On Fri, May 28, 2010 at 1:27 PM, Wietse Venema <wie...@porcupine.org> wrote: > Jack Browning: >> I'm curious as to why the generic map isn't working for mail sent to >> the relayhost. > > Generic mapping is implemented in the Postfix SMTP client, so you > need to configure the Postfix SMTP client appropriately. Setting > the generic mapping on other Postfix programs has no effect.
Perhaps there was a misunderstanding because of my description of the issue. To connect to the ATT/U-verse SMTP server, I am using a variant of the configuration described at: http://www.postfix.org/TLS_README.html#client_smtps The only differences in my stunnel.conf and the stunnel.conf in the README are nominal, to wit: r...@dell:/etc/init.d# cat /etc/stunnel/stunnel.conf client = yes foreground = no [att-smtps] accept = 2525 connect = smtp.att.yahoo.com:smtps My main.cf looks like this: r...@dell:/etc/postfix# postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases append_dot_mydomain = yes biff = no config_directory = /etc/postfix home_mailbox = Maildir/ inet_interfaces = all inet_protocols = all mailbox_size_limit = 104857600 message_size_limit = 52428800 mydestination = dell.jnjroos.net, localhost.jnjroos.net, localhost, jnjroos.net myhostname = dell.jnjroos.net mynetworks = 127.0.0.0/8, 192.168.0.0/24 myorigin = /etc/mailname queue_minfree = 78643200 relayhost = [localhost]:2525 smtp_generic_maps = hash:/etc/postfix/generic smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_sasl_security_options = noanonymous smtp_sender_dependent_authentication = yes smtp_use_tls = no smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) Note the relayhost specification, which, again, only differs nominally from the configuration stated in the README. Note, too, the specification of smtp_sasl_password_maps, which implements the sender-based authentication the remote server requires. Finally, note the specification of smtp_generic_maps, which I had hoped would rewrite the sender address for outgoing mail being delivered to the relayhost. "jnjroos.net" is, of course, a fantasy name for my local network. As I stated in my original post, everything works as it should when the local e-mail clients (Windows Live Mail and Sylpheed) are configured with the user's ATT e-mail address as the From address. Here is a redacted log excerpt for outgoing mail when the local clients are configured that way: Jun 1 13:42:28 dell postfix/smtpd[16260]: connect from asus.jnjroos.net[192.168.0.4] Jun 1 13:42:28 dell postfix/smtpd[16260]: 6E5C71C157: client=asus.jnjroos.net[192.168.0.4] Jun 1 13:42:28 dell postfix/cleanup[16263]: 6E5C71C157: message-id=<20100601134228.d563162f.xxx...@att.net> Jun 1 13:42:28 dell postfix/qmgr[16015]: 6E5C71C157: from=<xxx...@att.net>, size=828, nrcpt=1 (queue active) Jun 1 13:42:28 dell postfix/smtpd[16260]: disconnect from asus.jnjroos.net[192.168.0.4] Jun 1 13:42:29 dell postfix/smtp[16264]: 6E5C71C157: to=<yyy...@gmail.com>, relay=127.0.0.1[127.0.0.1]:2525, delay=1.3, delays=0.06/0/1/0.22, dsn=2.0.0, status=sent (250 OK , completed) Jun 1 13:42:29 dell postfix/qmgr[16015]: 6E5C71C157: removed As you can see, everything (including sender-based authentication) works, and the delivery to the remote host (via Postfix's SMTP client) is successful. Now, when I change the From address in the local e-mail clients to the user's local e-mail address, i.e., from xxx...@att.net to zzz...@jnjroos.net, this is what happens: Jun 1 14:17:24 dell postfix/smtpd[16469]: connect from asus.jnjroos.net[192.168.0.4] Jun 1 14:17:24 dell postfix/smtpd[16469]: B01C11C157: client=asus.jnjroos.net[192.168.0.4] Jun 1 14:17:24 dell postfix/cleanup[16472]: B01C11C157: message-id=<20100601141724.a4213911.zzz...@jnjroos.net> Jun 1 14:17:24 dell postfix/qmgr[16317]: B01C11C157: from=<zzz...@jnjroos.net>, size=850, nrcpt=1 (queue active) Jun 1 14:17:24 dell postfix/smtpd[16469]: disconnect from asus.jnjroos.net[192.168.0.4] Jun 1 14:17:25 dell postfix/smtp[16473]: B01C11C157: to=<yyy...@gmail.com>, relay=localhost[127.0.0.1]:2525, delay=0.28, delays=0.05/0.01/0.18/0.04, dsn=5.0.0, status=bounced (host localhost[127.0.0.1] said: 530 authentication required - for help go to http://help.yahoo.com/sbc/dsl/mail/pop/pop-11.html (in reply to MAIL FROM command)) Jun 1 14:17:25 dell postfix/cleanup[16472]: 2144A1C297: message-id=<20100601191725.2144a1c...@dell.jnjroos.net> Jun 1 14:17:25 dell postfix/bounce[16475]: B01C11C157: sender non-delivery notification: 2144A1C297 Jun 1 14:17:25 dell postfix/qmgr[16317]: 2144A1C297: from=<>, size=2825, nrcpt=1 (queue active) Jun 1 14:17:25 dell postfix/qmgr[16317]: B01C11C157: removed Jun 1 14:17:25 dell postfix/local[16476]: 2144A1C297: to=<zzz...@jnjroos.net>, relay=local, delay=0.02, delays=0.01/0.01/0/0.01, dsn=2.0.0, status=sent (delivered to maildir) Jun 1 14:17:25 dell postfix/qmgr[16317]: 2144A1C297: removed No address rewriting is occurring even though Postfix is invoking its SMTP client to deliver the mail to the remote host, and my generic map (after postmap and a reload) contains an entry like this: zzz...@jnjroos.net xxx...@att.net I suspect that because the sender address is not being rewritten by the generic map the password lookup is also failing, so that a non-ATT sender address *and* garbage credentials are being sent to the remote server. I find this behavior quite perplexing, because generic mapping has worked flawlessly for me in the past, when my relayhost parameter pointed to an actual SMTP server with an Internet (as opposed to local) network address. The only difference this time around seems to be specifying the local endpoint of the stunnel connection as the relayhost. This the first time I've had to use sender-based authentication, so I have no experience with how it should be interacting with address rewriting. I hope this clarifies the issue I am facing. Again, I am using Postfix 2.5.1 on Ubuntu 8.04 x64 LTS. TIA, JEB
