On 2011-07-29 21:20, Andrea Ganduglia wrote:
On Fri, Jul 29, 2011 at 7:05 PM, Jeroen Geilman<jer...@adaptr.nl> wrote:
On 2011-07-29 18:37, Andrea Ganduglia wrote:
my outbound traffic try to authenticate recipients and delivery fails
My god, why is this so complicated ?
You're adding extra transport maps to a transport that is already the
default virtual transport, to override transport maps that are empty.
I don't understand this point. The only way that Dovecot works is use
transpot_maps, if I use just virtual_transport = dovecot it doesn't
works.
Then you did something wrong.
As long as the dovecot transport knows how to handle the mail sent to
it, virtual_transport = dovecot will work fine.
And to top it off, you're using a mysql map to return a static result.
Yeah, it's hack for now. On next future, I want select transport by
domain name (like: select tranport from transports where domain =
'%d').
Then it has no place in this config.
Get simple working first, then make it more complex.
Also, you're not using maildrop as a transport, so the above recipient limit
is never applied.
Seriously, consider unfscking this config.
It's not the goal of this issue. This is an experimental and
transitional config file. My goal for now is understand how split
outbound and inbound mail and using Dovecot/Sieve for inbound mails.
I'm not using dropmail here, I opted for dovecot.
Again, it only obfuscates any real issues.
With dovecot inbound mail follows this route postfix -> spamassassin
-> dovecot -> sieve -> Maildir (it works!)
but outbound mail follows the same way, while I think should be
postfix -> smptd -> send (in any case with virtual pipe on
spamassissin!).
So apply your spam filter to the incoming connection only.
No. Apply dovecot to the incoming connection only.
...what ? That makes absolutely zero sense.
Dovecot is a mail store server, not a content filter.
If you apply the dovecot transport to all mail, then yes, this goes
wrong. So don't do that.
I assume you're using submission (port 587, SASL +TLS) for mail submission -
and if you're not, you should.
This leaves you free to add your content_filter to the port 25 smtpd(8)
listener.
Currently I'm not using :submission. If I do:
Jul 29 20:20:30 hostname postfix/smtp[17437]: 998E02548187:
to=<u...@example.com>, relay=none, delay=0.02,
delays=0.01/0/0/0, dsn=4.4.1, status=deferred (connect to
127.0.0.1[127.0.0.1]:587: Connection refused)
I have no more investigated.
Then I suggest you do so.
Submission is well documented, as is smtpd(8) SASL and TLS:
http://www.postfix.org/SASL_README.html and
http://www.postfix.org/TLS_README.html
It is one half of separating your incoming and outgoing mail streams.
How can I split delivery into two distinct paths for outbound and
inbound messages?
By using submission to submit outbound mail.
--master.cf--
smtp inet n - n - - smtpd
-o content_filter=spamassassin
That should be inbound only; prevent outbound users from using it by
REJECTing envelope senders in your domain(s).
uhm... I don't understant. How? Why?
With the appropriate restrictions, as documented here:
http://www.postfix.org/SMTPD_ACCESS_README.html
Pay particular attention to the check_sender_access restriction; if you
apply that to your domain(s), before accepting any mail, people will not
be able to use port 25 to send mail from your domain(s).
Never used.
This is used.
I know.
Jeroen, you was very nice, but I need to understand what is the right
way to make work this.
The problem is that you have not sufficiently explained what "this" is.
I gather you're trying to use dovecot to deliver incoming mail, and want
to avoid that on outgoing mail.
This is not difficult, as long as you don't override postfix' default
behaviour with silly transport_maps that don't work.
But without more detailed requirements it is very hard to tell you what
to do.
I post this issue through out 3 world wide
mailing list {debian,dovecot,postfix}-user in last two weeks, I read
much about "talk", but no one said me where I wrong, why and how I can
fix it.
Nobody is being paid to help you, surely.
Postfix has excellent documentation; if you have questions it does not
answer, feel free to come here and ask them, and provide as much
relevant information as you can.
For reference, see the DEBUG help you also received when joining this list:
http://www.postfix.org/DEBUG_README.html#mail
--
J.
