On 11/1/2013 5:48 AM, mark hardwick wrote: > Hi All, > I'm trying and failing to setup postfix so that inbound email to a > specific address is piped through a script. > It's all new to me, and I think I'm simply failing to understand the > complexities of message routing. > > I would like any messages for message+[code]@domain.com > <http://domain.com> to be piped through my script while messages to > a regular user are not. > > My setup is as follows; > > I have a "parser" file: > [email protected] <mailto:[email protected]> FILTER parser: > [email protected] <mailto:[email protected]> FILTER parser: > [email protected] <mailto:[email protected]> FILTER parser: > --------------------- > > In master.cf I have either > smtp inet n - n - - smtpd -o > content_filter=parser > *-or-* > smtp inet n - n - - smtpd > > and further down in master.cf > > parser unix - n n - - pipe > user=virtual argv=/bin/bash /usr/local/bin/parser.pl > ---------------------- > > In main.cf I have > smtpd_recipient_restrictions = check_client_access > hash:/etc/postfix/rbl_override,
Careful here. If the rbl_override map has any PERMIT actions, you're giving relay rights to those clients. http://www.postfix.org/SMTPD_ACCESS_README.html#danger > permit_mynetworks, > permit_sasl_authenticated, Any client in mynetworks or that is authenticated won't go past here. That's probably why your testing doesn't seem to work as expected. > reject_unauth_destination, > check_recipient_access > hash:/etc/postfix/parser, If you want this to apply to all mail, probably better to put it in smtpd_sender_restrictions instead of here. > reject_unlisted_recipient, > reject_unknown_recipient_domain, After reject_unauth_destination, the only recipient domain left is your own. So the only possible unknown domain is your own when your DNS has a hiccup. As a general rule, this restriction is only useful before "permit_mynetworks, permit_sasl_authenticated" to prevent your own users from sending mail to bad domains. > reject_non_fqdn_recipient, Only mail to your domain will pass reject_unauth_destination, so there won't be any non-fqdn recipients here. -- Noel Jones > > ---------------------- > The problem that I'm having is that if, in master.cf I have "-o > content_filter=parser" then all mail is directed to the parser and > not just the mail destined for the accounts that I've configured. > > If i remove "-o content_filter=parser" then no email is parsed and > all email is delivered to accounts in the normal way. > > So my question is, how do I configure postfix to query and use the > parser file I've created to determine which addresses it should pipe > through my script? > > I've tried to keep info brief for people, however I'm happy to post > full configs or other files if that is preferred? > > > Logs - this is mail being delivered locally; > Nov 1 08:46:02 fadmin lt-opendkim[2243]: 2B589746B4D: > DKIM-Signature header added (s=mail, d=domain.com <http://domain.com>) > Nov 1 08:46:02 fadmin postfix/qmgr[14679]: 2B589746B4D: > from=<[email protected] <mailto:[email protected]>>, size=2626, nrcpt=1 > (queue active) > Nov 1 08:46:02 fadmin clamsmtpd: 10005A: [email protected] > <http://domain.com>, [email protected], status=CLEAN > Nov 1 08:46:02 fadmin postfix/smtp[14693]: D3C98746A47: > to=<[email protected] <http://domain.com>>, > relay=127.0.0.1[127.0.0.1]:10025, delay=0.42, > delays=0.26/0.01/0.05/0.1, dsn=2.0.0, status=sent (250 2.0.0 Ok: > queued as 2B589746B4D) > Nov 1 08:46:02 fadmin postfix/smtpd[14695]: disconnect from > localhost[127.0.0.1] > Nov 1 08:46:02 fadmin postfix/qmgr[14679]: D3C98746A47: removed > Nov 1 08:46:02 fadmin postfix/virtual[14697]: 2B589746B4D: > to=<[email protected] <http://domain.com>>, relay=virtual, > delay=0.11, delays=0.1/0.01/0/0, dsn=2.0.0, status=sent (delivered > to maildir) > Nov 1 08:46:02 fadmin postfix/qmgr[14679]: 2B589746B4D: removed > > This is mail being delivered to my script > Nov 1 07:52:46 fadmin postfix/smtpd[11557]: connect from > six.localdomain[192.168.8.1] > Nov 1 07:52:46 fadmin postfix/smtpd[11557]: 5CB27746849: > client=six.localdomain[192.168.8.1] > Nov 1 07:52:46 fadmin postfix/cleanup[11559]: 5CB27746849: > message-id=<[email protected] > <http://flooting.com>> > Nov 1 07:52:46 fadmin lt-opendkim[2243]: 5CB27746849: > six.localdomain [192.168.8.1] not internal > Nov 1 07:52:46 fadmin lt-opendkim[2243]: 5CB27746849: not authenticated > Nov 1 07:52:46 fadmin postfix/qmgr[11528]: 5CB27746849: > from=<[email protected] <mailto:[email protected]>>, size=2518, nrcpt=1 > (queue active) > Nov 1 07:52:48 fadmin postfix/pipe[11560]: 5CB27746849: > to=<[email protected] > <mailto:[email protected]>>, relay=parser, > delay=2.1, delays=0.26/0.01/0/1.8, dsn=2.0.0, status=sent (delivered > via parser service) > Nov 1 07:52:48 fadmin postfix/qmgr[11528]: 5CB27746849: removed > > > Happy to send more logs and files. please tell me what's relevant? > > Mark. > > >
