Noel Jones wrote:
> Chris Dos wrote:
>> Noel Jones wrote:
>>>> It looks like I want to check for RCPT TO:<VERP_Address>
>>>> So I ran this check against the regexp table using postmap:
>>>> postmap -q "RCPT TO:<chris+no-one-home=chrisdos....@chrisdos.com>"
>>>> regexp:header_checks.regexp
>>>> and it came back with a result of DISCARD.
>>>>
>>>> So I guess I don't understand how you said it will never match as
>>>> postmap said it does match.
>>>>
>>>> I'm not trying to be difficult or anything, just trying to figure out
>>>> why this isn't working for me.
>>> Don't use header_checks, use a check_recipient_access map.
>>>
>>> It seems you trying to capture this on the sending system. You can't do
>>> that, the sender isn't verp'ed when header_checks and smtpd_*_checks
>>> sees the address.
>>>
>>> -- Noel Jones
>>
>> Well, I'm going to really want to forward a message that matches the
>> regexp. I'm just doing the discard right
>> now for testing. The header_checks allows me to do more than just
>> accept or reject.
>>
>> Chris
>>
>
> I don't see a forward action in header_checks. Maybe you intend to use
> REDIRECT? Postfix access tables allow more than accept/reject,
> including REDIRECT.
> http://www.postfix.org/access.5.html
>
> But my point is that header_checks are the wrong tool for the job.
> There is no guarantee that the envelope sender will be listed in the
> headers you receive.
>
> And it looks as if you're testing your header_checks on the same machine
> that generates the VERP'ed mail. That won't work.
>
> -- Noel Jones
>
I was was reading the header_checks won't work on bounced mail. I setup a
regexp check_recipient_access map.
This is the regexp file verp_redirect.regexp :
/^RCPT TO:.+\+.+\=...@.+\..+$/ REDIRECT verpbounce
It's still not working. Here is the postconf -n:
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
config_directory = /etc/postfix
default_process_limit = 200
default_recipient_limit = 20000
default_verp_delimiters = +=
disable_verp_bounces = no
disable_vrfy_command = yes
hash_queue_depth = 2
hash_queue_names = deferred, defer, active, incoming
header_checks = regexp:/etc/postfix/header_checks.regexp
html_directory = /usr/share/doc/postfix/html
inet_interfaces = all
mailbox_size_limit = 0
maximal_queue_lifetime = 4d
message_size_limit = 15360000
minimal_backoff_time = 7200
mydestination = mail-dr.sharperagent.com, mail-dr.prod.sharperagent.com
myhostname = mail-dr.sharperagent.com
mynetworks = 127.0.0.0/8, 10.20.30.0/24, 10.20.40.0/22,
172.28.201.0/24, 172.28.200.0/30,
71.33.252.73,
myorigin = mail-dr.sharperagent.com
nested_header_checks = regexp:/etc/postfix/header_checks.regexp
propagate_unmatched_extensions = canonical, virtual
qmgr_message_active_limit = 20000
qmgr_message_recipient_limit = 100000
queue_run_delay = 2000
readme_directory = /usr/share/doc/postfix
recipient_delimiter = +
relay_domains = $mydestination, $mynetworks, sharperagent.com,
agentcatalyst.com,
builderintouch.com, lenderintouch.com, mr-roboto.sharperagent.com,
minime.sharperagent.com,
relayhost =
smtp_connect_timeout = 10
smtp_helo_timeout = 10
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
smtpd_authorized_verp_clients = $mynetworks
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_client_event_limit_exceptions = $mynetworks
smtpd_delay_reject = no
smtpd_error_sleep_time = 0
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks,
reject_invalid_hostname,
regexp:/etc/postfix/helo.regexp,
permit
smtpd_recipient_restrictions = reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unauth_pipelining, check_recipient_access
regexp:/etc/postfix/verp_redirect.regexp,
check_sender_access hash:/etc/postfix/sender_access,
check_client_access
regexp:/etc/postfix/habeas_header1.regexp, check_client_access
regexp:/etc/postfix/habeas_header2.regexp, check_client_access
regexp:/etc/postfix/habeas_header3.regexp, check_client_access
hash:/etc/postfix/client_access,
check_recipient_access hash:/etc/postfix/recipient_access,
permit_mynetworks,
permit_sasl_authenticated, reject_unauth_destination,
reject_non_fqdn_hostname,
reject_rbl_client relays.ordb.org,
check_policy_service inet:127.0.0.1:60000
permit_mx_backup, reject_invalid_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_hostname, reject_non_fqdn_recipient,
reject_unauth_pipelining,
smtpd_sender_restrictions = check_sender_access hash:/etc/postfix/sender_access,
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtpd_use_tls = yes
strict_rfc821_envelopes = yes
transport_maps = hash:/etc/postfix/transport
unknown_address_reject_code = 554
unknown_client_reject_code = 554
unknown_hostname_reject_code = 554
verp_delimiter_filter = -+=
virtual_alias_maps = hash:/etc/postfix/virtual
My log of attempting to send an e-mail looks like this:
Mar 20 09:06:34 mail-dr postfix/smtpd[9069]: connect from localhost[127.0.0.1]
Mar 20 09:06:34 mail-dr postfix/smtpd[9069]: 7A03D28E132:
client=localhost[127.0.0.1]
Mar 20 09:06:34 mail-dr postfix/cleanup[9072]: 7A03D28E132:
message-id=<20090320150634.7a03d28e...@mail-dr.sharperagent.com>
Mar 20 09:06:34 mail-dr postfix/qmgr[9062]: 7A03D28E132:
from=<ch...@chrisdos.com>, size=527, nrcpt=1 (queue
active)
Mar 20 09:06:34 mail-dr postfix/smtpd[9069]: lost connection after QUIT from
localhost[127.0.0.1]
Mar 20 09:06:34 mail-dr postfix/smtpd[9069]: disconnect from
localhost[127.0.0.1]
Mar 20 09:06:35 mail-dr postfix/smtp[9073]: 7A03D28E132:
to=<no-one-h...@chrisdos.com>,
relay=mail.chrisdos.com[71.33.251.73]:25, delay=0.96, delays=0.05/0.01/0.7/0.2,
dsn=5.1.1, status=bounced
(host mail.chrisdos.com[71.33.251.73] said: 550 5.1.1
<no-one-h...@chrisdos.com>: Recipient address rejected:
User unknown in local recipient table (in reply to RCPT TO command))
Mar 20 09:06:35 mail-dr postfix/cleanup[9072]: 75D8529027D:
message-id=<20090320150635.75d85290...@mail-dr.sharperagent.com>
Mar 20 09:06:35 mail-dr postfix/qmgr[9062]: 75D8529027D: from=<>, size=2670,
nrcpt=1 (queue active)
Mar 20 09:06:35 mail-dr postfix/bounce[9074]: 7A03D28E132: sender non-delivery
notification: 75D8529027D
Mar 20 09:06:35 mail-dr postfix/qmgr[9062]: 7A03D28E132: removed
Mar 20 09:06:35 mail-dr postfix/smtp[9073]: 75D8529027D:
to=<chris+no-one-home=chrisdos....@chrisdos.com>,
relay=mail.chrisdos.com[71.33.251.73]:25, delay=0.19, delays=0.02/0/0.11/0.06,
dsn=5.1.1, status=bounced (host
mail.chrisdos.com[71.33.251.73] said: 550 5.1.1
<chris+no-one-home=chrisdos....@chrisdos.com>: Recipient
address rejected: User unknown in local recipient table (in reply to RCPT TO
command))
Mar 20 09:06:35 mail-dr postfix/qmgr[9062]: 75D8529027D: removed
I'm trying to intercept the bounce:
to=<chris+no-one-home=chrisdos....@chrisdos.com>
Any ideas why this is not working. I'm so frustrated at this point, it's nuts.
Chris
