OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Re: Postfix nested aliases expansion problem with virtual domains

From: Andrew Koros (akoroske.uu.net)
Date: Thu Dec 06 2007 - 08:07:19 CST

Andrew Koros wrote:
> Hello,
>
> I have postfix-2.4.6 built with PostgreSQL lookup support on Linux
> CentOS-5 and Fedora.
>
> I have an interesting problem with nested aliases in virtual domains.
> Here is the scenario:
>
> In my main.cf I have :
>
> virtual_mailbox_domains =
> proxy:pgsql:/etc/postfix/pgsql-my-virtual-destinations.cf
> virtual_mailbox_base = /var/mail
> virtual_mailbox_maps = proxy:pgsql:/etc/postfix/pgsql-virtual.cf
> virtual_alias_maps = proxy:pgsql:/etc/postfix/pgsql-aliases.cf
> virtual_alias_domains=
> transport_maps =
> hash:/etc/postfix/transport, proxy:pgsql:/etc/postfix/pgsql-transport.cf
> e.t.c
>
> In my virtual_mailbox_domains database I have the entries that returns
> results like:
> example.com
> somewhere-else.com
> e.t.c.
>
> I have some entries in the virtual_mailbox_maps database that returns
> the following results
> mailbox1example.com
> mailbox2example.com
> mailbox1somewhere-else.com
> e.t.c
>
> I have some entries in the virtual_alias_maps database like the following:
>
> alias1example.com mailbox1example.com
> alias2example.com mailbox2example.com
> alias2example.com mailbox1somewhere-else.com
> alias3example.com alias2example.com
> alias3example.com mailboxsome-remote-site.com
> e.t.c
>
> The problem:
>
> Mails to alias1example.com and alias2example.com work fine.
>
> But mail to the nested alias alias3example.com
>
> Results in Errors. The following are the errors as tested using sendmail -bv
>
> <alias2example.com> (expanded from <alias3example.com>): delivery via
> virtual:
> unknown user: "alias2example.com"
>
> <mailbox2example.com> (expanded from <alias3example.com>): delivery via
> pop.example.com[x.x.x.x]:25: 250 Accepted
>
> <mailbox1somewhere-else.com> (expanded from <alias3example.com>):
> delivery via
> pop.example.com[x.x.x.x]:25: 250 Accepted
>
> <mailboxsome-remote-site.com> (expanded from <alias3example.com>):
> delivery via
> mx.some-remote-site.com[y.y.y.y]:25: 250 Accepted
>
> It looks like it expands the result of the nested alias3example.com
> i.e. alias2example.com but still attempts to lookup the
> alias2example.com as though it is a mailbox. Anyone has any idea how to
> solve this problem?
>
>
>

Actually I finally found my mistake after a lot of trial and error and
inspecting the logs.

There was an error in the pgsql-aliases.cf SQL query (which included a
table joins) that was giving an unreasonable expansion result for the
alias which was exceeding the virtual_alias_expansion_limit :

 postfix/cleanup[25400]: warning: 8C6F77880FB: unreasonable
virtual_alias_maps map nesting for alias2example.com

postmap -q alias2example.com pgsql:/etc/postfix/pgsql-aliases.cf

Gave a long result:
alias2example.com,alias2example.com,alias2example.com,alias2example.com,
..... e.t.c.

Thanks for your Help.

--
Andrew Koros

UUNET Kenya Ltd,
Your WiMAX future is now here

Email: akoros <at> ke.uu.net
http://www.ics.uunet.co.ke/

"The contents of this e-mail and any accompanying documentation
is confidential and any use thereof, in whatever form, by anyone
other than the addressee for whom it is intended, is strictly
prohibited."

|~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| / / (_)__ __ ____ __ |
| / /__/ / _ \/ // /\ \/ / | Freedom to
| /____/_/_//_/\_,_/ /_/\_\ | Experiment
|~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~