On Friday 14 March 2014 14:51:08 Noel Jones wrote: > Basically correct. Anything not specifically rejected will be > permitted, and the default (empty) action is permit. Messages > permitted by smtpd_sender_restrictions may be rejected by one of the > other smtpd_*_restrictions sections.
Thanks! > > 2.) The documentaion states: "Reject the request when > > $smtpd_sender_login_maps specifies an owner for the MAIL FROM > > address...". So the premise for all rejections is that an address is > > listed by smtpd_sender_login_maps. I tried sending an email from > > a...@mydomain.de which does not exist but it was still rejected. The same > > for a...@somerandomdomainname.com. Why does this happen? > > Either the message is rejected by another restriction as shown in > the log, or your smtpd_sender_login_maps is matching everything. > http://www.postfix.org/postconf.5.html#smtpd_sender_login_maps I turned on debug output and as far as I can see sender_login_maps returns 0 rows and the error message states "Sender address rejected" so the sender restrictions must be causing this. I am logged in as b...@mydomain.de and I am trying to send a mail to myself (b...@mydomain.de) using f...@mydomain.de as a sender which does not exist. Here is part of the debug log: ... Mar 15 00:10:05 mail2 postfix/smtpd[18217]: >>> START Sender address RESTRICTIONS <<< Mar 15 00:10:05 mail2 postfix/smtpd[18217]: generic_checks: name=reject_sender_login_mismatch Mar 15 00:10:05 mail2 postfix/smtpd[18217]: >>> START Sender address RESTRICTIONS <<< Mar 15 00:10:05 mail2 postfix/smtpd[18217]: generic_checks: name=reject_authenticated_sender_login_mismatch Mar 15 00:10:05 mail2 postfix/smtpd[18217]: ctable_locate: move existing entry key f...@mydomain.de Mar 15 00:10:05 mail2 postfix/smtpd[18217]: dict_pgsql_get_active: attempting to connect to host 127.0.0.1 Mar 15 00:10:05 mail2 postfix/smtpd[18217]: dict_pgsql: successful connection to host 127.0.0.1 Mar 15 00:10:05 mail2 postfix/smtpd[18217]: dict_pgsql: successful query from host 127.0.0.1 Mar 15 00:10:05 mail2 postfix/smtpd[18217]: dict_pgsql_lookup: retrieved 0 rows Mar 15 00:10:05 mail2 postfix/smtpd[18217]: dict_pgsql_get_active: attempting to connect to host 127.0.0.1 Mar 15 00:10:05 mail2 postfix/smtpd[18217]: dict_pgsql: successful connection to host 127.0.0.1 Mar 15 00:10:05 mail2 postfix/smtpd[18217]: dict_pgsql: successful query from host 127.0.0.1 Mar 15 00:10:05 mail2 postfix/smtpd[18217]: dict_pgsql_lookup: retrieved 0 rows Mar 15 00:10:05 mail2 postfix/smtpd[18217]: maps_find: smtpd_sender_login_maps: f...@mydomain.de: not found Mar 15 00:10:05 mail2 postfix/smtpd[18217]: match_string: mydomain.de ~? mail.mydomain.de Mar 15 00:10:05 mail2 postfix/smtpd[18217]: match_string: mydomain.de ~? localhost.mydomain.de Mar 15 00:10:05 mail2 postfix/smtpd[18217]: match_string: mydomain.de ~? localhost Mar 15 00:10:05 mail2 postfix/smtpd[18217]: match_list_match: mydomain.de: no match Mar 15 00:10:05 mail2 postfix/smtpd[18217]: dict_pgsql_get_active: found active connection to host 127.0.0.1 Mar 15 00:10:05 mail2 postfix/smtpd[18217]: dict_pgsql: successful query from host 127.0.0.1 Mar 15 00:10:05 mail2 postfix/smtpd[18217]: dict_pgsql_lookup: retrieved 0 rows Mar 15 00:10:05 mail2 postfix/smtpd[18217]: maps_find: smtpd_sender_login_maps: @mydomain.de: not found Mar 15 00:10:05 mail2 postfix/smtpd[18217]: mail_addr_find: f...@mydomain.de -> (not found) Mar 15 00:10:05 mail2 postfix/smtpd[18217]: NOQUEUE: reject: RCPT from localhost[127.0.0.1]: 553 5.7.1 <f...@mydomain.de>: Sender address rejected: not owned by user b...@mydomain.de; from=<f...@mydomain.de> to=<b...@mydomain.de> proto=ESMTP helo=<mail.mydomain.de> Mar 15 00:10:05 mail2 postfix/smtpd[18217]: generic_checks: name=reject_authenticated_sender_login_mismatch status=2 Mar 15 00:10:05 mail2 postfix/smtpd[18217]: generic_checks: name=reject_sender_login_mismatch status=2 Mar 15 00:10:05 mail2 postfix/smtpd[18217]: > localhost[127.0.0.1]: 553 5.7.1 <f...@mydomain.de>: Sender address rejected: not owned by user b...@mydomain.de Mar 15 00:10:05 mail2 postfix/smtpd[18217]: watchdog_pat: 0x7f7055174750 Mar 15 00:10:05 mail2 postfix/smtpd[18217]: < localhost[127.0.0.1]: RSET Mar 15 00:10:05 mail2 postfix/smtpd[18217]: > localhost[127.0.0.1]: 250 2.0.0 Ok Mar 15 00:10:05 mail2 postfix/smtpd[18217]: watchdog_pat: 0x7f7055174750 Mar 15 00:10:05 mail2 postfix/smtpd[18217]: < localhost[127.0.0.1]: QUIT Mar 15 00:10:05 mail2 postfix/smtpd[18217]: > localhost[127.0.0.1]: 221 2.0.0 Bye Mar 15 00:10:05 mail2 postfix/smtpd[18217]: match_hostname: localhost ~? 127.0.0.0/8 Mar 15 00:10:05 mail2 postfix/smtpd[18217]: match_hostaddr: 127.0.0.1 ~? 127.0.0.0/8 Mar 15 00:10:05 mail2 postfix/smtpd[18217]: disconnect from localhost[127.0.0.1] Mar 15 00:10:05 mail2 dovecot: imap(b...@mydomain.de): Disconnected: Logged out in=12 out=364 And the updated configuration: # postconf -nf alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases append_dot_mydomain = no biff = no config_directory = /etc/postfix debug_peer_level = 2 debug_peer_list = 127.0.0.1 dovecot_destination_recipient_limit = 1 inet_interfaces = all mailbox_size_limit = 0 message_size_limit = 52428800 myhostname = mail.mydomain.de mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 myorigin = /etc/mailname readme_directory = no recipient_delimiter = + relayhost = smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_policy_service unix:private/policy-spf smtpd_sasl_auth_enable = yes smtpd_sasl_path = private/auth smtpd_sasl_type = dovecot smtpd_sender_login_maps = pgsql:/etc/postfix/pgsql-virtual-mailbox-maps.cf, pgsql:/etc/postfix/pgsql-virtual-alias-maps.cf smtpd_sender_restrictions = reject_sender_login_mismatch smtpd_tls_auth_only = no smtpd_tls_cert_file = /etc/ssl/certs/mail.mydomain.de.chained.pem smtpd_tls_key_file = /etc/ssl/private/mydomain.de.pem smtpd_tls_security_level = may smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache soft_bounce = no virtual_alias_maps = pgsql:/etc/postfix/pgsql-virtual-alias-maps.cf virtual_mailbox_domains = pgsql:/etc/postfix/pgsql-virtual-mailbox-domains.cf virtual_mailbox_maps = pgsql:/etc/postfix/pgsql-virtual-mailbox-maps.cf virtual_transport = dovecot
