Hi Matthias, Postfix-Users,
(resend, had sent from wrong address and was silently being dropped by
majordomo)
On 1 Sep 2014, at 4:51 pm, Matthias Andree <matthias.and...@gmx.de> wrote:
>> I’m using sender_canonical_maps to ensure that my envelope addresses comply
>> with SPF policies and also allow for a valid bounce address in the event of
>> non-delivery.
>>
>> My gateway mail servers are configured using sender_canonical_maps with
>> "sender_canonical_classes = envelope_sender” and this works as expected for
>> internet mail submission (i.e. smtpd:25), but not for local submission on
>> the gateway mail server.
>
> You will need to provide your master.cf and information on how “local
> submission" works in your setup, and logging for a "failing" message, and
> possibly constrast it to your "working" smtpd-on-port-25 submission.
This is default Ubuntu (12.04 LTS) master.cf. The only difference is that I
have a custom entry for smtpd to force it to only listen on localhost and the
internal network and override myhostname in each instance as appropriate. It
looks similar to the following example. Otherwise, it is identical to the
default distribution master.cf
127.0.0.1:smtp inet n - - - - smtpd
-o myhostname=localhost
10.10.10.10:smtp inet n - - - - smtpd -o
myhostname=internal.gateway.mydomain.com
The difference between a working and failing message is, as I explained in my
original message, that in the failing (local submission) scenario, both the
envelope and header sender addresses are rewritten, but in the working
scenario, only the envelope is rewritten. The
(Working) SMTPD Submission Message Headers:
Return-Path: <realuser+user%internal.hostname.mydomain....@mydomain.com>
Delivered-To: externalu...@otherdomain.com
Received: from public.ip.addr.ess.mydomain.com (public.ip.addr.ess.mydomain.com
[public.ip.addr.ess])
by mx.otherdomain.com (Postfix) with SMTP id 3EE333013F612
for <externalu...@otherdomain.com>; Mon, 1 Sep 2014 18:17:40 +1000
(EST)
Date: Mon, 1 Sep 2014 18:17:34 +1000 (EST)
From: u...@internal.hostname.mydomain.com (My Internal User)
To: <externaluseral...@internal.hostname.mydomain.com>
Subject: test
(Working) SMTPD Submission Message Logs:
2014-09-01T18:17:35.467093+10:00 internal.mailgateway [mail.info]
postfix/smtpd[17959]: connect from internal.hostname.mydomain.com[10.10.10.20]
2014-09-01T18:17:35.489297+10:00 internal.mailgateway [mail.info]
postfix/smtpd[17959]: 776586045C:
client=internal.hostname.mydomain.com[10.10.10.20]
2014-09-01T18:17:35.492464+10:00 internal.mailgateway [mail.info]
postfix/cleanup[17962]: 776586045C:
message-id=<20140901081734.69c9da0...@internal.hostname.mydomain.com>
2014-09-01T18:17:35.495837+10:00 internal.mailgateway [mail.info]
postfix/qmgr[20201]: 776586045C:
from=<realuser+user%internal.hostname.mydomain....@mydomain.com>, size=691,
nrcpt=1 (queue active)
2014-09-01T18:17:35.497046+10:00 internal.mailgateway [mail.info]
postfix/smtpd[17959]: disconnect from
internal.hostname.mydomain.com[10.10.10.20]
2014-09-01T18:17:35.506595+10:00 internal.mailgateway [mail.info]
postfix/cleanup[17962]: 7B651608A3:
message-id=<20140901081734.69c9da0...@internal.hostname.mydomain.com>
2014-09-01T18:17:35.509733+10:00 internal.mailgateway [mail.info]
postfix/local[17963]: 776586045C: to=<externalu...@otherdomain.com>,
orig_to=<externaluseral...@internal.hostname.mydomain.com>, relay=local,
delay=0.03, delays=0.01/0.01/0/0.01, dsn=2.0.0, status=sent (forwarded as
7B651608A3)
2014-09-01T18:17:35.510299+10:00 internal.mailgateway [mail.info]
postfix/qmgr[20201]: 7B651608A3:
from=<realuser+user%internal.hostname.mydomain....@mydomain.com>, size=858,
nrcpt=1 (queue active)
2014-09-01T18:17:35.511402+10:00 internal.mailgateway [mail.info]
postfix/qmgr[20201]: 776586045C: removed
2014-09-01T18:17:40.751439+10:00 internal.mailgateway [mail.info]
postfix/smtp[17964]: 7B651608A3: to=<externalu...@otherdomain.com>,
orig_to=<externaluseral...@internal.hostname.mydomain.com>,
relay=mx.otherdomain.com[1.1.1.1]:25, delay=5.2, delays=0/0.01/4.4/0.81,
dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 3EE333013F612)
2014-09-01T18:17:40.752928+10:00 internal.mailgateway [mail.info]
postfix/qmgr[20201]: 7B651608A3: removed
(Failing) Local Submission Message Headers:
Return-Path: <realuser+user%internal.mailgateway.mydomain....@mydomain.com>
Delivered-To: externalu...@otherdomain.com
Received: from public.ip.addr.ess.mydomain.com (public.ip.addr.ess.mydomain.com
[public.ip.addr.ess])
by mx.otherdomain.com (Postfix) with SMTP id 9E3F7401D9B1
for <externalu...@otherdomain.com>; Mon, 1 Sep 2014 18:52:07 +1000
(EST)
Date: Mon, 01 Sep 2014 18:52:06 +1000
From: realuser+user%internal.mailgateway.mydomain....@mydomain.com (My Internal
User)
To: externaluseral...@internal.mailgateway.mydomain.com
Subject: test
(Failing) Local Submission Message Logs:
2014-09-01T18:52:06.518577+10:00 internal.mailgateway [mail.info]
postfix/pickup[22233]: 7E863608A3: uid=666 from=<user>
2014-09-01T18:52:06.526643+10:00 internal.mailgateway [mail.info]
postfix/cleanup[25341]: 7E863608A3:
message-id=<20140901085206.7e86360...@internal.mailgateway.mydomain.com>
2014-09-01T18:52:06.529309+10:00 internal.mailgateway [mail.info]
postfix/qmgr[20201]: 7E863608A3:
from=<realuser+user%internal.mailgateway.mydomain....@mydomain.com>, size=555,
nrcpt=1 (queue active)
2014-09-01T18:52:06.538255+10:00 internal.mailgateway [mail.info]
postfix/cleanup[25341]: 8331F60607:
message-id=<20140901085206.7e86360...@internal.mailgateway.mydomain.com>
2014-09-01T18:52:06.541153+10:00 internal.mailgateway [mail.info]
postfix/qmgr[20201]: 8331F60607:
from=<realuser+user%internal.mailgateway.mydomain....@mydomain.com>, size=722,
nrcpt=1 (queue active)
2014-09-01T18:52:06.546743+10:00 internal.mailgateway [mail.info]
postfix/local[25343]: 7E863608A3: to=<u...@internal.mailgateway.mydomain.com>,
orig_to=<user>, relay=local, delay=0.03, delays=0.02/0.01/0/0.01, dsn=2.0.0,
status=sent (forwarded as 8331F60607)
2014-09-01T18:52:06.546776+10:00 internal.mailgateway [mail.info]
postfix/qmgr[20201]: 7E863608A3: removed
2014-09-01T18:52:08.016476+10:00 internal.mailgateway [mail.info]
postfix/smtp[25344]: 8331F60607: to=<externalu...@otherdomain.com>,
orig_to=<externaluseralias>, relay=mx.otherdomain.com[1.1.1.1]:25, delay=1.5,
delays=0/0.02/0.6/0.85, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as
9E3F7401D9B1)
2014-09-01T18:52:08.019072+10:00 internal.mailgateway [mail.info]
postfix/qmgr[20201]: 8331F60607: removed
When I use the term “local submission”, I am referring to submission via
/usr/bin/mail or similar - I believe this is called the Sendmail API? The
output of cron etc also exhibits this behaviour. It looks like the difference
must between postfix/smtpd and postfix/pickup based on the logs above. Testing
with "pickup -o myhostname=internal.gateway.mydomain.com” made no difference
(didn’t expect it to).
> master.cf setups often override some of the smtpd settings for local
> submission ports in order to require and permit authentication for relay, and
> this might override your canonical mapping.
Obfuscated master.cf and main.cf configurations below.
cheers,
Valdemar
--
main.cf:
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
canonical_classes = envelope_sender
disable_vrfy_command = yes
inet_interfaces = 127.0.0.1, localhost-internal
inet_protocols = ipv4
local_header_rewrite_clients = permit_mynetworks
mailbox_size_limit = 0
mynetworks = $config_directory/mynetworks
readme_directory = no
recipient_delimiter = +
sender_canonical_classes = envelope_sender
sender_canonical_maps = regexp:/etc/postfix/sender_canonical.regexp
smtp_bind_address = [public.ip.addr.ess]
smtpd_banner = $myhostname ESMTP
smtpd_helo_required = yes
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
smtp_header_checks = regexp:/etc/postfix/header_checks.regexp
smtp_helo_name = public.mailgateway.mydomain.com
smtp_never_send_ehlo = yes
smtp_tls_note_starttls_offer = yes
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_use_tls = yes
virtual_alias_maps = regexp:/etc/postfix/virtual.regexp
--
master.cf:
127.0.0.1:smtp inet n - - - - smtpd
-o myhostname=localhost
10.10.10.10:smtp inet n - - - - smtpd -o
myhostname=internal.mailgateway.mydomain.com
pickup fifo n - - 60 1 pickup
cleanup unix n - - - 0 cleanup
qmgr fifo n - n 300 1 qmgr
tlsmgr unix - - - 1000? 1 tlsmgr
rewrite unix - - - - - trivial-rewrite
bounce unix - - - - 0 bounce
defer unix - - - - 0 bounce
trace unix - - - - 0 bounce
verify unix - - - - 1 verify
flush unix n - - 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - - - - smtp
relay unix - - - - - smtp
showq unix n - - - - showq
error unix - - - - - error
retry unix - - - - - error
discard unix - - - - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - - - - lmtp
anvil unix - - - - 1 anvil
scache unix - - - - 1 scache
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix - n n - 2 pipe
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop}
${user} ${extension}
mailman unix - n n - - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user}
