It's my first time posting to a mailing list, my apologies.
I am using Postifix v3.1.0-3ubuntu0.3 on Ubuntu Xenial. The server is an
email relay server for our production network with each server being able to
connect if a) it's ip address is whitelisted or b) it uses smtp-auth when
connecting to port 587.
We have an invoicing system on a different host that clients use to send out
invoices and test invoices. The invoicing system generates and sends the
email to the server in question, which then relays the email to the client's
mail exchanger.
We are in a situation whereby we would like to keep the client's email
address in the from header but change the envelope sender address of all
emails to be our support email (in order to receive all bounces).
I am aware that using "sender_canonical_maps" with
"canonical_classes=envelope_sender" will work. However, this will change all
envelope sender address. We would only like to change the envelope sender if
the recipient matches a specific address. Is this possible?
The closest that I have come to making this work is to create a new smtp
service in master.cf and use a header check to match the recipient and
FILTER it to a new smtp service in master.cf. The problem here is that
canonical maps won't work because it is carried out by Postfix's cleanup
service, which does its work before inserting the email into the queue.
Based on HEADER_CHECKS(5), FILTER is the same as content_filter which is
executed after the email has been inserted into the queue.
Please find my main.cf below:
mail_owner = postfix
setgid_group = postdrop
smtpd_banner = $myhostname - SMTP
mydomain = domain.com
myhostname = hostname.$mydomain
message_size_limit = 25000000
default_destination_recipient_limit = 15
smtpd_recipient_limit = 50
inet_interfaces = all
inet_protocols = ipv4
mydestination = $myhostname
mynetworks = 127.0.0.1
myorigin = $myhostname
local_transport = local
local_recipient_maps = $alias_maps unix:passwd.byname
alias_maps = hash:/etc/aliases
alias_database = $alias_maps
relay_domains = hash:/etc/postfix/maps/relay_domains
transport_maps = pcre:/etc/postfix/maps/transport
biff = no
disable_mime_input_processing = no
strict_rfc821_envelopes = no
show_user_unknown_table_name = no
queue_run_delay = 300s
bounce_queue_lifetime = 1d
maximal_queue_lifetime = 2d
minimal_backoff_time = 120s
maximal_backoff_time = 1800s
header_checks = regexp:/etc/postfix/maps/header_checks
local_header_rewrite_clients = static:all
postscreen_greet_action = enforce
postscreen_access_list = permit_mynetworks,
hash:/etc/postfix/maps/postscreen_checks
smtpd_tls_exclude_ciphers = RC4, aNULL
smtp_tls_exclude_ciphers = RC4, aNULL
smtpd_tls_mandatory_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1
smtpd_tls_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1
smtp_tls_protocols = !SSLv2,!SSLv3,!TLSv1,!TLSv1.1
smtp_dns_support_level = enabled
disable_vrfy_command = yes
smtpd_helo_required = yes
smtpd_helo_restrictions =
check_helo_access hash:/etc/postfix/maps/helo_checks,
reject_non_fqdn_helo_hostname,
reject_invalid_hostname,
reject_unauth_pipelining,
permit_sasl_authenticated,
permit_mynetworks,
permit
smtpd_sender_restrictions =
check_sender_access hash:/etc/postfix/maps/sender_checks,
permit_sasl_authenticated,
permit_mynetworks,
permit
smtpd_client_restrictions = hash:/etc/postfix/maps/client_checks
smtpd_relay_restrictions =
check_client_access hash:/etc/postfix/maps/client_checks,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_sender_domain,
reject_invalid_helo_hostname,
reject_invalid_hostname,
reject_rbl_client zen.spamhaus.org,
reject_rbl_client bl.spamcop.net,
reject_rbl_client b.barracudacentral.org,
reject_rbl_client cbl.abuseat.org,
reject_rbl_client ix.dnsbl.manitu.net,
reject_rhsbl_reverse_client dbl.spamhaus.org,
reject_rhsbl_sender dbl.spamhaus.org,
permit_sasl_authenticated,
permit_mynetworks,
reject_unknown_recipient_domain
smtpd_recipient_restrictions =
permit_mynetworks,
permit_sasl_authenticated,
check_client_access hash:/etc/postfix/maps/client_checks,
reject_unauth_destination,
check_policy_service inet:127.0.0.1:10023
smtpd_data_restrictions =
reject_unauth_pipelining,
permit
soft_bounce = no
dont_remove = 1
smtpd_delay_reject = yes
notify_classes =
helpful_warnings = yes
delay_notice_recipient = <admin_email>
error_notice_recipient = <admin_email>
bounce_notice_recipient = <admin_email>
2bounce_notice_recipient = <admin_email>
delay_warning_time = 24h
default_destination_concurrency_limit = 1
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = smtpd
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = cyrus
smtp_use_tls = yes
smtpd_tls_security_level = may
smtp_tls_loglevel = 1
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_tls_CAfile = /etc/postfix/ssl.ca.crt
smtpd_tls_cert_file = /etc/postfix/ssl.crt
smtpd_tls_key_file = /etc/postfix/ssl.key
compatibility_level=2
debug_peer_level = 5
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
$daemon_directory/$process_name $process_id & sleep 5
--
Sent from: http://postfix.1071664.n5.nabble.com/Postfix-Users-f2.html
