Hi,
we're in the process to integrate SpamAssassin in our mail system. We
decided to use the after-queue attempt with
smtpd -o content_filter=
The problem we're facing right now is that pipe is getting the alias
name as recipient instead of the username - both are the same:
postfix/pipe[1457]: spamassassin socket: wanted attribute:
original_recipient
postfix/pipe[1457]: input attribute name: original_recipient
postfix/pipe[1457]: input attribute value: olaf.sch...@domain.de
postfix/pipe[1457]: spamassassin socket: wanted attribute: recipient
postfix/pipe[1457]: input attribute name: recipient
postfix/pipe[1457]: input attribute value: olaf.sch...@domain.de
But smtpd correctly resolves the alias to username:
postfix/smtpd[1451]: dict_proxy_lookup:
table=mysql:/etc/postfix/virtual/alias.cf
flags=lock|fold_fix|utf8_request key=olaf.sch...@domain.de -> status=0
result=schol...@domain.de
postfix/smtpd[1451]: maps_find: virtual_alias_maps:
proxy:mysql:/etc/postfix/virtual/alias.cf(0,lock|fold_fix|utf8_request):
olaf.sch...@domain.de = schol...@domain.de
According to the documentation of pipe's ${original_recipient}:
This macro expands to the complete recipient address before any address
rewriting or aliasing.
Which leads to the conclusion that ${recipient} expands to the recipient
address *after* any address rewriting or aliasing. So for ${recipient} I
would expect "schol...@domain.de" instead of "olaf.sch...@domain.de".
But that is not the case.
Can please someone give us a hint what we're doing wrong?
Thanks!
postfinger - postfix configuration on Thu Jan 25 12:48:06 CET 2024
version: 1.30
Warning: postfinger output may show private configuration information,
such as ip addresses and/or domain names which you do not want to show
to the public. If this is the case it is your responsibility to modify
the output to hide this private information. [Remove this warning with
the --nowarn option.]
--System Parameters--
mail_version = 3.4.23
hostname = SpamAssassin
uname = Linux SpamAssassin 4.19.0-20-amd64 #1 SMP Debian 4.19.235-1
(2022-03-17) x86_64 GNU/Linux
--Packaging information--
looks like this postfix comes from deb package: postfix-3.4.23-0+deb10u1
--main.cf non-default parameters--
alias_maps = hash:/etc/aliases
always_add_missing_headers = yes
append_dot_mydomain = no
biff = no
bounce_queue_lifetime = 3d
broken_sasl_auth_clients = yes
delay_warning_time = 5h
maildrop_destination_recipient_limit = 1
maximal_queue_lifetime = 3d
message_size_limit = 36700160
mydestination = hexa, localhost.localdomain, localhost $myhostname
mydomain = domain.de
myhostname = mail.domain.de
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 192.168.151.80/28
192.168.151.1/32
myorigin = $mydomain
policyd-spf_time_limit = 3600
readme_directory = no
recipient_delimiter = +
relay_domains = $mydestination
smtp_destination_concurrency_limit = 1
smtp_destination_rate_delay = 1s
smtp_extra_recipient_limit = 10
smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
smtp_tls_exclude_ciphers = RC4, aNULL
smtp_tls_loglevel = 1
smtp_tls_note_starttls_offer = yes
smtp_tls_security_level = may
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP
smtpd_client_restrictions = check_client_access
hash:/etc/postfix/custom_restrictions/denied_clients check_client_access
hash:/etc/postfix/custom_restrictions/denied_single_clients
smtpd_recipient_restrictions = permit_mynetworks, check_recipient_access
regexp:/etc/postfix/custom_restrictions/denied_recipient_from_outside,
reject_unauth_destination, reject_invalid_hostname, reject_non_fqdn_sender,
reject_unknown_sender_domain,
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = check_sender_access
hash:/etc/postfix/custom_restrictions/denied_sender
smtpd_tls_ask_ccert = yes
smtpd_tls_cert_file = /etc/postfix/certs/mail.domain.de/cert.combine.crt
smtpd_tls_exclude_ciphers = aNULL, eNULL, DES, 3DES, MD5, DES+MD5, RC4
smtpd_tls_key_file = /etc/postfix/certs/mail.domain.de/privkey1.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_use_tls = yes
spamassassin_destination_recipient_limit = 1
submission_client_checks = check_client_access
hash:/etc/postfix/custom_restrictions/submission_client_checks
tls_preempt_cipherlist = yes
transport_maps = proxy:mysql:/etc/postfix/virtual/transport.cf
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/virtual/alias.cf,
proxy:mysql:/etc/postfix/virtual/mail_distributor.cf
virtual_gid_maps = proxy:mysql:/etc/postfix/virtual/virtual_gid_maps.cf
virtual_mailbox_base = /var/mail/virtual
virtual_mailbox_domains = proxy:mysql:/etc/postfix/virtual/virtual_domains.cf
virtual_mailbox_limit = 41943040
virtual_mailbox_lock = dotlock
virtual_mailbox_maps = proxy:mysql:/etc/postfix/virtual/virtual_mail_box.cf
virtual_maps =
virtual_minimum_uid = 10000
virtual_uid_maps = proxy:mysql:/etc/postfix/virtual/virtual_uid_maps.cf
yaa_destination_recipient_limit = 1
--master.cf--
192.168.73.200:25 inet n - y - - smtpd -v
-o content_filter=spamassassin
-o receive_override_options=no_address_mappings
submission inet n - y - - smtpd
-o syslog_name=postfix/submission
-o smtpd_tls_security_level=encrypt
-o smtpd_sasl_auth_enable=yes
-o smtpd_reject_unlisted_recipient=no
-o smtpd_recipient_restrictions=
-o smtpd_client_restrictions=$submission_client_checks
-o smtpd_relay_restrictions=permit_sasl_authenticated,reject
-o milter_macro_daemon_name=ORIGINATING
pickup unix n - y 60 1 pickup
cleanup unix n - y - 0 cleanup
qmgr unix n - n 300 1 qmgr
tlsmgr unix - - y 1000? 1 tlsmgr
rewrite unix - - y - - trivial-rewrite
bounce unix - - y - 0 bounce
defer unix - - y - 0 bounce
trace unix - - y - 0 bounce
verify unix - - y - 1 verify
flush unix n - y 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - y - - smtp
relay unix - - y - - smtp
showq unix n - y - - showq
error unix - - y - - error
retry unix - - y - - error
discard unix - - y - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - y - - lmtp
anvil unix - - y - 1 anvil
scache unix - - y - 1 scache
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix - n n - 2 pipe
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop}
${user} ${extension}
mailman unix - n n - - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user}
yaa unix - n n - - pipe flags=DR user=yaa
argv=/usr/local/sbin/yaa.pl
policyd-spf unix - n n - 0 spawn
user=policyd-spf argv=/usr/bin/policyd-spf
spamassassin unix - n n - - pipe -v
user=debian-spamd argv=/usr/bin/spamc -u ${recipient} -f -e
/usr/sbin/sendmail -oi -f ${sender} ${recipient}
-- end of postfinger output --
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
