POSTFIX - Lookup tables usage

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

POSTFIX - Lookup tables usage

jcdole
Hello.

I have some difficulties to understand how lookup tables are used in
postfix.
From my own usage, I know two usages
A) Single column.
You query with a parameter. If the parameter is found in the table you get a
non null value ( index value for example ). Depending of your usage you
decide what to do with the result ( stop or continue )
B) Two columns
You query with a parameter. If the parameter is found in the table you get
the value associated to the input parameter ( 'United States'  '01') and
generally the index position of the success; or null if nothing is found.

I need to limit mail senders to people whose name are only character 0-9 a-z
A-Z and . or - and domain exactly mon_domain.com. I have created a loookup
table 'sender_login_maps.pcre' in /etc/postfix
And main.cf contains :
smtpd_sender_restrictions =
        reject_non_fqdn_sender,
        reject_unknown_sender_domain,
        reject_sender_login_mismatch

smtpd_sender_login_maps = pcre:/etc/postfix/sender_login_maps.pcre


The lookup table contains (/etc/postfix/sender_login_maps.pcre) :
"/^[a-zA-Z0-9.-]+@mon_domain.com$/   ${1}"

Testing "/^[a-zA-Z0-9.-]+@mon_domain.com$/" on  some internet site, I got
good result with :
some.user@mon_domain --> *ok*
And
some.user@mon_domain@mon_domain --> *NULL* which is ok.

When I test with postfix :
sudo postmap -f -q [hidden email]
pcre:/etc/postfix/sender_login_maps.pcre
I got : *first.name*
and with sudo postmap -f -q [hidden email]@mon_domain.com
pcre:/etc/postfix/sender_login_maps.pcre
I got : *[hidden email]*

I was expecting '*[hidden email]*' in the first case and *NULL*
in the second case.

How to reject sending mail in then second case.

When sending a mail, I got this error :
août 24 19:55:41 G75VW postfix/smtpd[10860]: NOQUEUE: reject: RCPT from
G750JZ.mon_domain.com[192.168.130.100]: 553 5.7.1 <[hidden email]>:
*Sender address rejected: not owned by user [hidden email]*;
from=<[hidden email]> to=<[hidden email]> proto=ESMTP
helo=<G750JZ.mon_domain.com>

Where :
G750JZ.mon_domain.com is the sender computer
G75VW is the computer running postfix server
[hidden email] is the sender log as userA on the computer G750JZ
[hidden email] is the receiver

Any help is welcome.

PS: If you have some link to see real usage of lookup table please give.



-----
Thank you for helping
________
Opensuse Leap 15
--
Sent from: http://postfix.1071664.n5.nabble.com/Postfix-Users-f2.html
Thank you for helping
________
Opensuse Leap 15
Reply | Threaded
Open this post in threaded view
|

Re: POSTFIX - Lookup tables usage

jcdole
After many tests I found that this is working :

in main.cf :
-----------
smtpd_sender_restrictions =
        reject_non_fqdn_sender,
        reject_unknown_sender_domain,
        reject_sender_login_mismatch

smtpd_sender_login_maps = pcre:/etc/postfix/sasl_default_sender.pcre

in /etc/postfix/sasl_default_sender.pcre
--------------------------------------
/^\@/ 510 Invalid address format.

/[!%\@].*\@/ 511 This server disallows weird address syntax.

/^([a-zA-Z0-9.\-_]+)@my_domain.com$/ ${1}@my_domain.com

!/^([a-zA-Z0-9.\-_]+)@my_domain.com$/ 550 Invalid address







-----
Thank you for helping
________
Opensuse Leap 15
--
Sent from: http://postfix.1071664.n5.nabble.com/Postfix-Users-f2.html
Thank you for helping
________
Opensuse Leap 15
Reply | Threaded
Open this post in threaded view
|

Re: POSTFIX - Lookup tables usage

Wietse Venema
jcdole:

> After many tests I found that this is working :
>
> in main.cf :
> -----------
> smtpd_sender_restrictions =
> reject_non_fqdn_sender,
> reject_unknown_sender_domain,
> reject_sender_login_mismatch
>
> smtpd_sender_login_maps = pcre:/etc/postfix/sasl_default_sender.pcre

The lookup result of the smtpd_sender_login_maps table is either
"not found" or a list of SASL login names separated by comma and/or
whitespace. See
http://www.postfix.org/postconf.html#smtpd_sender_login_maps

> in /etc/postfix/sasl_default_sender.pcre
> --------------------------------------
> /^\@/ 510 Invalid address format.

That is not the format required by smtpd_sender_login_maps. Also,
510 is not an SMTP reply code. You may be confused with the 5.1.0
enhanced status code (Other address status).

> /[!%\@].*\@/ 511 This server disallows weird address syntax.

That is not the format required by smtpd_sender_login_maps. Also,
511 is not an SMTP reply code. You may be confused with the 5.1.1
enhanced status code (Bad destination mailbox address).

> /^([a-zA-Z0-9.\-_]+)@my_domain.com$/ ${1}@my_domain.com
>
> !/^([a-zA-Z0-9.\-_]+)@my_domain.com$/ 550 Invalid address
>
>
>
>
>
>
>
> -----
> Thank you for helping
> ________
> Opensuse Leap 15
> --
> Sent from: http://postfix.1071664.n5.nabble.com/Postfix-Users-f2.html
>