--- In [email protected], Victor Duchovni <victor.ducho...@...> wrote:
>
> On Thu, Jan 15, 2009 at 05:17:07AM -0000, jeff_homeip wrote:
>
> > > There's the problem. Now test the table as Noel suggested.
> > >
> > > $ echo katie.prevost@ |
> > > postmap -q - mysql:/etc/postfix/mysql_smtpd_sender_login_maps.cf
> >
> > I just tested again with this result:
> >
> > % /etc/postfix : postmap -q katie.prev...@...
> > mysql:/etc/postfix/mysql_smtpd_sender_login_maps.cf
> > % /etc/postfix :
>
> Please use the suggested:
>
> echo <lookup-key> | postmap -q - <table>
>
> form. Also as documented, "smtpd_sender_login_maps" uses additional
> lookup keys:
>
> http://www.postfix.org/postconf.5.html#smtpd_sender_login_maps
>
> smtpd_sender_login_maps (default: empty)
>
> Optional lookup table with the SASL login names that own sender
> (MAIL FROM) addresses.
>
> Specify zero or more "type:table" lookup tables. With lookups from
> indexed files such as DB or DBM, or from networked tables such as
> NIS, LDAP or SQL, the following search operations are done with a
> sender address of u...@domain:
>
> 1) u...@domain
> This table lookup is always done and has the highest precedence.
>
> 2) user
> This table lookup is done only when the domain part of the sender
> address matches $myorigin, $mydestination, $inet_interfaces
> or $proxy_interfaces.
>
> 3) @domain
> This table lookup is done last and has the lowest precedence.
>
> In all cases the result of table lookup must be either "not found"
> or a list of SASL login names separated by comma and/or whitespace.
>
> You need to tset the full set of lookup keys (sh, ksh or bash, not csh):
>
> (
> echo morris.com |
> postmap -q - mysql:/etc/postfix/mysql_mydestination_maps.cf >&2 &&
> echo katie.prevost
> sleep 1
> echo katie.prev...@...
> echo @morris.com
> ) | postmap -q - mysql:/etc/postfix/mysql_smtpd_sender_login_maps.cf
>
> All this assumes that the sender address in question is unmodified...
>
> --
> Viktor.
>
> Disclaimer: off-list followups get on-list replies or get ignored.
> Please do not ignore the "Reply-To" header.
>
> To unsubscribe from the postfix-users list, visit
> http://www.postfix.org/lists.html or click the link below:
> <mailto:majord...@...?body=unsubscribe%20postfix-users>
>
> If my response solves your problem, the best way to thank me is to not
> send an "it worked, thanks" follow-up. If you must respond, please put
> "It worked, thanks" in the "Subject" so I can delete these quickly.
>
Here's some additional information on the issue of not being able to send from
outside
my_networks from one authorized address to another:
I restored my master.cf from my latest backup and before I started testing the
reject_(un)authorixed...., I had one additional smtpd_sender_restrictions
listed:
-o
smtpd_sender_restrictions=$submission_sender_restrictions,reject_sender_login_mismatc
h,permit_sasl_authenticated,reject
in my submission service. it's defined in main.cf as:
submission_sender_restrictions =check_sender_access
pcre:/etc/postfix/smtpd_sender_restrictions.pcre
smtpd_sender_restrictions.pcre is:
/^(.*)/ PREPEND X-Envelope-Sender: <${1}>
just the one line where I hope I can capture the envelope sender (this is
related to an
earlier issue where my spam filter failed to preserve the envelope sender, so
this is a
workaround).
When I added this back, all worked fine. If I remove this one restriction
(check_sender_access), I can no longer send.
is this check_sender_access, because it's not rejecting the sender, allowing it
somehow?
I thought this information might be useful or important.
Thanks again!
