September 2, 2019 3:35 PM, "Reio Remma" <[email protected]> wrote: > Hello! > > I was able to have virtual aliases pointing to external addresses with the > old syntax, but it > doesn't seem to work like that with new rules: >
Not awake enough to process what follows but the new syntax certainly allows this as my whole infrastructure depends on it ;-) I suspect that there's a problem with the ruleset that prevents external addresses from matching a rule themselves. > action filter_incoming relay host smtp://127.0.0.1:10024 > action sign_outgoing relay host smtp://127.0.0.1:10026 > action relay_outgoing relay > action deliver_lmtp lmtp "/var/run/dovecot/lmtp" rcpt-to virtual > <virtuals> userbase <userinfo> > > match tag FILTERED for domain <domains> action deliver_lmtp > match tag SIGNED for any action relay_outgoing > match auth from any for domain <domains> action deliver_lmtp > match from any for domain <domains> rcpt-to <recipients> action > filter_incoming > match auth from any for any action sign_outgoing > > Old rules were: > > accept tagged Filtered for domain <domains> virtual <virtuals> userbase > <userinfo> deliver to lmtp > "/var/run/dovecot/lmtp" rcpt-to > accept from local for domain <domains> virtual <virtuals> userbase > <userinfo> deliver to lmtp > "/var/run/dovecot/lmtp" rcpt-to > accept from !local for domain <domains> recipient <recipients> relay via > smtp://127.0.0.1:10024 > accept tagged Signed for any relay > accept from local for any relay via smtp://127.0.0.1:10026 > > [email protected] used to be nicely redirected to a remote > [email protected], but > with the new syntax it doesn't hit any rules. > > I found that adding "match tag FILTERED for any action relay_outgoing" after > "match tag FILTERED > for domain <domains> action deliver_lmtp" solves the issue. > > I suspect that the old "accept tagged Filtered" went straight to MTA after > expanding the virtual > alias? > > Does it sound right to "match tag FILTERED for any" after dealing with > FILTERED for our domains? > > Can I do anything about DKIM breaking for forwarded mails? > > Thanks, > Reio
