> On 22-03-18 18:23, Stefan Günther via Users wrote: > > we just installed Ciphermail as virtual machine on a Univention Corporate > > Server (UCS). > > > > The idea is that UCS grabs emails via fetchmail, sends them to the > > Ciphermail VM and finally stores them in the local Kopano installation. > > > > In the configuration of postfix@UCS I have defined the following transport > > map: > > > > in-put.cm smtp:[192.168.0.229] > > > > in-put.cm is defined as a relay domain in Ciphermail. > > > > The problem now is, that the email loops between UCS and Ciphermail: > > Everytime Ciphermail returns the email to postfix@UCS the email is > > forwarded to Ciphermail due to the transport map. > > > > I have no idea, whether we could change anything in the Ciphermail > > configuration, so that postfix@UCS recognizes that the email already has > > been forwarded once or do we have to change the configuration of > > postfix@UCS? > > > > Thanks for any hint or suggestion, > > I do not completely understand your setup but I might have some suggestions. > > Option 1. rewrite the recipients domain to some internal name after the > message has been handled by CipherMail. > > For example rewrite from input.cm to input.cm.handled. The postfix@UCS > should be configured to also handle the domain input.cm.handled and not > only forward email to CipherMail if the recipient domain is input.cm > (and not input.cm.internal) > > Option 2. Add an additional smtpd handler (on a different port) to > master.cf of postfix@UCS and set transport_maps for that port to an > empty value (note I have not tested whether you can override > transport_maps for an smtpd service). Then tell CipherMail to deliver to > that special port. > What about Option 3: TCP/IP communication between postfix on UCS and Ciphermail in the virtual machine?
Instead of using content_filter=djigzo:[127.0.0.1]:10025 I defined content_filter=djigzo:[192.168.0.229]:10025 In master.cf I defined the djigzo transport and told postfix to listen on 192.168.0.9:10025 instead of 127.0.0.1:10025, configured Ciphermail to listen on 192.168.0.229:10025 and forward emails to 192.168.0.9:10025. Finally I deactivated all firewall rules for testing. Then I send an email from the command line of the UCS: Mar 29 13:50:14 ucs postfix/qmgr[26618]: A40FF481158: from=<root@ucs.ciphermail.intranet>, size=327, nrcpt=1 (queue active) Mar 29 13:50:14 ucs postfix/smtp[26689]: A40FF481158: to=<m.mustermann@in-put.solutions>, relay=192.168.0.229[192.168.0.229]:10025, delay=0.28, delays=0.11/0.04/0.06/0.06, dsn=5.7.1, status=bounced (host 192.168.0.229[192.168.0.229] said: 550 5.7.1 Requested action not taken: relaying denied (in reply to RCPT TO command)) As we can see, the email is forwarded to Ciphermail and according to netstat, a java process is listening on 192.168.0.229:10025. But this connection attempt is not recorded in /var/log/djigzo.log. Is the some line in the configuration of Ciphermail that limits connections only to ip 127.0.0.1? I guess this setup, with a separation of postfix and Ciphermail on two different hosts would solve my problem. Thanks for any hints/suggestions, Stefan
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Users mailing list Users@lists.djigzo.com https://lists.djigzo.com/lists/listinfo/users
