> On 21.04.22 17:51, Matus UHLAR - fantomas wrote:
> >I'm trying to implement SRS using postsrsd. Since it always rewrites
> >non-local sender (even for incoming mail) I'm trying to restrict it
> >only for outgoing mail.
Wietse Venema:
SRS sender rewriting is in scope for email that is forwarded from
elesewhere to elsewhere through virtual aliasing etc., or for email
that is delivered locallly AND FORWARDED through ~/.forward files,
or delivery to "|command".
On 28.04.22 10:50, Wietse Venema wrote:
This delivers remotely with a remote envelope sender.
yes, this is what SRS is for: forwards.
The problem comes from postsrs being called in *_canonical_maps, which are
processed when mail is received, not when it's sent out, so the default
recommended usage rewrites sender always:
https://github.com/roehling/postsrsd#known-issues
I tried to solve this by routing outgoing mail through either another postfix
instance, or just loop through local smtpd:
localhost:10027 inet n - y - - smtpd
-o syslog_name=postfix/$service_name
-o cleanup_service_name=cleanup_out
-o smtpd_tls_security_level=none
-o smtpd_recipient_restrictions=
cleanup_out unix n - y - 0 cleanup
-o syslog_name=postfix/$service_name
-o sender_canonical_classes=envelope_sender
-o sender_canonical_maps=tcp:localhost:10001
-o recipient_canonical_maps=
-o virtual_alias_maps=
sending mail out on this port did what I needed.
MX, or email that is delivered locallly AND NOT FORWARDED through
~/.forward file or delivery to "|command".
luckily, I don't have to deal with backup MX yet, that would make my
situation a bit harder.
Also, one email message can have multiple recipients, some in scope
for SRS and some recipients of that same message not in scope. This
determination may not be possible in the general case with a single
MTA instance. You may have to delete functionality (eliminate
~/.forward and "|command"), or you may have to split email streams
and handle different streams with different MTA configurations.
Start with two MTA instances: one MTA for MX service and remote
deliveries, and one internal MTA for local submission and delivery.
Apply SRS to email on the way from the internal MTA to the MX MTA
if the envelope sender is not local (sender_dependent_default_mumble).
this is the part I'm trying to find out:
how to send mail with non-local senders using different way than local
senders.
In fact, I need to sender_dependent_* for everything but local domains,
sender_dependent_default_transport_maps doesn't seem to support wildcard.
without this, I can only think of having separate instance for outgoing
e-mail, which is doable but has drawbacks (e.g. I must learn and understand
the multi-instance setup which has been hard reading for me so far).
I haven't considered the SRS reverse transformation. It probably
needs to happen on the way from the MX MTA, to the internal MTA.
Maybe a dedicated SMTP port on the internal MTA.
I have set up SRS reverse transformation in canonical_maps and I was
successfull with it:
recipient_canonical_maps = tcp:127.0.0.1:10002
remote_header_rewrite_domain=fantomas.sk
this way I can even rewrite To: headers if it contains SRS address.
- all without setting up separate instance.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
Depression is merely anger without enthusiasm.
