September 2, 2019 3:35 PM, "Reio Remma" <r...@mrstuudio.ee> wrote:
> Hello!
> 
> I was able to have virtual aliases pointing to external addresses with the 
> old syntax, but it
> doesn't seem to work like that with new rules:
> 

Not awake enough to process what follows but the new syntax certainly allows 
this
as my whole infrastructure depends on it ;-)

I suspect that there's a problem with the ruleset that prevents external 
addresses
from matching a rule themselves.


> action filter_incoming relay host smtp://127.0.0.1:10024
> action sign_outgoing   relay host smtp://127.0.0.1:10026
> action relay_outgoing  relay
> action deliver_lmtp    lmtp "/var/run/dovecot/lmtp" rcpt-to virtual 
> <virtuals> userbase <userinfo>
> 
> match tag FILTERED     for domain <domains> action deliver_lmtp
> match tag SIGNED       for any action relay_outgoing
> match auth from any    for domain <domains> action deliver_lmtp
> match from any         for domain <domains> rcpt-to <recipients> action 
> filter_incoming
> match auth from any    for any action sign_outgoing
> 
> Old rules were:
> 
> accept tagged Filtered for domain <domains> virtual <virtuals> userbase 
> <userinfo> deliver to lmtp
> "/var/run/dovecot/lmtp" rcpt-to
> accept from local      for domain <domains> virtual <virtuals> userbase 
> <userinfo> deliver to lmtp
> "/var/run/dovecot/lmtp" rcpt-to
> accept from !local     for domain <domains> recipient <recipients> relay via 
> smtp://127.0.0.1:10024
> accept tagged Signed   for any relay
> accept from local      for any relay via smtp://127.0.0.1:10026
> 
> recipi...@mydomain.com used to be nicely redirected to a remote 
> recipi...@someotherdomain.com, but
> with the new syntax it doesn't hit any rules.
> 
> I found that adding "match tag FILTERED for any action relay_outgoing" after 
> "match tag FILTERED
> for domain <domains> action deliver_lmtp" solves the issue.
> 
> I suspect that the old "accept tagged Filtered" went straight to MTA after 
> expanding the virtual
> alias?
> 
> Does it sound right to "match tag FILTERED for any" after dealing with 
> FILTERED for our domains?
> 
> Can I do anything about DKIM breaking for forwarded mails?
> 
> Thanks,
> Reio

Reply via email to