Smtp virtual user map

[albatrossflavour]

I found that when using virtual domains, SASL authentication for SMTP failed with the error "Sender address rejected: not owned by user". This was because there isn't a mapping between the SMTP user and the SASL user.

By creating a postmap for smtpd_sender_login_maps and populating it with "[email address] [email address]" the problem is fixed.

I've done a fair bit of testing and it seems to work without issue. Apologies for the multiple commits, I was having a bad Friday and was lacking coffee!

[jordiprats]

Hi, I've checked that this puppet configuration works fine:

class { 'postfix': }

class { 'postfix::vmail': }

postfix::vmail::alias { 'example@systemadmin.es':
  aliasto => [ 'exemple@systemadmin.es' ],
}

postfix::vmail::account { 'example@systemadmin.es':
  accountname => 'example',
  domain      => 'systemadmin.es',
  password    => 'secretpassw0rd',
}

Under which circumstance it is needed to use the smtpd_sender_login_maps? I don't see why it is needed by default

Please note this PR it's still not merged

thanks,

[albatrossflavour]

Odd, I’ll do some checking today as I couldn’t get this working with dovecot/postfix out of the box on an selinux enabled Centos 7 instance.

On 3 July 2018 at 2:23:00 am, Jordi Prats (notifications@github.com) wrote:

Hi, I've checked that this puppet configuration works fine:

class { 'postfix': }

class { 'postfix::vmail': }

postfix::vmail::alias { 'example@systemadmin.es': aliasto => [ 'exemple@systemadmin.es' ], }

postfix::vmail::account { 'example@systemadmin.es': accountname => 'example', domain => 'systemadmin.es', password => 'secretpassw0rd', } Under which circumstance it is needed to use the smtpd_sender_login_maps? I don't see why it is needed by default

Please note this PR it's still not merged

thanks,

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or mute the thread.

[albatrossflavour]

I've retested using the current master version without the map. Everything looks fine until the users try and send an email outside of their domain (so need SMTP auth). I see this message in the log:

Jul  5 10:01:06 flute private/smtpd[4369]: NOQUEUE: reject: RCPT from telstr1099.lnk.telstra.net[110.142.134.250]: 553 5.7.1 <xxxx@xxxxxxx.xx>: Sender address rejected: not owned by user yyyyy@yyyyy.yy; from=<yyyyy@yyyyy.yy> to=<xxxx@xxxxxxx.xx> proto=ESMTP helo=<zzz.zzz.zzz>

Where xxxx@xxxxxxx.xx is the recipient and yyyyy@yyyyy.yy is the sender.

Since the PR is closed, I'm not sure if you'll see this message, could you let me know if you do? If I don't hear anything, I'll raise a new PR after doing some more testing.