RV: Problems with sender and recipient checks

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

RV: Problems with sender and recipient checks

Osmany Goderich

Hi.

 

My apologies to everyone who would find this annoying but I really need help on this so that I can solve the problem. So far I did not have any answer. I am sending it out one more time just in case the members of the list did not receive this.

 

De: Osmany Goderich [mailto:[hidden email]]
Enviado el: miércoles, 02 de julio de 2008 8:00
Para: '[hidden email]'
Asunto: Problems with sender and recipient checks

 

Hello everyone,

 

I have a little problem with the sender and recipient checks. What I have in mind is to restrict some users from sending or receiving mail out country and others to have unrestricted mail service. I have this postfix working with an LDAP backend, so all the users are in an LDAP database on another server.

 

This is what I have in my main.cf. I will only show the section where I work with the sender and recipient checks:

 

smtpd_restriction_classes = CUBA,

                            FROMCUBA,

                            SENDERIN,

                            RECIPIENTIN,

                            CLIENTIN,

                            HELOIN

 

SENDERIN = check_sender_access ldap:access,

           check_sender_access regexp:/etc/postfix/men1,

           reject

 

RECIPIENTIN = check_sender_access ldap:access,

              check_sender_access regexp:/etc/postfix/men1,

              reject

 

CLIENTIN = reject_non_fqdn_sender,

             reject_non_fqdn_recipient,

             reject_unknown_sender_domain,

             reject_unknown_recipient_domain,

             check_sender_access ldap:access,

             check_recipient_access ldap:access,

             permit_mynetworks,

             reject_unauth_destination,

             reject

 

HELOIN = permit

 

 

CUBA = check_sender_access hash:/etc/postfix/cuba,

         check_sender_access regexp:/etc/postfix/mensender,

           reject

 

FROMCUBA = check_recipient_access hash:/etc/postfix/fromcuba,

             check_recipient_access regexp:/etc/postfix/mensender,

           reject

 

This is what I have in the “cuba” file

 

.cu          FROMCUBA

 

This is what I have in the “fromcuba”file

 

.cu          OK

 

I can’t find out what I’m doing wrong. Whenever I try to send a mail to any .cu domain I get the reject message I have in the “mensender” file. Is there something I’m missing or is the order in which I have the rules wrong.

 

Thanks in advance.

Reply | Threaded
Open this post in threaded view
|

RE: RV: Problems with sender and recipient checks

Osmany Goderich
This is what comes out in the maillog.

Jul  4 12:47:31 test postfix/smtpd[2614]: >>> START Sender address
RESTRICTIONS <<<
Jul  4 12:47:31 test postfix/smtpd[2614]: generic_checks: name=CUBA
Jul  4 12:47:31 test postfix/smtpd[2614]: >>> START Sender address
RESTRICTIONS <<<
Jul  4 12:47:31 test postfix/smtpd[2614]: generic_checks:
name=check_sender_access
Jul  4 12:47:31 test postfix/smtpd[2614]: check_mail_access:
[hidden email]
Jul  4 12:47:31 test postfix/smtpd[2614]: ctable_locate: leave existing
entry key [hidden email]
Jul  4 12:47:31 test postfix/smtpd[2614]: check_access:
[hidden email]
Jul  4 12:47:31 test postfix/smtpd[2614]: check_domain_access:
jcprueba.cha.jovenclub.cu
Jul  4 12:47:31 test postfix/smtpd[2614]: check_access: test@
Jul  4 12:47:31 test postfix/smtpd[2614]: generic_checks:
name=check_sender_access status=0
Jul  4 12:47:31 test postfix/smtpd[2614]: generic_checks:
name=check_sender_access
Jul  4 12:47:31 test postfix/smtpd[2614]: check_mail_access:
[hidden email]
Jul  4 12:47:31 test postfix/smtpd[2614]: ctable_locate: leave existing
entry key [hidden email]
Jul  4 12:47:31 test postfix/smtpd[2614]: check_access:
[hidden email]
Jul  4 12:47:31 test postfix/smtpd[2614]: dict_regexp_lookup:
/etc/postfix/mensender: [hidden email]
Jul  4 12:47:31 test postfix/smtpd[2614]: check_table_result:
regexp:/etc/postfix/mensender REJECT Lo siento, Este usuario no puede enviar
o recibir mensajes fuera de Cuba. Sorry, this user cannot send or receive
messages outside Cuba. [hidden email]


P.S.: this is just a small part of what comes out in the maillog when I only
try to send one mail. I just posted a small part because it would be a very
long message sent to this list and some people might not like that. If
anyone is willing to help me I will gladly send an e-mail to their private
address with the complete log of the process.

-----Mensaje original-----
De: Arek Czereszewski [mailto:[hidden email]]
Enviado el: viernes, 04 de julio de 2008 6:29
Para: Osmany Goderich
Asunto: Re: RV: Problems with sender and recipient checks

Osmany Goderich pisze:
[...]
>  
>
> I can't find out what I'm doing wrong. Whenever I try to send a mail to
> any .cu domain I get the reject message I have in the "mensender" file.
> Is there something I'm missing or is the order in which I have the rules
> wrong.
>

Hi,

Can you show part of logs about this rejected message?

Regards
Arek
--
Arek Czereszewski
arek (at) wup-katowice (dot) pl
"UNIX allows me to work smarter, not harder."

Reply | Threaded
Open this post in threaded view
|

Re: RV: Problems with sender and recipient checks

Noel Jones-2
In reply to this post by Osmany Goderich
Osmany Goderich wrote:

>
> This is what I have in the “cuba” file
>
>  
>
> .cu          FROMCUBA
>
>  
>
> This is what I have in the “fromcuba”file
>
>  
>
> .cu          OK
>


# man 5 access
http://www.postfix.org/access.5.html
see the "EMAIL ADDRESS PATTERNS" section.

the lookup key is "cu" and not ".cu" unless you have changed
the default settings of parent_domain_matches_subdomains.

--
Noel Jones

Reply | Threaded
Open this post in threaded view
|

RE: RV: Problems with sender and recipient checks

Osmany Goderich
Now its working just fine. It was the dot in front of the pattern that was
not placed correctly. I really did not see that. Thank You so much. Very
grateful

-----Mensaje original-----
De: Noel Jones [mailto:[hidden email]]
Enviado el: viernes, 04 de julio de 2008 10:22
Para: Osmany Goderich
CC: [hidden email]
Asunto: Re: RV: Problems with sender and recipient checks

Osmany Goderich wrote:

>
> This is what I have in the "cuba" file
>
>  
>
> .cu          FROMCUBA
>
>  
>
> This is what I have in the "fromcuba"file
>
>  
>
> .cu          OK
>


# man 5 access
http://www.postfix.org/access.5.html
see the "EMAIL ADDRESS PATTERNS" section.

the lookup key is "cu" and not ".cu" unless you have changed
the default settings of parent_domain_matches_subdomains.

--
Noel Jones

Reply | Threaded
Open this post in threaded view
|

Re: RV: Problems with sender and recipient checks

mouss-2
Osmany Goderich wrote:
> Now its working just fine. It was the dot in front of the pattern that was
> not placed correctly. I really did not see that.


use both the version with a dot and the one without a dot, so that even
if you change parent_domain_matches_subdomains, you'll still have the
same results.

cu      blah blah
.cu      blah blah