search

Monadical-SAS / monadical.com

🖥️ Custom Flask + Jinja2 static site generator and content powering Monadical.com
https://monadical.com
10 stars 4 forks source link

posts/using-multiple-smtpd-sender-login-maps-in-postfix #326

Open utterances-bot opened 1 month ago

utterances-bot commented 1 month ago

A Postfix deployment postmortem: Debugging short-circuiting of mapping lookups

How we tracked down and fixed a bug caused by Postfix’s type:table using the new unionmap feature.

https://monadical.com/posts/using-multiple-smtpd-sender-login-maps-in-postfix.html

CreativeWolf commented 1 month ago

Heya Nick,

Here's what I have on the files:

root@wolflair:/etc/postfix# cat sender_logins.cf
user = db_user
password = db_password
hosts = 127.0.0.1
dbname = db_name
query = SELECT email FROM virtual_users WHERE email='%s'
root@wolflair:/etc/postfix# cat sender_overrides.cf
/.*@test.dev/                     user2@test.dev

Now, user2 is able to send mails as any email prefix but when user1 attempts, throws error message 

Sender address rejected: not owned by user user1@test.dev. Please check the message recipient

user1 has aliases like quality, security, postmaster mapped

Am I missing any entries specific to user1 in the sender_overrides.cf file?

Appreciate any help. Thanks!

CreativeWolf commented 1 month ago

Additionally, this is from the main.cf file:

# Restrictions
smtpd_helo_restrictions =
        permit_mynetworks,
        permit_sasl_authenticated,
        reject_invalid_helo_hostname,
        reject_non_fqdn_helo_hostname
smtpd_recipient_restrictions =
        permit_mynetworks,
        permit_sasl_authenticated,
        reject_non_fqdn_recipient,
        reject_unknown_recipient_domain,
        reject_unlisted_recipient,
        reject_unauth_destination,
smtpd_sender_restrictions =
        permit_mynetworks,
        reject_sender_login_mismatch,
        permit_sasl_authenticated,
        reject_non_fqdn_sender,
        reject_unknown_sender_domain,
smtpd_relay_restrictions =
        permit_mynetworks,
        permit_sasl_authenticated,
        defer_unauth_destination
smtpd_sender_login_maps = unionmap:{
        mysql:/etc/postfix/sender_logins.cf,
        pcre:/etc/postfix/sender_overrides.cf }

# Handing off local delivery to Dovecot's LMTP, and telling it where to store mail
virtual_transport = lmtp:unix:private/dovecot-lmtp

# Virtual domains, users, and aliases
virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf, mysql:/etc/postfix/mysql-virtual-email2email.cf