Package: postfix Version: 2.11.1.2z At log level 5, postfix reports relay restrictions as recipient restrictions. This makes it difficult to track down configuration issues.
For example: * given this stanza in master.cf: 465 inet n - n - - smtpd -o content_filter=scan:[127.0.0.1]:10030 -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions= -o smtpd_data_restrictions= -o smtpd_helo_restrictions= -o smtpd_recipient_restrictions= -o smtpd_relay_restrictions=permit_sasl_authenticated,reject -o syslog_name=postfix/smtps -o milter_macro_daemon_name=ORIGINATING * and given debug level set to 5 for the peer from which test emails are originating (in main.cf): debug_peer_list = testing.example.com debug_peer_level = 5 * then, upon receiving a message on port 465 from testing.example.com, the following appears in the log: Apr 1 18:41:58 myserver postfix/smtps/smtpd[20737]: >>> START Recipient address RESTRICTIONS <<< Apr 1 18:41:58 myserver postfix/smtps/smtpd[20737]: generic_checks: name=permit_sasl_authenticated Apr 1 18:41:58 myserver postfix/smtps/smtpd[20737]: generic_checks: name=permit_sasl_authenticated status=0 Apr 1 18:41:58 myserver postfix/smtps/smtpd[20737]: generic_checks: name=reject Apr 1 18:41:58 myserver postfix/smtps/smtpd[20737]: NOQUEUE: reject: RCPT from testing.example.com [192.0.2.1]: 554 5.7.1 <valid_recipi...@example.com>: Recipient address rejected: Access denied; from=<valid_sen...@example.com> to=<valid_recipi...@example.com> proto=ESMTP helo=<testing.example.com> Apr 1 18:41:58 myserver postfix/smtps/smtpd[20737]: generic_checks: name=reject status=2 Apr 1 18:41:58 myserver postfix/smtps/smtpd[20737]: >>> END Recipient address RESTRICTIONS <<< Although the log reports “Recipient address RESTRICTIONS,” modifying the smtpd_relay_restrictions in master.cf demonstrates that in fact the relay restrictions are being logged. For example, when smtp_relay_restrictions is changed to: -o smtpd_relay_restrictions=permit_sasl_authenticated,reject_unauth_destination then, upon receiving a message on port 465 from testing.example.com, the following appears in the log: Apr 3 00:17:56 myserver postfix/smtps/smtpd[1182]: >>> START Recipient address RESTRICTIONS <<< Apr 3 00:17:56 myserver postfix/smtps/smtpd[1182]: generic_checks: name=permit_sasl_authenticated Apr 3 00:17:56 myserver postfix/smtps/smtpd[1182]: generic_checks: name=permit_sasl_authenticated status=0 Apr 3 00:17:56 myserver postfix/smtps/smtpd[1182]: generic_checks: name=reject_unauth_destination Apr 3 00:17:56 myserver postfix/smtps/smtpd[1182]: reject_unauth_destination: valid_recipi...@example.com Apr 3 00:17:56 myserver postfix/smtps/smtpd[1182]: permit_auth_destination: valid_recipi...@example.com Apr 3 00:17:56 myserver postfix/smtps/smtpd[1182]: ctable_locate: leave existing entry key valid_recipi...@example.com Apr 3 00:17:56 myserver postfix/smtps/smtpd[1182]: generic_checks: name=reject_unauth_destination status=0 Apr 3 00:17:56 myserver postfix/smtps/smtpd[1182]: >>> END Recipient address RESTRICTIONS <<< Clearly, relay restrictions are being logged as recipient restrictions. To correct this issue, I suggest that relay restrictions to be logged between delimiters looking something like: Apr 3 00:17:56 myserver postfix/smtps/smtpd[1182]: >>> START Relay RESTRICTIONS [log messages here] Apr 3 00:17:56 myserver postfix/smtps/smtpd[1182]: >>> END Relay RESTRICTIONS I am using Linux version 3.13.0-43-generic (buildd@tipua) (gcc version 4.8.2 (Ubuntu 4.8.2-19ubuntu1) ) #72-Ubuntu SMP Mon Dec 8 19:35:06 UTC 2014 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org