On Feb 8, 2016, at 8:26 AM, Bill Cole <postfixlists-070...@billmail.scconsult.com> wrote: > However, there's still something missing in what you've provided: "postconf > -n" output. All of it. Preferably unmunged, but if you absolutely must > obfuscate details, do so programmatically and carefully. Also, if you use ANY > transport maps, include those.
$ postconf -n alias_database = hash:$config_directory/aliases alias_maps = hash:$config_directory/aliases, hash:/usr/local/mailman/data/aliases allow_percent_hack = no always_bcc = *munged* bounce_size_limit = 10240 broken_sasl_auth_clients = yes command_directory = /usr/local/sbin compatibility_level = 2 content_filter = smtp-amavis:[127.0.0.1]:10024 daemon_directory = /usr/local/libexec/postfix data_directory = /var/db/postfix debug_peer_level = 2 debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin xxgdb $daemon_directory/$process_name $process_id & sleep 5 disable_vrfy_command = yes dovecot_destination_recipient_limit = 1 enable_long_queue_ids = yes header_checks = pcre:/etc/postfix/header_checks.pcre header_size_limit = 10240 home_mailbox = Maildir/ html_directory = /usr/local/share/doc/postfix inet_interfaces = all inet_protocols = ipv4 mail_owner = postfix mailbox_command = /usr/local/bin/procmail -t -a $EXTENSION mailbox_size_limit = 52428800 mailq_path = /usr/local/bin/mailq manpage_directory = /usr/local/man maps_rbl_reject_code = 521 max_use = 10 message_size_limit = 26214400 meta_directory = /usr/local/libexec/postfix mime_header_checks = pcre:$config_directory/mime_headers.pcre mydestination = $myhostname, localhost.$mydomain, $mydomain, localhost, ns1.$mydomain, ns2.$mydomain, mail.$mydomain, www.$mydomain, webmail.$mydomain mydomain = covisp.net myhostname = mail.covisp.net mynetworks = 75.148.37.64/29, 127.0.0.0/8, 65.121.55.42, , 65.121.55.45, mynetworks_style = subnet myorigin = $mydomain newaliases_path = /usr/local/bin/newaliases policyd-spf_time_limit = 3600 postscreen_access_list = permit_mynetworks, cidr:$config_directory/postscreen_access.cidr postscreen_bare_newline_ttl = 7d postscreen_dnsbl_action = enforce postscreen_dnsbl_sites = dul.dnsbl.sorbs.net*1 zen.spamhaus.org=127.0.0.[10..11]*4 zen.spamhaus.org=127.0.0.[4..7]*6 zen.spamhaus.org=127.0.0.3*6 zen.spamhaus.org=127.0.0.2*6 spam.dnsbl.sorbs.net*2 multi.surbl.org*2 dnsbl-1.uceprotect.net dnsbl-2.uceprotect.net list.dnswl.org=127.0.[0..255].0*-3 list.dnswl.org=127.0.[0..255].1*-4 list.dnswl.org=127.0.[0..255].[2..255]*-6 dwl.spamhaus.org=127.0.2.[2;3]*-3 swl.spamhaus.org=127.0.2.[12;13]*-3 postscreen_dnsbl_threshold = 6 postscreen_dnsbl_ttl = 1d postscreen_greet_action = enforce postscreen_greet_banner = mail.covisp.net ESTMP -- Please wait postscreen_greet_ttl = 7d postscreen_greet_wait = 4s postscreen_pipelining_ttl = 7d queue_directory = /var/spool/postfix readme_directory = /usr/local/share/doc/postfix recipient_delimiter = +_ sample_directory = /usr/local/etc/postfix sender_bcc_maps = pcre:$config_directory/sender_bcc.pcre sendmail_path = /usr/local/sbin/sendmail setgid_group = maildrop shlib_directory = /usr/local/lib/postfix show_user_unknown_table_name = no smtp_tls_exclude_ciphers = MD5, aDSS, SRP, PSK, aECDH, aDH, SEED, IDEA, RC2, RC5 smtp_tls_protocols = !SSLv2, !SSLv3 smtp_tls_security_level = may smtpd_banner = $myhostname ESMTP $mail_name $mail_version smtpd_data_restrictions = reject_unauth_pipelining, reject_multi_recipient_bounce, permit smtpd_error_sleep_time = 28 smtpd_hard_error_limit = 8 smtpd_helo_required = yes smtpd_helo_restrictions = permit_mynetworks, reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname, check_helo_access pcre:/etc/postfix/helo_checks.pcre permit smtpd_recipient_limit = 100 smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_sender_domain, reject_invalid_hostname, reject_unlisted_recipient, reject_unlisted_sender, reject_unknown_reverse_client_hostname, check_client_access hash:$config_directory/access, permit smtpd_relay_restrictions = permit_mynetworks reject_unauth_destination smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = yes smtpd_sasl_path = private/auth smtpd_sasl_type = dovecot smtpd_soft_error_limit = 4 smtpd_starttls_timeout = 40s smtpd_tls_cert_file = /etc/ssl/certs/postfix.pem smtpd_tls_ciphers = medium smtpd_tls_exclude_ciphers = aNULL, DES, 3DES, MD5, DES+MD5, RC4, LOW, EXPORT smtpd_tls_key_file = /etc/ssl/private/postfix.pem smtpd_tls_loglevel = 1 smtpd_tls_protocols = !SSLv2, !SSLv3 smtpd_tls_security_level = may smtputf8_enable = no soft_bounce = no swap_bangpath = no tls_ssl_options = no_ticket, no_compression undisclosed_recipients_header = To: List of Bcc addresses:; unknown_local_recipient_reject_code = 550 virtual_alias_domains = kreme.com virtual_alias_maps = hash:$config_directory/virtual proxy:mysql:$config_directory/mysql_virtual_alias_maps.cf virtual_gid_maps = static:89 virtual_mailbox_base = /usr/local/virtual virtual_mailbox_domains = proxy:mysql:$config_directory/mysql_virtual_domains_maps.cf virtual_mailbox_maps = proxy:mysql:$config_directory/mysql_virtual_mailbox_maps.cf virtual_minimum_uid = 89 virtual_transport = dovecot virtual_uid_maps = static:89 $ more header_checks.pcre /^X-Clacks-Overhead:/ IGNORE /^Content-Transfer-Encoding:/i PREPEND X-Clacks-Overhead: GNU Terry Pratchett ##/^Subject:/ WARN /^From:.*ja...@kreme.com/ REDIRECT ja...@xanmax.com $ cat sender_bcc.pcre ##/^From:.*ja...@kreme.com/ REDIRECT ja...@xanmax.com $ grep japan /usr/local/etc/postfix/virtual ja...@xanmax.com xander+ja...@xanmax.com,kris+ja...@kreme.com,lb+ja...@kreme.com $ postmap -q ja...@xanmax.com hash:/usr/local/etc/postfix/virtual xander+ja...@xanmax.com,kris+ja...@kreme.com,lb+ja...@kreme.com Feb 8 15:24:31 mail postfix/pipe[63027]: 3pzhjW3HX6zJMjC: to=<ja...@xanmax.com>, orig_to=<l...@kreme.com>, relay=dovecot, delay=0.12, delays=0.09/0.01/0/0.02, dsn=5.1.1, status=bounced (user unknown) The mysql maps aren’t useful and there is far too much personal-isa information in virtual to include it all. > The reason that's needed (at least for me...) is that you have shown mail > being delivered via 'pipe' rather than 'local' or 'virtual' and that says for > sure that you have a non-default delivery rig. Since your problem is in > delivery, you must show how your delivery is rigged. That’s some progress at least. Hopefully there’s something obvious in the postconf output. -- E is for ERNEST who choked on a peach F is for FANNY sucked dry by a leech
