Quantcast

sender_dependent_relay_maps: what if sender does not match?

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

sender_dependent_relay_maps: what if sender does not match?

Michael Donovan-3
I set up Postfix based on http://www.postfix.org/SOHO_README.html
I've got sender_dependent_relay_maps working as expected for the users in the map.  


In main.cf, I have relayhost set to null, ie. relayhost=
My sender_relay map looks like this:  
[hidden email]   [smtp.gmail.com]:587
[hidden email]   [smtp.gmail.com]:587  


sasl_passwd looks like this:  
[hidden email]   gmailuser1:gmailpassword1
[hidden email]   gmailuser2:gmailpassword2  


This works just fine for user1 and user2.
  
But let's say [hidden email]  tries to send mail to [hidden email].  
user3 is not in the relay map. 
There's no relayhost=
so Postfix sends the mail directly to yahoo.com via smtp. 
This is documented behavior, from what I can tell.  


What I want is for Postfix to NOT send the mail for user3 at all. Instead immediately bounce it back to user3 as undeliverable.  
I'm not quite sure how to do this.
I guess I could do something with  smtpd_recipient_restrictions, but that looks like I'd need to specify each user that should not send to off site destinations. 
More things to remember when adding a new user...  
I'd rather have something that says "If you are not in the sender_dependent_relay_map, I won't send your mail"  


Thanks  
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: sender_dependent_relay_maps: what if sender does not match?

Wietse Venema
Michael Donovan:
> What I want is for Postfix to NOT send the mail [when the sender
> does not match sender_dependent_relayhost_maps] at all. Instead
> immediately bounce it back to user3 as undeliverable.

This is easier with sender_dependent_default_transport_maps:

What follows is untested, and may not work if you also have other
transport overrides in place such as transport_maps or relayhost
settings.

/etc/postfix/main.cf:
    default_transport = error:you can't go there from here
    sender_dependent_default_transport_maps = hash:/etc/postfix/sender_relay

/etc/postfix/sender_relay:
    [hidden email] smtp:relayhost-for-joe
    [hidden email] smtp:relayhost-for-jane

Of course this means that any mail from outside that can't be
delivered will be lost (the notification has a null sender which
won't match your table).

To avoid loss of bounces you turn on double-bounce notification:

/etc/postfix/main.cf:
    notify_classes = resource, software, 2bounce

The priority order of Postfix routing is hard-coded (i.e. still to
be made configurable) and the documentation is kind-of obscure.
Read carefully.

        Wietse
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: sender_dependent_relay_maps: what if sender does not match?

Michael Donovan-3
Resolved!
That did the trick!
Thanks.

A little explanation:
This Postfix is for a Debian LAMP server that hosts mainly Wordpress blogs.
All of our customers have their mail set up with Google Apps,
so we don't need Postfix as an MX for their domains.
They all have mail addresses like [hidden email] rather than [hidden email]

Each blog runs under a different Linux user account, rather than
www-data. (Apache mpm-itk)
I don't want Postfix to ever send mail directly, always go through the
correct gmail account.
Basically, I'm making Postfix act like a multi-user Thunderbird email
client.

I know there are plugins for Wordpress that can do this directly without
involving Postfix,
but I am trying to make life easier for my customers. We also have
non-Wordpress apps that use php_mail(),
and even an ancient perl cgi script that can't talk TLS.

For anyone who wants to do this using gmail as the transport, here's
what I did on Debian Squeeze.

Install Postfix. I chose "Satellite system"

Generate the cacert.pem:
# cat /usr/lib/ssl/certs/Equifax_Secure_CA.pem >> /etc/postfix/cacert.pem
# cat /usr/lib/ssl/certs/Thawte_Premium_Server_CA.pem >>
/etc/postfix/cacert.pem

I don't think you need the Thawte_Premium one anymore, but it doesn't
hurt anything.

/etc/postfix/main.cf:

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
config_directory = /etc/postfix
default_transport = error:you can't go there from here
html_directory = /usr/share/doc/postfix/html
inet_interfaces = loopback-only
inet_protocols = ipv4
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
mydestination = $myhostname, localhost.localdomain, localhost
myhostname = myhost.mydomain.net
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = /etc/mailname
readme_directory = /usr/share/doc/postfix
recipient_delimiter = +
sender_dependent_default_transport_maps = hash:/etc/postfix/sender_transport
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_sender_dependent_authentication = yes
smtp_tls_CAfile = /etc/postfix/cacert.pem
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes

/etc/mailname:
myhost.mydomain.net

/etc/postfix/sender_transport
[hidden email]    smtp:[smtp.gmail.com]:587
[hidden email]    smtp:[smtp.gmail.com]:587

/etc/postfix/sasl_passwd
[hidden email]    [hidden email]:gmailpassword1
[hidden email]    [hidden email]:gmailpassword2

Hash the files with postmap:
# postmap sender_transport
# postmap sasl_passwd

Restart:
# /etc/init.d/postfix restart

user1 and user2 send mail through their respective gmail accounts.
user3 is a linux user, but not in the transport list, so any mail he sends
gets bounced back to his local mailbox /var/spool/mail/user3

Regards,
Mike Donovan

On 12/14/2011 01:18 PM, Wietse Venema wrote:

Michael Donovan:

>
>What I want is for Postfix to NOT send the mail [when the sender
>>does not match sender_dependent_relayhost_maps] at all. Instead
>>immediately bounce it back to user3 as undeliverable.
>>This is easier with sender_dependent_default_transport_maps:
>
>What follows is untested, and may not work if you also have other
>transport overrides in place such as transport_maps or relayhost
>settings.
>
>/etc/postfix/main.cf:
>     default_transport = error:you can't go there from here
>     sender_dependent_default_transport_maps = hash:/etc/postfix/sender_relay
>
>/etc/postfix/sender_relay:
>     [hidden email]    smtp:relayhost-for-joe
>     [hidden email]    smtp:relayhost-for-jane
>
>Of course this means that any mail from outside that can't be
>delivered will be lost (the notification has a null sender which
>won't match your table).
>
>To avoid loss of bounces you turn on double-bounce notification:
>
>/etc/postfix/main.cf:
>     notify_classes = resource, software, 2bounce
>
>The priority order of Postfix routing is hard-coded (i.e. still to
>be made configurable) and the documentation is kind-of obscure.
>Read carefully.
>
>    Wietse
>
>
>


----- Original Message -----
From: Wietse Venema <[hidden email]>
To: Postfix users <[hidden email]>
Cc:
Sent: Wednesday, December 14, 2011 1:18 PM
Subject: Re: sender_dependent_relay_maps: what if sender does not match?

Michael Donovan:
> What I want is for Postfix to NOT send the mail [when the sender
> does not match sender_dependent_relayhost_maps] at all. Instead
> immediately bounce it back to user3 as undeliverable.

This is easier with sender_dependent_default_transport_maps:

What follows is untested, and may not work if you also have other
transport overrides in place such as transport_maps or relayhost
settings.

/etc/postfix/main.cf:
    default_transport = error:you can't go there from here
    sender_dependent_default_transport_maps = hash:/etc/postfix/sender_relay

/etc/postfix/sender_relay:
    [hidden email]    smtp:relayhost-for-joe
    [hidden email]    smtp:relayhost-for-jane

Of course this means that any mail from outside that can't be
delivered will be lost (the notification has a null sender which
won't match your table).

To avoid loss of bounces you turn on double-bounce notification:

/etc/postfix/main.cf:
    notify_classes = resource, software, 2bounce

The priority order of Postfix routing is hard-coded (i.e. still to
be made configurable) and the documentation is kind-of obscure.
Read carefully.

    Wietse

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: sender_dependent_relay_maps: what if sender does not match?

Wietse Venema
Michael Donovan:
> Resolved!
> That did the trick!
> Thanks.

Don't forget to set notify_classes as described in my reply, because
otherwise undeliverable outbound mail may be lost (the notification
has the null sender address, which does not match your per-sender
table).

My original reply was incomplete and talked inbound mail.  In reality
all undeliverable mail notification has the null sender address.

By including 2bounce in the notify_classes setting, a copy of
the undeliverable notification will be sent to postmaster.

You will want to test what happens when you send a mail to a bad
address from wordpress. It would be bad if the mail would go down
a blackhole.

        Wietse

> A little explanation:
> This Postfix is for a Debian LAMP server that hosts mainly Wordpress blogs.
> All of our customers have their mail set up with Google Apps,
> so we don't need Postfix as an MX for their domains.
> They all have mail addresses like [hidden email] rather than [hidden email]
>
> Each blog runs under a different Linux user account, rather than
> www-data. (Apache mpm-itk)
> I don't want Postfix to ever send mail directly, always go through the
> correct gmail account.
> Basically, I'm making Postfix act like a multi-user Thunderbird email
> client.
>
> I know there are plugins for Wordpress that can do this directly without
> involving Postfix,
> but I am trying to make life easier for my customers. We also have
> non-Wordpress apps that use php_mail(),
> and even an ancient perl cgi script that can't talk TLS.
>
> For anyone who wants to do this using gmail as the transport, here's
> what I did on Debian Squeeze.
>
> Install Postfix. I chose "Satellite system"
>
> Generate the cacert.pem:
> # cat /usr/lib/ssl/certs/Equifax_Secure_CA.pem >> /etc/postfix/cacert.pem
> # cat /usr/lib/ssl/certs/Thawte_Premium_Server_CA.pem >>
> /etc/postfix/cacert.pem
>
> I don't think you need the Thawte_Premium one anymore, but it doesn't
> hurt anything.
>
> /etc/postfix/main.cf:
>
> alias_database = hash:/etc/aliases
> alias_maps = hash:/etc/aliases
> append_dot_mydomain = no
> biff = no
> config_directory = /etc/postfix
> default_transport = error:you can't go there from here
> html_directory = /usr/share/doc/postfix/html
> inet_interfaces = loopback-only
> inet_protocols = ipv4
> mailbox_command = procmail -a "$EXTENSION"
> mailbox_size_limit = 0
> mydestination = $myhostname, localhost.localdomain, localhost
> myhostname = myhost.mydomain.net
> mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
> myorigin = /etc/mailname
> readme_directory = /usr/share/doc/postfix
> recipient_delimiter = +
> sender_dependent_default_transport_maps = hash:/etc/postfix/sender_transport
> smtp_sasl_auth_enable = yes
> smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
> smtp_sasl_security_options = noanonymous
> smtp_sender_dependent_authentication = yes
> smtp_tls_CAfile = /etc/postfix/cacert.pem
> smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
> smtp_use_tls = yes
> smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
> smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
> smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
> smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
> smtpd_use_tls = yes
>
> /etc/mailname:
> myhost.mydomain.net
>
> /etc/postfix/sender_transport
> [hidden email]??? smtp:[smtp.gmail.com]:587
> [hidden email]??? smtp:[smtp.gmail.com]:587
>
> /etc/postfix/sasl_passwd
> [hidden email]??? [hidden email]:gmailpassword1
> [hidden email]??? [hidden email]:gmailpassword2
>
> Hash the files with postmap:
> # postmap sender_transport
> # postmap sasl_passwd
>
> Restart:
> # /etc/init.d/postfix restart
>
> user1 and user2 send mail through their respective gmail accounts.
> user3 is a linux user, but not in the transport list, so any mail he sends
> gets bounced back to his local mailbox /var/spool/mail/user3
>
> Regards,
> Mike Donovan
>
> On 12/14/2011 01:18 PM, Wietse Venema wrote:
>
> Michael Donovan:
> >
> >What I want is for Postfix to NOT send the mail [when the sender
> >>does not match sender_dependent_relayhost_maps] at all. Instead
> >>immediately bounce it back to user3 as undeliverable.
> >>This is easier with sender_dependent_default_transport_maps:
> >
> >What follows is untested, and may not work if you also have other
> >transport overrides in place such as transport_maps or relayhost
> >settings.
> >
> >/etc/postfix/main.cf:
> >???? default_transport = error:you can't go there from here
> >???? sender_dependent_default_transport_maps = hash:/etc/postfix/sender_relay
> >
> >/etc/postfix/sender_relay:
> >???? [hidden email]??? smtp:relayhost-for-joe
> >???? [hidden email]??? smtp:relayhost-for-jane
> >
> >Of course this means that any mail from outside that can't be
> >delivered will be lost (the notification has a null sender which
> >won't match your table).
> >
> >To avoid loss of bounces you turn on double-bounce notification:
> >
> >/etc/postfix/main.cf:
> >???? notify_classes = resource, software, 2bounce
> >
> >The priority order of Postfix routing is hard-coded (i.e. still to
> >be made configurable) and the documentation is kind-of obscure.
> >Read carefully.
> >
> >????Wietse
> >
> >
> >
>
>
> ----- Original Message -----
> From: Wietse Venema <[hidden email]>
> To: Postfix users <[hidden email]>
> Cc:
> Sent: Wednesday, December 14, 2011 1:18 PM
> Subject: Re: sender_dependent_relay_maps: what if sender does not match?
>
> Michael Donovan:
> > What I want is for Postfix to NOT send the mail [when the sender
> > does not match sender_dependent_relayhost_maps] at all. Instead
> > immediately bounce it back to user3 as undeliverable.
>
> This is easier with sender_dependent_default_transport_maps:
>
> What follows is untested, and may not work if you also have other
> transport overrides in place such as transport_maps or relayhost
> settings.
>
> /etc/postfix/main.cf:
> ? ? default_transport = error:you can't go there from here
> ? ? sender_dependent_default_transport_maps = hash:/etc/postfix/sender_relay
>
> /etc/postfix/sender_relay:
> ? ? [hidden email]??? smtp:relayhost-for-joe
> ? ? [hidden email]??? smtp:relayhost-for-jane
>
> Of course this means that any mail from outside that can't be
> delivered will be lost (the notification has a null sender which
> won't match your table).
>
> To avoid loss of bounces you turn on double-bounce notification:
>
> /etc/postfix/main.cf:
> ? ? notify_classes = resource, software, 2bounce
>
> The priority order of Postfix routing is hard-coded (i.e. still to
> be made configurable) and the documentation is kind-of obscure.
> Read carefully.
>
> ??? Wietse
>
> >
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: sender_dependent_relay_maps: what if sender does not match?

Michael Donovan-3
In reply to this post by Michael Donovan-3
OK, I set notify_classes = resource, software, 2bounce 
I tested with various bad email addresses in various scenarios.
The undeliverable notification always is sent to either: 
the user's gmail mailbox.
the postmaster. 
Here's how it works:
If localhost config is incorrect, then
     postmaster gets the notification.
     I fix it.
else
     localhost is correctly configured.
     Wordpress site sends to an invalid address.
     /var/log/mail.log shows successful delivery to gmail.
     user's gmail gets the notification, but not postmaster.
     If I need to fix it, then
         "billable hours" 
This is exactly what I want.
Thanks again. 
Regards,
Mike Donovan 
On 12/14/2011 05:06 PM, Wietse Venema wrote:

> Michael Donovan:
>> Resolved!
>> That did the trick!
>> Thanks.
> Don't forget to set notify_classes as described in my reply, because
> otherwise undeliverable outbound mail may be lost (the notification
> has the null sender address, which does not match your per-sender
> table).
>
> My original reply was incomplete and talked inbound mail.  In reality
> all undeliverable mail notification has the null sender address.
>
> By including 2bounce in the notify_classes setting, a copy of
> the undeliverable notification will be sent to postmaster.
>
> You will want to test what happens when you send a mail to a bad
> address from wordpress. It would be bad if the mail would go down
> a blackhole.
>
>  Wietse
>
>> A little explanation:
>> This Postfix is for a Debian LAMP server that hosts mainly Wordpress blogs.
>> All of our customers have their mail set up with Google Apps,
>> so we don't need Postfix as an MX for their domains.
>> They all have mail addresses like [hidden email] rather than [hidden email]
>>
>> Each blog runs under a different Linux user account, rather than
>> www-data. (Apache mpm-itk)
>> I don't want Postfix to ever send mail directly, always go through the
>> correct gmail account.
>> Basically, I'm making Postfix act like a multi-user Thunderbird email
>> client.
>>
>> I know there are plugins for Wordpress that can do this directly without
>> involving Postfix,
>> but I am trying to make life easier for my customers. We also have
>> non-Wordpress apps that use php_mail(),
>> and even an ancient perl cgi script that can't talk TLS.
>>
>> For anyone who wants to do this using gmail as the transport, here's
>> what I did on Debian Squeeze.
>>
>> Install Postfix. I chose "Satellite system"
>>
>> Generate the cacert.pem:
>> # cat /usr/lib/ssl/certs/Equifax_Secure_CA.pem>>  /etc/postfix/cacert.pem
>> # cat /usr/lib/ssl/certs/Thawte_Premium_Server_CA.pem>>
>> /etc/postfix/cacert.pem
>>
>> I don't think you need the Thawte_Premium one anymore, but it doesn't
>> hurt anything.
>>
>> /etc/postfix/main.cf:
>>
>> alias_database = hash:/etc/aliases
>> alias_maps = hash:/etc/aliases
>> append_dot_mydomain = no
>> biff = no
>> config_directory = /etc/postfix
>> default_transport = error:you can't go there from here
>> html_directory = /usr/share/doc/postfix/html
>> inet_interfaces = loopback-only
>> inet_protocols = ipv4
>> mailbox_command = procmail -a "$EXTENSION"
>> mailbox_size_limit = 0
>> mydestination = $myhostname, localhost.localdomain, localhost
>> myhostname = myhost.mydomain.net
>> mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
>> myorigin = /etc/mailname
>> readme_directory = /usr/share/doc/postfix
>> recipient_delimiter = +
>> sender_dependent_default_transport_maps = hash:/etc/postfix/sender_transport
>> smtp_sasl_auth_enable = yes
>> smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
>> smtp_sasl_security_options = noanonymous
>> smtp_sender_dependent_authentication = yes
>> smtp_tls_CAfile = /etc/postfix/cacert.pem
>> smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
>> smtp_use_tls = yes
>> smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
>> smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
>> smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
>> smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
>> smtpd_use_tls = yes
>>
>> /etc/mailname:
>> myhost.mydomain.net
>>
>> /etc/postfix/sender_transport
>> [hidden email]??? smtp:[smtp.gmail.com]:587
>> [hidden email]??? smtp:[smtp.gmail.com]:587
>>
>> /etc/postfix/sasl_passwd
>> [hidden email]??? [hidden email]:gmailpassword1
>> [hidden email]??? [hidden email]:gmailpassword2
>>
>> Hash the files with postmap:
>> # postmap sender_transport
>> # postmap sasl_passwd
>>
>> Restart:
>> # /etc/init.d/postfix restart
>>
>> user1 and user2 send mail through their respective gmail accounts.
>> user3 is a linux user, but not in the transport list, so any mail he sends
>> gets bounced back to his local mailbox /var/spool/mail/user3
>>
>> Regards,
>> Mike Donovan
>>
>> On 12/14/2011 01:18 PM, Wietse Venema wrote:
>>
>> Michael Donovan:
>>> What I want is for Postfix to NOT send the mail [when the sender
>>>> does not match sender_dependent_relayhost_maps] at all. Instead
>>>> immediately bounce it back to user3 as undeliverable.
>>>> This is easier with sender_dependent_default_transport_maps:
>>> What follows is untested, and may not work if you also have other
>>> transport overrides in place such as transport_maps or relayhost
>>> settings.
>>>
>>> /etc/postfix/main.cf:
>>> ???? default_transport = error:you can't go there from here
>>> ???? sender_dependent_default_transport_maps = hash:/etc/postfix/sender_relay
>>>
>>> /etc/postfix/sender_relay:
>>> ???? [hidden email]??? smtp:relayhost-for-joe
>>> ???? [hidden email]??? smtp:relayhost-for-jane
>>>
>>> Of course this means that any mail from outside that can't be
>>> delivered will be lost (the notification has a null sender which
>>> won't match your table).
>>>
>>> To avoid loss of bounces you turn on double-bounce notification:
>>>
>>> /etc/postfix/main.cf:
>>> ???? notify_classes = resource, software, 2bounce
>>>
>>> The priority order of Postfix routing is hard-coded (i.e. still to
>>> be made configurable) and the documentation is kind-of obscure.
>>> Read carefully.
>>>
>>> ????Wietse
>>>
>>>
>>>
>>
>> ----- Original Message -----
>> From: Wietse Venema<[hidden email]>
>> To: Postfix users<[hidden email]>
>> Cc:
>> Sent: Wednesday, December 14, 2011 1:18 PM
>> Subject: Re: sender_dependent_relay_maps: what if sender does not match?
>>
>> Michael Donovan:
>>> What I want is for Postfix to NOT send the mail [when the sender
>>> does not match sender_dependent_relayhost_maps] at all. Instead
>>> immediately bounce it back to user3 as undeliverable.
>> This is easier with sender_dependent_default_transport_maps:
>>
>> What follows is untested, and may not work if you also have other
>> transport overrides in place such as transport_maps or relayhost
>> settings.
>>
>> /etc/postfix/main.cf:
>> ? ? default_transport = error:you can't go there from here
>> ? ? sender_dependent_default_transport_maps = hash:/etc/postfix/sender_relay
>>
>> /etc/postfix/sender_relay:
>> ? ? [hidden email]??? smtp:relayhost-for-joe
>> ? ? [hidden email]??? smtp:relayhost-for-jane
>>
>> Of course this means that any mail from outside that can't be
>> delivered will be lost (the notification has a null sender which
>> won't match your table).
>>
>> To avoid loss of bounces you turn on double-bounce notification:
>>
>> /etc/postfix/main.cf:
>> ? ? notify_classes = resource, software, 2bounce
>>
>> The priority order of Postfix routing is hard-coded (i.e. still to
>> be made configurable) and the documentation is kind-of obscure.
>> Read carefully.
>>
>> ??? Wietse
>>

Loading...