|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
virtual alias maps rewriting headers
wdspublic
safebrowse.com
Date: Fri Sep 01 2006 - 18:55:15 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I'm running Postfix 2.1.5 on an Xserve along with the other
open-source mail software bundled with OS X Server 10.4. This server
exists is bound to a MS active directory (AD) domain.int. Our primary
mail domain hosted on that server is sub.domain.com. Since our Xserve
is bound to AD, users in AD are treated like local users--their
account name is their 6-digit numeric ID (fully qualified =
111222domain.int), however, their assigned internet mail address is
different (e.g. johnsub.domain.com). My goal is to have a working
system that uses their assigned address in all visual headers so the
user doesn't ever see their actual account. Also, we want to prohibit
users from sending mail to each other at their <id>domain.int
address. I'm rewriting envelope and header addresses with
virtual_alias_maps and sender_canonical_maps. virtual_alias_maps
rewrites envelope recipients for incoming mail from our mail filter.
This setup is working fine for internal <-> external mail but users
cannot mail other users (or themselves) at their assigned addresses
(sub.domain.com) because **the virtual alias maps is rewriting the
recipient**. Is there any way to prevent/override virtual_alias_maps
rewriting the recipient address while still allowing
sender_canonical_maps to rewrite the sender address? (maybe I'm
needing a new receive_override_options option to disable virtual alias
map expansion but not canonical address mapping)
An example with log:
A message from user 111222domain.int (e-mail address = johnsub.domain.com)
sends a message to user 777888domain.int at their e-mail address
janesub.domain.com
Log shows:
1 postfix/smtpd[7034]: connect from localhost[127.0.0.1]
2 postfix/smtpd[7034]: C23441214C7: client=localhost[127.0.0.1]
3 postfix/cleanup[7037]: C23441214C7:
message-id=<3918.10.25.44.27.1157119534.squirrelhost.domain.com>
4 postfix/qmgr[4831]: C23441214C7: from=<johnsub.domain.com>, size=753,
nrcpt=1 (queue active)
5 postfix/smtpd[7034]: disconnect from localhost[127.0.0.1]
6 postfix/smtp[7038]: C23441214C7: to=<777888host.domain.int>,
orig_to=<janesub.domain.com>, relay=mailfilter.domain.com[192.168.101.11],
delay=0, status=sent (250 Message received OK)
7 postfix/qmgr[4831]: C23441214C7: removed
You'll notice on line 4 that sender_canonical correctly rewrote the
sender address from 111222 to johnsub.domain.com, however, virtual
alias maps rewrote the recipient as shown in line 6. The mail filter
sees this recipient and throws and NDR because it can't resolve
host.domain.int.
main.cf includes the following:
content_filter = smtp:[mailfilter.domain.com]
mailbox_transport = cyrus
mydestination = $myhostname, host.domain.com, localhost.$mydomain,
localhost, $mydomain
mydomain = domain.int
mydomain_fallback = localhost
myhostname = host.domain.int
mynetworks = 127.0.0.0/8, 172.16.0.0/16, 192.168.101.11/32
sender_canonical_maps = hash:$config_directory/sender_canonical
virtual_alias_domains = hash:$config_directory/virtual_domains
virtual_alias_maps = hash:$config_directory/virtual
virtual_transport = lmtp:unix:/var/imap/socket/lmtp
virtual:
johnsub.domain.com 111222
janesub.domain.com 777888
...
sender_canonical table is exact opposite of virtual table
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]