Virtual and delimited addresses?

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
8 messages Options
Reply | Threaded
Open this post in threaded view
|

Virtual and delimited addresses?

@lbutlr
I have a user, say 'user' who uses delimited addresses like [hidden email]
, [hidden email], etc.

He wants specific delimited addresses to be rejected, if possible  
during SMTP transaction (that is, bounced after the fact).

Currently I have:

virtual_alias_maps =
     hash:/usr/local/etc/postfix/virtual,
     pcre:/usr/local/etc/postfix/virtual.pcre,
     mysql:/usr/local/etc/postfix/mysql_virtual_alias_maps.cf

and I was thinking that adding a line to the /usr/local/etc/postfix/
virtual.pcre might do the trick, but then I thought that was probably  
not right. In virtual I currently have:

HOSTEDOMAIN.TLD       DOMAIN
[hidden email]   hd-user

check_recipient_access, perhaps?

that file contains:

/^\@/ 550 Invalid address format.
/[!%\@].*\@/ 550 Weird address syntax, try [hidden email] format
/^www$/ 550 Invalid Webmail return address

so adding a simple:

/^hd-user+foo\@mydomain.tld/ 550 No such user

might do the trick?

Still, though I'd best ask before mucking about.

--
"Queen Isabella and King Ferdinand kicked 200,000 Jews out of
        Spain, one of the first acts of the Spanish Inquisition, which
        no one ever expects " -- John Carroll's 21st Annual Xmas Quiz
        answers

Reply | Threaded
Open this post in threaded view
|

Re: Virtual and delimited addresses?

MrC-7
LuKreme wrote:

> I have a user, say 'user' who uses delimited addresses like
> [hidden email], [hidden email], etc.
>
> He wants specific delimited addresses to be rejected, if possible during
> SMTP transaction (that is, bounced after the fact).
>
> Currently I have:
>
> virtual_alias_maps =
>     hash:/usr/local/etc/postfix/virtual,
>     pcre:/usr/local/etc/postfix/virtual.pcre,
>     mysql:/usr/local/etc/postfix/mysql_virtual_alias_maps.cf
>
> and I was thinking that adding a line to the
> /usr/local/etc/postfix/virtual.pcre might do the trick, but then I
> thought that was probably not right. In virtual I currently have:
>
> HOSTEDOMAIN.TLD           DOMAIN
> [hidden email]   hd-user
>
> check_recipient_access, perhaps?
>
> that file contains:
>
> /^\@/ 550 Invalid address format.
> /[!%\@].*\@/ 550 Weird address syntax, try [hidden email] format
> /^www$/ 550 Invalid Webmail return address
>
> so adding a simple:
>
> /^hd-user+foo\@mydomain.tld/ 550 No such user
>
> might do the trick?
>
> Still, though I'd best ask before mucking about.
>

Yes, that will work.  I have a similar setup:

main.cf:
   smtpd_recipient_restrictions =
      ...
      check_recipient_access
          pcre:/usr/pkg/etc/postfix/invalid_recipients.pcre
      permit_mynetworks

invalid_recipients.pcre:
   /^[hidden email]/                      REJECT
   ...

Don't place any OKs in this map.

Reply | Threaded
Open this post in threaded view
|

Re: Virtual and delimited addresses?

Magnus Bäck
On Thursday, July 10, 2008 at 08:24 CEST,
     MrC <[hidden email]> wrote:

> LuKreme wrote:
>
> > I have a user, say 'user' who uses delimited addresses like
> > [hidden email], [hidden email], etc.
> >
> > He wants specific delimited addresses to be rejected, if possible
> > during SMTP transaction (that is, bounced after the fact).

Rejected, you mean. Bouncing occur after the SMTP transaction.

[...]

[...]

> main.cf:
>    smtpd_recipient_restrictions =
>       ...
>       check_recipient_access
>           pcre:/usr/pkg/etc/postfix/invalid_recipients.pcre
>       permit_mynetworks
>
> invalid_recipients.pcre:
>    /^[hidden email]/                      REJECT
>    ...
>
> Don't place any OKs in this map.

This particular recipient address does not require a regular expression,
but if you insist then don't be sloppy. The expression above matches the
following strings:

   [hidden email]
   [hidden email]
   [hidden email]

It does NOT match the following string:

   [hidden email]

A correct expression looks like this:

   /^me\+unwanted@example\.com$/                    REJECT

--
Magnus Bäck
[hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Virtual and delimited addresses?

@lbutlr
In reply to this post by MrC-7
On 10-Jul-2008, at 00:24, MrC wrote:
>> check_recipient_access, perhaps?
>
> Yes, that will work.  I have a similar setup:


Thanks, appreciate it.

--
A: You can never go too far. B: If I'm gonna get busted, it is
        *not* gonna be by a guy like *that*.

Reply | Threaded
Open this post in threaded view
|

Re: Virtual and delimited addresses?

MrC-7
In reply to this post by Magnus Bäck

>> main.cf:
>>    smtpd_recipient_restrictions =
>>       ...
>>       check_recipient_access
>>           pcre:/usr/pkg/etc/postfix/invalid_recipients.pcre
>>       permit_mynetworks
>>
>> invalid_recipients.pcre:
>>    /^[hidden email]/                      REJECT
>>    ...
>>
>> Don't place any OKs in this map.

Magnus Bäck wrote:

> This particular recipient address does not require a regular expression,

... but the others in my list do.

> but if you insist then don't be sloppy. The expression above matches the
> following strings:
>
>    [hidden email]
>    [hidden email]
>    [hidden email]
>
> It does NOT match the following string:
>
>    [hidden email]
>
> A correct expression looks like this:
>
>    /^me\+unwanted@example\.com$/                    REJECT
>


Yes, you are correct.  My delimiter is not +, and I performed a quick,
sloppy replacement after pasting in the email reply.  My focus was on
the OPs basic question:  can one reject a recipient delimited address.

Apologies.
Reply | Threaded
Open this post in threaded view
|

Re: Virtual and delimited addresses?

@lbutlr
In reply to this post by Magnus Bäck
On 10-Jul-2008, at 01:44, Magnus Bäck wrote:

> On Thursday, July 10, 2008 at 08:24 CEST,
>     MrC <[hidden email]> wrote:
>> LuKreme wrote:
>>
>>> I have a user, say 'user' who uses delimited addresses like
>>> [hidden email], [hidden email], etc.
>>>
>>> He wants specific delimited addresses to be rejected, if possible
>>> during SMTP transaction (that is, bounced after the fact).
>
> Rejected, you mean. Bouncing occur after the SMTP transaction.

Yes, that's why I said rejected.  However, the parenthetical was  
supposed to say "NOT bounced after the fact".  Stupid editor, I should  
fire him.

>> main.cf:
>>   smtpd_recipient_restrictions =
>>      ...
>>      check_recipient_access
>>          pcre:/usr/pkg/etc/postfix/invalid_recipients.pcre
>>      permit_mynetworks
>>
>> invalid_recipients.pcre:
>>   /^[hidden email]/                      REJECT
>>   ...
>>
>> Don't place any OKs in this map.
>
> This particular recipient address does not require a regular  
> expression,

The file is already a pcre

> A correct expression looks like this:
>
>   /^me\+unwanted@example\.com$/                    REJECT

Right.  I guess the question is, though, when the address hits the  
smtpd_recipient_restrictions will it be [hidden email] or  
will it have already gone through virtual to become [hidden email]
?

/^user\+foo@hostedomain\.tld$/

or

/^user\+foo@mydomain\.tld$/


--
If we get through this alive I'll meet you next week same place
        same time

Reply | Threaded
Open this post in threaded view
|

Re: Virtual and delimited addresses?

Magnus Bäck
On Thursday, July 10, 2008 at 10:33 CEST,
     LuKreme <[hidden email]> wrote:

[...]

> Right.  I guess the question is, though, when the address hits the
> smtpd_recipient_restrictions will it be [hidden email] or
> will it have already gone through virtual to become
> [hidden email] ?

The former. Recipient restrictions act on the original addresses,
i.e.  before any address rewriting takes place.

--
Magnus Bäck
[hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Virtual and delimited addresses?

Victor Duchovni
On Thu, Jul 10, 2008 at 11:43:29AM +0200, Magnus B?ck wrote:

> On Thursday, July 10, 2008 at 10:33 CEST,
>      LuKreme <[hidden email]> wrote:
>
> [...]
>
> > Right.  I guess the question is, though, when the address hits the
> > smtpd_recipient_restrictions will it be [hidden email] or
> > will it have already gone through virtual to become
> > [hidden email] ?
>
> The former. Recipient restrictions act on the original addresses,
> i.e.  before any address rewriting takes place.

The address is however, subject to rewriting to standard (internal)
form by trivial-rewrite. The most important consequence of this is
that:

        <@route1,@route2:user@remote>
        "user@remote"@local
        user%remote@local
        remote!user@local
        ...

all become:

        user@remote

when "local" is a domain listed in mydestination. Otherwise the
address is unmodified.

--
        Viktor.

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.

To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:[hidden email]?body=unsubscribe%20postfix-users>

If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.