OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Michael Tokarev (mjttls.msk.ru)
Date: Sat Apr 27 2002 - 07:24:26 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Stefano Tabacchiera wrote:
    >
    > Hi there,
    > RedHat7.2 Linux box running postfix-1.1.7+pgsql patch, cyrus 2.0.16,
    > avcheck-0.8.
    >
    > I have virtual users on a pgsql table.
    > Postfix does alias expansion, then delivers to cyrus over lmtp.
    > Note: I'm using postfix-style virtual-domains, so foovirtual.com is an alias
    > for the cyrus-style-mailbox user 'bar', but foo`hostname` is NOT.
    >
    > from main.cf:
    > mailbox_transport=lmtp:127.0.0.1
    > fallback_transport=lmtp:127.0.0.1
    >
    > The problem has begun since I installed avcheck as content_filter over smtpd.
    > That's what - I think - happens:
    >
    > 1) someone sends mail to foovirtual.com
    > 2) postfix does alias expansion over pgsql. The local user 'bar' is selected.
    > 3) then the message passes through the content filter.
    > 4) After filter processing, the message is reinjected into smtpd over
    > localhost:1025 (no content filter here).
    > 5) A ***NEW*** alias expansion (bar`hostname`) is tried. But that's not
    > anymore an alias.

    Why? Why it's not *anymore* an alias?! Let's imagine the same scenario but
    without content filter:
      1) mail sent to foovirtual.com
      2) postfix does virtual (not alias as you wrote -- I suppose), and the
       local user 'bar' is selected.
      5) a ***NEW*** (why new?) alias expansion (bar`hostname` - that's not quite
        true, it's bar$myorigin) is tried. If there is no such alias, when mail
        will be bounced.

    So what's the problem? Content_filter just moved it to another, different
    place.
    > 6) The query fails and the result is 550:user unknown.
    > 7) The user bar never receive mail.
    >
    > Any clue?

    Firts of all, recheck your configuration. There is an error somewhere.
    Second, I'd recommend to disable any uce/whatether controls for
    localhost:1025 (btw, use e.g. 10025 port instead - 1025 is the first
    spare port and socketpair() with AF_INET will choose this port and thus
    it will be busy). E.g.:

     localhost:10025 ... smtpd
       -olocal_recipient_maps=
       -ovirtual_maps=
       -osmtpd_recipient_restrictions=static:OK,reject
       -ocontent_filter=
       ...

    Regards,
     Michael.
    -
    To unsubscribe, send mail to majordomopostfix.org with content
    (not subject): unsubscribe postfix-users