virtual mailbox domain - unknown user problem - postfix 2.4.1
Yashesh Bhatia
i'm using postfix 2.4.1 and am trying to setup the virtual mailbox
domain delivery.
here's the output of postconf -n
-------------------------------------------------------------------------------------------------------------------------------
$ postconf -n
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
html_directory = /opt/postfix-2.4.1/html
inet_interfaces = all
mail_owner = postfix
mailq_path = /usr/bin/mailq
manpage_directory = /usr/local/man
mydestination = localhost localhost.localdomain
myhostname = localhost
mynetworks = 127.0.0.0/8
mynetworks_style = host
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
readme_directory = /opt/postfix-2.4.1/readme
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
unknown_local_recipient_reject_code = 550
virtual_alias_domains =
virtual_alias_maps = mysql:/etc/postfix/mysql_email2email.cf
regexp:/etc/postfix/regexp_virtual_alias_maps.cf
virtual_gid_maps = static:523
virtual_mailbox_base = /var/spool/boogmail/
virtual_mailbox_domains = boog.com
virtual_mailbox_maps = regexp:/etc/postfix/regexp_virtual_mailbox_maps.cf
virtual_uid_maps = static:523
$
-------------------------------------------------------------------------------------------------------------------------------
when i did the lookups from command line i get the following positive messages
$ postmap -q y...@boog.com mysql:/etc/postfix/mysql_email2email.cf
y...@boog.com
$ postmap -q y...@boog.com regexp:/etc/postfix/regexp_virtual_mailbox_maps.cf
boog.com/yvb/
$ postmap -q foo...@boog.com mysql:/etc/postfix/mysql_email2email.cf
$ postmap -q foo...@boog.com mysql:/etc/postfix/mysql_email2email.cf
regexp:/etc/postfix/regexp_virtual_alias_maps.cf
yash...@gmail.com
$
so from the above it can be seen that the postmap works fine i.e. it gets the
correct mailbox paths and email addresses for users
-------------------------------------------------------------------------------------------------------------------------------
here's the output of the relevant files
$ cat mysql_email2email.cf
user = boog
password = <pwd>
hosts = 127.0.0.1
dbname = boog
query = SELECT CONCAT(name, "@boog.com") FROM users WHERE
name=TRIM(TRAILING '@boog.com' FROM LCASE('%s'))
$ cat regexp_virtual_alias_maps.cf
/.*@boog.com/ yash...@gmail.com
$ cat regexp_virtual_mailbox_maps.cf
/(.*)@boog.com/ boog.com/${1}/
-------------------------------------------------------------------------------------------------------------------------------
However, when i try to send an email to y...@boog.com i get the
following messages in
the maillog
$ mail y...@boog.com
Subject: hello world
hello world...
Cc:
$
$ cat /var/log/maillog
Jun 20 15:53:47 bfc11 postfix/pickup[6487]: DEABCE8253: uid=0 from=<root>
Jun 20 15:53:47 bfc11 postfix/cleanup[6577]: DEABCE8253:
message-id=<20070620102347.DEABCE8253@localhost>
Jun 20 15:53:47 bfc11 postfix/qmgr[6486]: DEABCE8253:
from=<ro...@localhost.localdomain>, size=299, nrcpt=1 (queue active)
Jun 20 15:53:47 bfc11 postfix/virtual[6580]: warning: regexp map
/etc/postfix/regexp_virtual_mailbox_maps.cf, line 1: regular
expression substitution is not
allowed: skipping this rule
Jun 20 15:53:47 bfc11 postfix/virtual[6580]: DEABCE8253:
to=<y...@boog.com>, relay=virtual, delay=0.07, delays=0.05/0.01/0/0.01,
dsn=5.1.1, status=bounced (un
known user: "y...@boog.com")
Jun 20 15:53:47 bfc11 postfix/cleanup[6577]: EC028E8256:
message-id=<20070620102347.EC028E8256@localhost>
Jun 20 15:53:47 bfc11 postfix/bounce[6581]: DEABCE8253: sender
non-delivery notification: EC028E8256
Jun 20 15:53:47 bfc11 postfix/qmgr[6486]: EC028E8256: from=<>,
size=1941, nrcpt=1 (queue active)
Jun 20 15:53:47 bfc11 postfix/qmgr[6486]: DEABCE8253: removed
Jun 20 15:53:47 bfc11 postfix/local[6582]: warning: dict_nis_init: NIS
domain name not set - NIS lookups disabled
Jun 20 15:53:47 bfc11 postfix/local[6582]: EC028E8256:
to=<ro...@localhost.localdomain>, relay=local, delay=0.02,
delays=0.01/0.01/0/0.01, dsn=2.0.0, status=s
ent (delivered to mailbox)
Jun 20 15:53:47 bfc11 postfix/qmgr[6486]: EC028E8256: removed
from the logs above specifically the lines
Jun 20 15:53:47 bfc11 postfix/virtual[6580]: warning: regexp map
/etc/postfix/regexp_virtual_mailbox_maps.cf, line 1: regular
expression substitution is not
allowed: skipping this rule
Jun 20 15:53:47 bfc11 postfix/virtual[6580]: DEABCE8253:
to=<y...@boog.com>, relay=virtual, delay=0.07, delays=0.05/0.01/0/0.01,
dsn=5.1.1, status=bounced (un
known user: "y...@boog.com")
it seems that there is an error in getting the mailbox path and also
doing the lookup via the
virtual_alias_maps parameter. however the above to worked fine when
using postmap -q from command line.
can anyone pls help me figure out where i could be messing up.
thanks a lot.
yashesh bhatia
----------------------------------------------------------------
Go Pre
http://www2.localaccess.com/rlalonde/pre.htm
----------------------------------------------------------------
mouss
> -------------------------------------------------------------------------------------------------------------------------------
>
> [snip]
>
> Jun 20 15:53:47 bfc11 postfix/virtual[6580]: warning: regexp map
> /etc/postfix/regexp_virtual_mailbox_maps.cf, line 1: regular
> expression substitution is not
> allowed: skipping this rule
It means exactly what it says: you cannot use regex/pcre substitution in
virtual, for security reasons.
Do you really want to accept mail sent to arbitrary addresses?
> [snip]
Yashesh Bhatia
thanks for the reply/help. i changed the setting for
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
from
virtual_mailbox_maps = regexp:/etc/postfix/regexp_virtual_mailbox_maps.cf
and am now using a sql query to check if user exists (and that worked fine)
however one thing that is not clear to me is the exact use / workflow
for delivery mechanism
using the virtual mailbox domain class.
i read the document http://www.postfix.org/ADDRESS_CLASS_README.html and as per
the document it mentions "Valid recipient addresses are listed with the
virtual_mailbox_maps parameter"
now i've got the email address y...@boog.com in the user table and the
mail delivery works fine since the virtual_mailbox_maps does lookup
the mysql db for a valid recipient address.
however i also have the variable virtual_alias_maps which was also
used to actually check
valid recipients for mail delivery.
# this was an earlier one.... which was working ...
#virtual_alias_maps = mysql:/etc/postfix/mysql_email2email.cf
regexp:/etc/postfix/regexp_virtual_alias_maps.cf
the mysql_email2email.cf returns the email of the user if it's present
in the user table
and the regexp one is the catchall so a mail to any user not present
in the user table will goto
yash...@gmail.com
now since i was under the impression that the variable
virtual_mailbox_maps is used for valid
email recipients i did not see a need for another lookup (hence reduce
an extra sql hit) for
valid emails in the virtual_alias_maps & hence i removed the mysql lookup from
virtual_alias_maps.
virtual_alias_maps = regexp:/etc/postfix/regexp_virtual_alias_maps.cf
but this is breaking down the mail delivery for y...@boog.com. so it
seems to me that both
virtual_mailbox_maps and virtual_alias_maps are being used to check if
a user exists in the
user table before delivering the email. why is the check for a valid
email being done in 2
places ? can't a single one suffice ? i.e. if virtual_mailbox_maps
does give a positive result
why should it have to go and recheck it in the table thru virtual_alias_maps ?
i'm sure i'm misundersting something here. i'd appreciate if anyone
can point out my error in
my line of thinking.
thanks.
yashesh bhatia
so when i removed the
> > allowed: skipping this rule
> It means exactly what it says: you cannot use regex/pcre substitution in
> virtual, for security reasons.
>
> Do you really want to accept mail sent to arbitrary addresses?
>
>
>
> > [snip]
>
>
--
mouss
No. a cathall is a catchALL. All mail will be redirected to
yase...@gmail.com. put the email2email.cf back.
>
> but this is breaking down the mail delivery for y...@boog.com. so it
> seems to me that both
> virtual_mailbox_maps and virtual_alias_maps are being used to check if
> a user exists in the
> user table before delivering the email. why is the check for a valid
> email being done in 2
> places ? can't a single one suffice ? i.e. if virtual_mailbox_maps
> does give a positive result
> why should it have to go and recheck it in the table thru
> virtual_alias_maps ?
>
> i'm sure i'm misundersting something here. i'd appreciate if anyone
> can point out my error in
> my line of thinking.
read the REWRITE README. it shows the flow of rewrite and transport.
delivery happens after all rewrite is done.
Note: virtual_alias_maps apply to _all_ mail, whatever the domain class is.