.1]
            > Jul 1 16:49:11 server-mail postfix/cleanup[22048]: 47CF02BCC:
            > message-id=<20100701144901.47CF02BCC@...>
            > Jul 1 16:49:11 server-mail postfix/qmgr[21345]: 47CF02BCC:
            > from=<user1@...>, size=420, nrcpt=1 (queue active)
            > Jul 1 16:49:11 server-mail cyrus/master[22266]: about to exec
            > /usr/lib/cyrus/bin/lmtpd
            > Jul 1 16:49:11 server-mail cyrus/lmtpunix[22266]: executed
            > Jul 1 16:49:11 server-mail cyrus/lmtpunix[22266]: accepted connection
            > Jul 1 16:49:11 server-mail cyrus/lmtpunix[22266]: lmtp connection
            > preauth'd as postman
            > Jul 1 16:49:11 server-mail cyrus/lmtpunix[22266]: WARNING: sieve script
            > /var/spool/cyrus/sieve/a/all-users/defaultbc doesn't exist: No such file
            > or directory
            > Jul 1 16:49:11 server-mail cyrus/lmtpunix[22266]: Delivered:
            > <20100701144901.47CF02BCC@...>
            > to mailbox: user.all-users
            > Jul 1 16:49:11 server-mail postfix/lmtp[22265]: 47CF02BCC:
            > to=<all-users@...>, orig_to=<user1@...>,
            > relay=server-mail.touzeau.biz.touzeau.biz.local.local[/var/spool/postfix/var/run/cyrus/socket/lmtp],
            > delay=41, delays=41/0.02/0.03/0.07, dsn=2.1.5, status=sent (250 2.1.5 Ok)
            > Jul 1 16:49:11 server-mail postfix/qmgr[21345]: 47CF02BCC: removed

            So you've sent a mail from user1@... to user1@... and it
            was delivered to all-users@....

            What are the contents of
            /etc/postfix/mydestination
            /etc/postfix/aliases
            /etc/postfix/virtual

            And: did you postmap (or newaliases when it comes to aliases) them?

            Oh, and if you didn't change this (taken from a previous post of yours):

            > content of /etc/postfix/aliases
            >> ------------------------------------
            >>
            >> user1 user1@...
            >> user2 user2@...
            >> all-users all-users@...

            That's not a valid aliases(5) file. But newaliases should have warned
            you about that fact.

            --
            Regards
            mks



            --
            Regards
            mks
          • David Touzeau
            ... your are right, aliases was not correctly formated, i have changed it but no changes postmap and newaliases was executed this is the content of
            Message 5 of 22 , Jul 1 8:38 AM
            • 0 Attachment
              On 01/07/2010 17:22, Markus Schönhaber wrote:
              > 01.07.2010 16:49, David Touzeau:
              >
              >> On 01/07/2010 16:34, Markus Schönhaber wrote:
              >
              > Again:
              >
              >>> What are the contents of /etc/postfix/mydestination? Did you postmap it?
              >
              > And:
              >
              >>> BTW: what's the point in explicitly setting so many configuration
              >>> variables to their default values?
              >
              >
              >> Jul 1 16:48:08 server-mail postfix/smtpd[21427]: connect from
              >> unknown[172.16.40.1]
              >> Jul 1 16:48:30 server-mail cyrus/master[27446]: process 20566 exited,
              >> status 0
              >> Jul 1 16:48:31 server-mail cyrus/master[27446]: process 21226 exited,
              >> status 0
              >> Jul 1 16:49:01 server-mail postfix/smtpd[21427]: 47CF02BCC:
              >> client=unknown[172.16.40.1]
              >> Jul 1 16:49:11 server-mail postfix/cleanup[22048]: 47CF02BCC:
              >> message-id=<20100701144901.47CF02BCC@...>
              >> Jul 1 16:49:11 server-mail postfix/qmgr[21345]: 47CF02BCC:
              >> from=<user1@...>, size=420, nrcpt=1 (queue active)
              >> Jul 1 16:49:11 server-mail cyrus/master[22266]: about to exec
              >> /usr/lib/cyrus/bin/lmtpd
              >> Jul 1 16:49:11 server-mail cyrus/lmtpunix[22266]: executed
              >> Jul 1 16:49:11 server-mail cyrus/lmtpunix[22266]: accepted connection
              >> Jul 1 16:49:11 server-mail cyrus/lmtpunix[22266]: lmtp connection
              >> preauth'd as postman
              >> Jul 1 16:49:11 server-mail cyrus/lmtpunix[22266]: WARNING: sieve script
              >> /var/spool/cyrus/sieve/a/all-users/defaultbc doesn't exist: No such file
              >> or directory
              >> Jul 1 16:49:11 server-mail cyrus/lmtpunix[22266]: Delivered:
              >> <20100701144901.47CF02BCC@...>
              >> to mailbox: user.all-users
              >> Jul 1 16:49:11 server-mail postfix/lmtp[22265]: 47CF02BCC:
              >> to=<all-users@...>, orig_to=<user1@...>,
              >> relay=server-mail.touzeau.biz.touzeau.biz.local.local[/var/spool/postfix/var/run/cyrus/socket/lmtp],
              >> delay=41, delays=41/0.02/0.03/0.07, dsn=2.1.5, status=sent (250 2.1.5 Ok)
              >> Jul 1 16:49:11 server-mail postfix/qmgr[21345]: 47CF02BCC: removed
              >
              > So you've sent a mail from user1@... to user1@... and it
              > was delivered to all-users@....
              >
              > What are the contents of
              > /etc/postfix/mydestination
              > /etc/postfix/aliases
              > /etc/postfix/virtual
              >
              > And: did you postmap (or newaliases when it comes to aliases) them?
              >
              > Oh, and if you didn't change this (taken from a previous post of yours):
              >
              >> content of /etc/postfix/aliases
              >>> ------------------------------------
              >>>
              >>> user1 user1@...
              >>> user2 user2@...
              >>> all-users all-users@...
              >
              > That's not a valid aliases(5) file. But newaliases should have warned
              > you about that fact.
              >

              your are right, aliases was not correctly formated, i have changed it
              but no changes

              postmap and newaliases was executed

              this is the content of

              /etc/postfix/mydestination
              -----------------------------------
              company.tld OK

              /etc/postfix/aliases
              -----------------------------------
              user1:user1@...
              user2:user2@...
              all-users:all-users@...

              /etc/postfix/virtual
              -----------------------------------
              @... all-users@...



              Jul 1 17:33:04 server-mail postfix/master[4937]: reload configuration
              /etc/postfix
              Jul 1 17:33:38 server-mail postfix/smtpd[27394]: connect from
              unknown[172.16.40.1]
              Jul 1 17:34:07 server-mail postfix/smtpd[27394]: 470342BCC:
              client=unknown[172.16.40.1]
              Jul 1 17:34:13 server-mail postfix/cleanup[28618]: 470342BCC:
              message-id=<20100701153407.470342BCC@...>
              Jul 1 17:34:13 server-mail postfix/qmgr[26396]: 470342BCC:
              from=<toto@...>, size=397, nrcpt=1 (queue active)
              Jul 1 17:34:13 server-mail cyrus/master[28623]: about to exec
              /usr/lib/cyrus/bin/lmtpd
              Jul 1 17:34:13 server-mail cyrus/lmtpunix[28623]: executed
              Jul 1 17:34:13 server-mail cyrus/lmtpunix[28623]: accepted connection
              Jul 1 17:34:13 server-mail cyrus/lmtpunix[28623]: lmtp connection
              preauth'd as postman
              Jul 1 17:34:13 server-mail cyrus/lmtpunix[28623]: WARNING: sieve script
              /var/spool/cyrus/sieve/a/all-users/defaultbc doesn't exist: No such file
              or directory
              Jul 1 17:34:13 server-mail cyrus/lmtpunix[28623]: Delivered:
              <20100701153407.470342BCC@...>
              to mailbox: user.all-users
              Jul 1 17:34:13 server-mail postfix/lmtp[28622]: 470342BCC:
              to=<all-users@...>, orig_to=<user1@...>,
              relay=server-mail.touzeau.biz.touzeau.biz.local.local[/var/spool/postfix/var/run/cyrus/socket/lmtp],
              delay=21, delays=20/0.01/0.03/0.03, dsn=2.1.5, status=sent (250 2.1.5 Ok)
              Jul 1 17:34:13 server-mail postfix/qmgr[26396]: 470342BCC: removed

              catch-all still take the hand
            • Markus Schönhaber
              ... And that s OK, since cleanup(8) has rewritten the recipient address to all-users@company.tld according to virtual before local(8) is handed the message and
              Message 6 of 22 , Jul 1 8:59 AM
              • 0 Attachment
                01.07.2010 17:38, David Touzeau:

                > this is the content of
                >
                > /etc/postfix/mydestination
                > -----------------------------------
                > company.tld OK
                >
                > /etc/postfix/aliases
                > -----------------------------------
                > user1:user1@...
                > user2:user2@...
                > all-users:all-users@...
                >
                > /etc/postfix/virtual
                > -----------------------------------
                > @... all-users@...

                > catch-all still take the hand

                And that's OK, since cleanup(8) has rewritten the recipient address to
                all-users@... according to virtual before local(8) is handed the
                message and has the chance to do further rewriting according to aliases.
                http://www.postfix.org/ADDRESS_REWRITING_README.html#overview

                --
                Regards
                mks
              • David Touzeau
                ... THanks to explain to me the process but what is for you the best settings to fix the situation ?
                Message 7 of 22 , Jul 1 9:13 AM
                • 0 Attachment
                  On 01/07/2010 17:59, Markus Schönhaber wrote:
                  > 01.07.2010 17:38, David Touzeau:
                  >
                  >> this is the content of
                  >>
                  >> /etc/postfix/mydestination
                  >> -----------------------------------
                  >> company.tld OK
                  >>
                  >> /etc/postfix/aliases
                  >> -----------------------------------
                  >> user1:user1@...
                  >> user2:user2@...
                  >> all-users:all-users@...
                  >>
                  >> /etc/postfix/virtual
                  >> -----------------------------------
                  >> @... all-users@...
                  >
                  >> catch-all still take the hand
                  >
                  > And that's OK, since cleanup(8) has rewritten the recipient address to
                  > all-users@... according to virtual before local(8) is handed the
                  > message and has the chance to do further rewriting according to aliases.
                  > http://www.postfix.org/ADDRESS_REWRITING_README.html#overview
                  >

                  THanks to explain to me the process but what is for you the best
                  settings to fix the situation ?
                • Markus Schönhaber
                  ... Hm, I have already said what I consider the best fix for the situation: get rid of the catch-all and implement recipient validation. -- Regards mks
                  Message 8 of 22 , Jul 1 9:51 AM
                  • 0 Attachment
                    01.07.2010 18:13, David Touzeau:

                    > THanks to explain to me the process but what is for you the best
                    > settings to fix the situation ?

                    Hm, I have already said what I consider the best fix for the situation:
                    get rid of the catch-all and implement recipient validation.

                    --
                    Regards
                    mks
                  • David Touzeau
                    I think i have found the solution the solution is to populate the /etc/postfix/virtual with user s emails addresses maps before the catch-all instead this
                    Message 9 of 22 , Jul 1 10:03 AM
                    • 0 Attachment
                      I think i have found the solution

                      the solution is to populate the /etc/postfix/virtual with user's emails
                      addresses maps before the catch-all

                      instead this

                      @... all-users@...


                      fill this:

                      user1@... user1@...
                      user2@... user2@...
                      all-users@... all-users@...
                      @... all-users@...

                      and it's works !

                      Many thanks for your helps



                      On 01/07/2010 18:51, Markus Schönhaber wrote:
                      > 01.07.2010 18:13, David Touzeau:
                      >
                      >> THanks to explain to me the process but what is for you the best
                      >> settings to fix the situation ?
                      >
                      > Hm, I have already said what I consider the best fix for the situation:
                      > get rid of the catch-all and implement recipient validation.
                      >
                    Your message has been successfully submitted and would be delivered to recipients shortly.