Hey yall, I am currently planning to switch from OpenSMTPd to postfix for two reasons
- smtpd_sender_login_maps functionality not really implemented in OpenSMTPd - always_bcc not possible on OpenSMTPd While reading up on the postfix manual for smtpd_sender_login_maps I've read that postfix stops at the first match, so if you specify two files you should use a unionmap or those files may not have any pattern in common. Do I understand correctly that this behaviour also is reflected when searching within a single file? I have users on the server that should only be allowed to send with their own address, but then there is a ticket system that should impersonate a few addresses (like sales@, support@, ...). Furthermore I have a user to send email from internal software that should be able to impersonate all user accounts. So if I understand correctly, a simple pcre with the following content would not be working for me? /user....@domain.com/ user....@domain.com /user....@domain.com/ user....@domain.com /user.th...@domain.com/ user.th...@domain.com /sa...@domain.com/ zammad-user /supp...@domain.com/ zammad-user /.*/ internal-software-user EOF if the internal software would try to send as user.two postfix would start applying each pattern from top to bottom in the file, and stop once a pattern matches, correct? This would mean that only line two of the example file would be considered, which does not contain the internal software user, which means the email would be rejected with "user does not own address" error, right? what is the best practise here? surely I could add the internal software user behind each named/personal user, but I fear that this is prone to errors as there are a lot of different addresses and forwardings on the server, which means I could forget to append the internal software user to some addresses. Another alternative I thought of would be to create three seperate pcre file and use a unionmap. In the first file I would list all named/personal users with their email addresses and their login names, in the second file i would list all email addresses used by the ticket system (or a regular expression that matches all) and match it to the zammad user, and in the third file I would list the internal software user with the /.*/ pattern so that it always matches. In my understanding, this would "dynamically" combine to a mapping that allows the special users to be able to send mails in the scope defined but still allow each personal/named user to still send with their email adress without needing to to keep one very complex mapping file up to date with each combination. Would this way work as expected? With this solution I could expand my "create new user" script to automatically append the user and his email address to the first pcre file, thus never having to mess with the smtpd_sender_login_maps again unless I add a new special user. Thanks for any comments on that matter! Cheers, Simon
signature.asc
Description: PGP signature
_______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org