To be more specific: the check_recipient_rcpt_maps() function is
called multiple places, but the call that fails in this case is in the
one at the bottom of smtpd_check_rcpt().
On Tue, Jun 14, 2016 at 6:28 PM, Russell Yanofsky <r...@yanofsky.org> wrote:
> Hi,
>
> I think there is a bug in handling of sender_dependent_default_transport_maps
> within smtpd when default_transport is set to error:...
>
> I'm configuring postfix as follows using default_transport and
> sender_dependent_default_transport_maps to reject all external
> outgoing mail, unless the envelope sender comes from a particular
> domain (yanofsky.org):
>
> default_transport = error:External delivery disabled
> sender_dependent_default_transport_maps = inline:{
> @yanofsky.org=smtp:[smtp-relay.gmail.com]:587 }
>
> This works correctly for messages sent locally though the sendmail
> command. But it doesn't work for messages that come in through smtpd.
> The problem is that smtpd rejects all external outgoing messages after
> the RCPT command, even when the sender is from @yanofsky.org.
>
> Looking at the smtpd source code, the problem seems to be that instead
> of smtpd calling the resolve_clnt_query_from() function which takes
> the sender into account, it always calls the resolve_clnt_query()
> function, which ignores the message sender.
>
> The exact point of failure happens in the
> strcmp(STR(reply->transport), MAIL_SERVICE_ERROR) check inside the
> check_rcpt_maps() function when it is called by
> check_recipient_rcpt_maps(), which is called by smtpd_check_rcpt(),
>
> The problem looks like it could be straightforward to fix if the
> resolve_clnt_query() call inside smtpd were changed to
> resolve_clnt_query_from(), but I haven't tried making this change yet,
> and I don't know what other effects this might have.
>
> Other notes: I'm running postfix-3.1.1, and the exact smtpd failure message
> is:
>
> Jun 14 17:40:51 jumpy postfix/smtpd[31276]: NOQUEUE: reject: RCPT from
> jumpy[2600:3c03::f03c:91ff:fe55:105d]: 550 5.1.1
> <russ+t...@yanofsky.org>: Recipient address rejected: External
> delivery disabled; from=<russ+t...@yanofsky.org>
> to=<russ+t...@yanofsky.org> proto=ESMTP helo=<jumpy>
