I might misunderstand your question, but I noticed that your line:

  match for rcpt-to <sympa> action "mailinglist"

does not specify a "from" option, so it defaults to "from local". This means it won't match for non-local IPs. Maybe that's the culprit?


On Tue, Aug 16, 2022 at 10:07:02AM +0200, thiery wrote:

I have some difficulties to create rule sets for a specific use case.

I use an OpenSMPTD/Dovecot as main mail server and Sympa ( https://www.sympa.org/index) running on an other server to manage mailing list.

On the main mail server, I have two sets of aliases:

table aliases db:/etc/aliases.db
table sympa db:/etc/mail/sympa/aliases.db

The first one contain list of aliases for local accounts.
e.g. anAlias: account

The second one is a list of alias which point to another MTA dedicated to a mailing list.
e.g. list: l...@list.domain.tld

I want to forward all incoming emails targeting the Sympa table to the mailing list server.

Unfortunately when I send an email to, let's say, l...@list.domain.tld, I got this result :

Aug 16 09:56:36 mx-01 smtpd[16029]: 624b10db2fc80050 smtp failed-command command="RCPT TO:<l...@list.domain.tld>" result="550 Invalid recipient: <l...@list.domain.tld>"

Here the smtpd.conf:

pki mx-01.domain.tld cert "/etc/letsencrypt/live/mx-01.domain.tld/cert.pem" pki mx-01.domain.tld key "/etc/letsencrypt/live/mx-01.domain.tld/privkey.pem"

table aliases db:/etc/aliases.db
table sympa db:/etc/mail/sympa/aliases.db
table ldap ldap:/etc/mail/ldap.conf

filter check_dyndns phase connect match rdns regex { '.*\.dyn\..*', '.*\.dsl\..*' } \
   disconnect "550 no residential connections"

filter check_rdns phase connect match !rdns \
   disconnect "550 no rDNS"

filter check_fcrdns phase connect match !fcrdns \
   disconnect "550 no FCrDNS"

filter "rspamd" proc-exec "filter-rspamd"

smtp max-message-size "20M"

listen on enp1s0 tls pki mx-01.domain.tld auth-optional filter { check_dyndns, check_rdns, check_fcrdns, rspamd } listen on enp1s0 port submission tls-require pki mx-01.domain.tld auth filter rspamd

# Maybe I misunderstand the `forward-only` in my use case.
action "mailinglist" forward-only alias <sympa>
action "inbound" maildir junk userbase <ldap> alias <aliases>
action "outbound" relay

match for rcpt-to <sympa> action "mailinglist"
match from any for domain "domain.tld" action "inbound"
match from auth for any action "outbound"

Any ideas ?

Have a nice day,

Reply via email to