[AMaViS-user] Postfix XFORWARD/XCLIENT question

Mon, 25 Jul 2005 23:36:18 -0700 

List,

Postfix 2.2.5
amavisd-new 2.3.2

Both work nearly perfectly together. However, I have a scenario (on a
test rig) where I want to simulate Internet mail from a Postfix smtpd
listener through amavisd-new to a postfix listener.

I have a policy_bank setting for amavis:
$policy_bank{'MYNETS'} = {
  forward_method => 'smtp:[127.0.0.1]:10026',
  notify_method  => 'smtp:[127.0.0.1]:10026',
  inet_acl => [qw( 127.0.0.1 192.168.0.3 )],
};

This sends mail from local interfaces through to the listener on port
10026 (which is what I want).

My other ALT policy_bank setting is default, sending Internet mail to
the smtpd listener on port 10025 (which is what I want).

$policy_bank{'ALT'} = {
  inet_acl => [qw( 127.0.0.1 192.168.0.3 )],
};
 
Both policy_bank settings do what i want, in other words. That is, when
Internet mail from Internet addresses comes through, it is sent to port
10025 and local mail is sent to port 10026.

In the following scenario, sqm.intern (192.168.1.10) is not a local
interface, is not included in $mynetworks.

If I telnet to Postfix:

1762 [root:tru] /etc/postfix/maps/ldap # telnet localhost submission
Trying 127.0.0.1...
Connected to localhost (127.0.0.1).
Escape character is '^]'.
220-billy.demon.nl ESMTP Postfix (2.2.5)
220 spamfiltered
ehlo sqm.intern
250-billy.demon.nl
250-PIPELINING
250-SIZE 10240000
250-STARTTLS
250-XCLIENT NAME ADDR PROTO HELO
250 XFORWARD NAME ADDR PROTO HELO SOURCE
xforward addr=192.168.1.10 name=sqm.intern proto=esmtp
250 Ok
mail from: [EMAIL PROTECTED]
250 Ok
rcpt to: [EMAIL PROTECTED]
250 Ok
data
354 End data with <CR><LF>.<CR><LF>
Subject: Test
 
Test
.
250 2.6.0 Ok, id=23084-02, from Postfix([127.0.0.1]:10026): 250 Ok: queued as 
6336644CCE
quit
221 Bye

The message should be sent to port 10026, but is in fact sent to port
10025, as per the ALT policy_bank setting, since the message is coming
from localhost. IOW, XFORWARD and XCLIENT do not work as I interpret
they should, or am I making some mistake?

Relevant bits of master.cf below.

Thanks and sorry for MUA folding,

--Tonni

--
# =============================================================
# service       transport       private unpriv  chroot  wakeup  maxproc command 
+ args
# type          type            (yes)   (yes)   (yes)   (never) (100)
# =============================================================
smtp            inet            n       -       n       -       10      smtpd
        -o smtpd_helo_restrictions=hash:/etc/postfix/maps/helo_checks
        -o smtpd_client_restrictions=cidr:/etc/postfix/maps/internal_cidr
        -o smtp_host_lookup=dns
        -o smtpd_proxy_filter=10024
        -o smtp_send_xforward_command=yes
        -o xforward-command=helo=localhost
        -o smtpd_proxy_timeout=200s
        -o smtp_use_tls=no
        -o smtp_skip_quit_response=no
        -o smtpd_authorized_xforward_hosts=127.0.0.0/24,192.168.0.0/24
        -o smtpd_authorized_xclient_hosts=127.0.0.0/24,192.168.0.0/24
 
:10025          inet            n       -       n       -       -       smtpd
        -o smtp_send_xforward_command=yes
        -o xforward-command=helo=localhost
        -o content_filter=lmtp:localhost:24
        -o lmtp_destination_concurrency_limit=5
        -o smtpd_client_restrictions=
        -o smtpd_helo_restrictions=
        -o smtpd_sender_restrictions=
        -o smtpd_error_sleep_time=0
        -o smtpd_recipient_restrictions=permit_mynetworks,reject
        -o 
receive_override_options=no_unknown_recipient_checks,no_header_body_checks
        -o smtpd_authorized_xforward_hosts=127.0.0.0/24,192.168.0.0/24
        -o smtpd_authorized_xclient_hosts=127.0.0.0/24,192.168.0.0/24

:10026          inet            n       -       n       -       -       smtpd
        -o content_filter=
        -o smtpd_client_restrictions=
        -o smtpd_helo_restrictions=
        -o smtpd_sender_restrictions=
        -o smtpd_error_sleep_time=0
        -o smtpd_recipient_restrictions=permit_mynetworks,reject
        -o receive_override_options=no_unknown_recipient_checks
        -o smtpd_authorized_xforward_hosts=127.0.0.0/24,192.168.0.0/24
        -o smtpd_authorized_xclient_hosts=127.0.0.0/24,192.168.0.0/24

submission      inet            n       -       n       -       -       smtpd
        -o smtpd_sasl_auth_enable=yes
        -o smtp_host_lookup=dns
        -o smtpd_proxy_filter=10024
        -o smtp_send_xforward_command=yes
        -o xforward-command=helo=localhost
        -o smtpd_proxy_timeout=200s
        -o smtp_use_tls=no
        -o smtpd_authorized_xforward_hosts=127.0.0.0/24,192.168.0.0/24
        -o smtpd_authorized_xclient_hosts=127.0.0.0/24,192.168.0.0/24


-- 
mail: [EMAIL PROTECTED]
http://www.billy.demon.nl




-------------------------------------------------------
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click
_______________________________________________
AMaViS-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/

Reply via email to