Rewriting local addresses before pickup

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

Rewriting local addresses before pickup

Matt Saladna

Hi all,

I have an odd setup in which each base directory contains a complete virtual filesystem with potentially overlapping usernames (UIDs are unique). domain1.com could consist of system user user1 (UID: 500), user2 (UID: 501). domain2.com could consist of user1 (UID: 502), user12 (UID: 503), and so on. Any mail generated from shell that depends upon Postfix to append $myorigin will append the server name instead of the local virtual domain.

Setting $myhostname and $append_at_myorigin backfires with this setup, because that happens after pickup in trivial-rewrite that operates outside the virtual filesystem, so the real server name is always used. Mapping these users via /etc/aliases won't work either since usernames are not guaranteed to be unique across accounts.

Is there a way to either:

- Log the UID of pickup and rewrite sender based upon it
- Convert the sender into a FQDN before pickup, for example if mail generates via cron

Here's a sample from a locally generated message,

*** ENVELOPE RECORDS active/5735B1C15862F ***
message_size:             480             298               1               0             480               0
message_arrival_time: Sat Dec 22 20:29:22 2018
create_time: Sat Dec 22 20:29:22 2018
named_attribute: rewrite_context=local
sender_fullname:
sender: [hidden email]
named_attribute: [hidden email]
original_recipient: [hidden email]
recipient: [hidden email]

Ideally my.server.name would be converted to apisnetworks.com at or before pickup so that any DSN can route back.

- Matt

Reply | Threaded
Open this post in threaded view
|

Re: Rewriting local addresses before pickup

Viktor Dukhovni
On Sat, Dec 22, 2018 at 07:32:37PM -0600, Matt Saladna wrote:

> I have an odd setup in which each base directory contains a complete
> virtual filesystem with potentially overlapping usernames (UIDs are
> unique). domain1.com could consist of system user user1 (UID: 500),
> user2 (UID: 501). domain2.com could consist of user1 (UID: 502), user12
> (UID: 503), and so on. Any mail generated from shell that depends upon
> Postfix to append $myorigin will append the server name instead of the
> local virtual domain.
>
> Setting $myhostname and $append_at_myorigin backfires with this setup,
> because that happens after pickup in trivial-rewrite that operates
> outside the virtual filesystem, so the real server name is always used.
> Mapping these users via /etc/aliases won't work either since usernames
> are not guaranteed to be unique across accounts.
>
> Is there a way to either:
>
> - Log the UID of pickup and rewrite sender based upon it
> - Convert the sender into a FQDN before pickup, for example if mail
> generates via cron

No, for this you also a separate Postfix instance for each logical
container.  By the time the mail leaves the container it is too
late.

--
        Viktor.
Reply | Threaded
Open this post in threaded view
|

Re: Rewriting local addresses before pickup

Matt Saladna

I feared that. Are there any suitable sendmail wrappers that would provide equivalent functionality?

- Matt


On 12/22/2018 7:47 PM, Viktor Dukhovni wrote:
On Sat, Dec 22, 2018 at 07:32:37PM -0600, Matt Saladna wrote:

I have an odd setup in which each base directory contains a complete 
virtual filesystem with potentially overlapping usernames (UIDs are 
unique). domain1.com could consist of system user user1 (UID: 500), 
user2 (UID: 501). domain2.com could consist of user1 (UID: 502), user12 
(UID: 503), and so on. Any mail generated from shell that depends upon 
Postfix to append $myorigin will append the server name instead of the 
local virtual domain.

Setting $myhostname and $append_at_myorigin backfires with this setup, 
because that happens after pickup in trivial-rewrite that operates 
outside the virtual filesystem, so the real server name is always used. 
Mapping these users via /etc/aliases won't work either since usernames 
are not guaranteed to be unique across accounts.

Is there a way to either:

- Log the UID of pickup and rewrite sender based upon it
- Convert the sender into a FQDN before pickup, for example if mail 
generates via cron
No, for this you also a separate Postfix instance for each logical
container.  By the time the mail leaves the container it is too
late.

Reply | Threaded
Open this post in threaded view
|

Re: Rewriting local addresses before pickup

Viktor Dukhovni
In reply to this post by Viktor Dukhovni
> On Dec 22, 2018, at 11:34 PM, Matt Saladna <[hidden email]> wrote:
>
> I feared that. Are there any suitable sendmail wrappers that would provide equivalent functionality?

With Postfix, it suffices to set the "MAIL_CONFIG" environment
variable, which results in /usr/sbin/sendmail submitting mail
to a different Postfix instance, provided that instance allows
local submission.  See MULTI_INSTANCE_README.

So the wrapper could be as simple as:

  #! /bin/sh
  export MAIL_CONFIG=/etc/postfix-foo
  exec /usr/sbin/sendmail "$@"

provided you could get the PATH set appropriately in the various
"containers".  If they must all run the same executable, and
a priori custom environment variables are not an option, then
you'll a wrapper than maps the caller's uid to a MAIL_CONFIG
setting.

You could of course then attempt to rewrite the message instead,
and forgo the multiple instances.  Your call...

--
        Viktor.

Reply | Threaded
Open this post in threaded view
|

Re: Rewriting local addresses before pickup

Andrey Repin-2
In reply to this post by Matt Saladna
Greetings, Matt Saladna!

> I feared that. Are there any suitable sendmail wrappers that would  provide
> equivalent functionality?

I didn't quite get your setup, but if these "virtual systems" are isolated and
send mail via some means to the main mail exchange, use something like ssmtp
on premises.
It will do most of the leg work without much of the full server overhead.

> - Matt
>  

>  
>  
> On 12/22/2018 7:47 PM, Viktor Dukhovni       wrote:
>    
>  
> On Sat, Dec 22, 2018 at 07:32:37PM -0600, Matt Saladna wrote:


>  
>  
> I have an odd setup in which each base directory contains a complete
> virtual filesystem with potentially overlapping usernames (UIDs are
> unique). domain1.com could consist of system user user1 (UID: 500),
> user2 (UID: 501). domain2.com could consist of user1 (UID: 502), user12
> (UID: 503), and so on. Any mail generated from shell that depends upon
> Postfix to append $myorigin will append the server name instead of the
> local virtual domain.

> Setting $myhostname and $append_at_myorigin backfires with this setup,
> because that happens after pickup in trivial-rewrite that operates
> outside the virtual filesystem, so the real server name is always used.
> Mapping these users via /etc/aliases won't work either since usernames
> are not guaranteed to be unique across accounts.

> Is there a way to either:

> - Log the UID of pickup and rewrite sender based upon it
> - Convert the sender into a FQDN before pickup, for example if mail
> generates via cron

>  
>  

> No, for this you also a separate Postfix instance for each logical
> container.  By the time the mail leaves the container it is too
> late.


>  
>    


--
With best regards,
Andrey Repin
Monday, December 24, 2018 1:33:06

Sorry for my terrible english...