Hi:
I would very much appreciate any help, advice, pointers, etc. to
resolve an issue I am encountering.
I am having a challenge trying to use a mysql table for
smtpd_sender_login_maps. Right now I have:
In main.cf:
smtpd_sender_login_maps=mysql:/path/to/map.cf
smtpd_sender_restrictions=reject_sender_login_mismatch, ....
My virtual mailbox table contains the username for authentication
(which is also the e-mail address), the password and I am using a text
(VARCHAR) field to hold the list of e-mail addresses that each user is
allowed to send from.
For example, my e-mail is jeff (at) jweinberger.homeip.net. I can send
as that e-mail, but I also want to allow sending from someothername
(at) jweinberger.homeip.net and from jeff (at) some-other-domain-I-
own.tld. so the table row looks like:
field username: jeff (at) jweinberger.homeip.net
field password: (password)
field valid_from: jeff (at) jweinberger.homeip.net, someothername
(at) jweinberger.homeip.net, jeff (at) some-other-domain-I-own.tld
The select statement in the maps.cf file is "select username from
virtual_mailbox_table where (INSTR(valid_from, "%s") > 0)" which
successfully (tested outside postfix) looks up the sender address and
returns the login name (field: username).
I run into problems when more than one login name is permitted to send
from a given address. For example, say i include one of my valid
addresses as postmaster (at) jweinberger.homeip.net (so I can send
from it - mail to it goes into a postmaster mailbox as required). I
also want someone else to be able to send from postmaster (at)
jweinberger.homeip.net. So the virtual mailbox table would contain:
Row 1:
field username: jeff (at) jweinberger.homeip.net
field password: (password)
field valid_from: jeff (at) jweinberger.homeip.net, someothername
(at) jweinberger.homeip.net, jeff (at) some-other-domain-I-own.tld,
postmaster (at) jweinberger.homeip.net
Row 2:
field username: someoneelse (at) jweinberger.homeip.net
field password: (password)
field valid_from: someoneelse (at) jweinberger.homeip.net,
yetanothername (at) jweinberger.homeip.net, postmaster (at)
jweinberger.homeip.net
And when I try to send mail authenticated at jeff (at)
jweinberger.homeip.net from postmaster (at) jweinberger.homeip.net it
fails with this log entry:
postfix/smtpd[83245]: NOQUEUE: reject: RCPT from unknown[10.0.1.1]:
553 5.7.1 <postmaster (at) jweinberger.homeip.net >: Sender address
rejected: not owned by user jeff (at) jweinberger.homeip.net
from=<postmaster (at) jweinberger.homeip.net> to=<--edited-->
proto=ESMTP helo=<[10.0.1.7]>
The query in this case would return two rows, as both users are
allowed to send from that address.
According to the description of smtpd_sender_login_maps in http://www.postfix.com/postconf.5.html
:
"In all cases the result of table lookup must be either "not found" or
a list of SASL login names separated by comma and/or whitespace"
I conclude that the mysql query is not returning the list in the right
form. Since I don't know how mysql calls are implemented in postfix, I
don't know what to do to correct this, if it's possible.
So my questions:
1) Is my analysis and conclusion (that mysql is not returning the
result in the required form) correct?
2) Is there anything I can do to make the result come back in the form
postfix needs it?
I would like to be able to do this in this way, as I think it makes
sense to track which addresses are authorized for each user, rather
than the other way around. If there is no direct way to do this, I can
build a reverse lookup table that will return the list postfix expects.
And of course, if there is any additional information that would help
in diagnosing or resolving this, I'd be happy to provide it.
Any help, direction, pointers, etc. are much appreciated!
Thanks,
--Jeff
