> On Mar 26, 2023, at 16:23, Viktor Dukhovni via Postfix-users > <postfix-users@postfix.org> wrote: > >> ... > > Well, this does not have the "inline:{{...}}" guard. > >>> incoming_smtpd_restrictions = >>> check_policy_service inet:127.0.0.1:10040, >>> reject_invalid_hostname, >>> reject_non_fqdn_sender, >>> reject_non_fqdn_recipient, >>> check_sender_access inline:{ >>> {digitalinsight.firefightersfirstcreditunion.org = >>> permit_auth_destination} >>> }, >>> reject_unknown_sender_domain, > >> > > You can now either whitelist the client IP, or the exclude the domain > name from tests of DNS existence. Use whatever you think is most > manageable (I'd go with exempting the name).
I decided to go with exempting the name as shown above. It works. However, I have been studying the recommended: http://www.postfix.org/ADDRESS_REWRITING_README.html I am beginning to understand how the tables are used now. I made a list in the order shown in that page and came to the initial conclusion that all I needed was the virtual aliasing tables. I don't need any of the canonical, masquerading, or bcc functions. That should be all I need to get a received email into the queue properly. To test this, I started up ktrace on the master process and all it's siblings, and then sent in an email. Grabbing the NAMI entries from the output, removing the non-postfix entries and the duplicates yields a small list: 18128 postscreen NAMI "/var/db/postfix" 18128 postscreen NAMI "/var/db/postfix/postscreen_cache.db" 18129 smtpd NAMI "/usr/local/etc/postfix/aliases.db" 18129 smtpd NAMI "/usr/local/etc/postfix/vmail_aliases.db" 18129 smtpd NAMI "/usr/local/etc/postfix/vcsc_aliases.db" 18129 smtpd NAMI "/usr/local/etc/postfix/lafn_aliases.db" 18129 smtpd NAMI "/usr/local/mailman/data/aliases.db" 18129 smtpd NAMI "/usr/local/etc/postfix/vmail_mailbox.db" 18129 smtpd NAMI "/usr/local/etc/postfix/tempfail.db" 18131 trivial-rewrite NAMI "/usr/local/etc/postfix/vmail_aliases.db" 18131 trivial-rewrite NAMI "/usr/local/etc/postfix/vcsc_aliases.db" 18131 trivial-rewrite NAMI "/usr/local/etc/postfix/lafn_aliases.db" 18131 trivial-rewrite NAMI "/usr/local/mailman/data/aliases.db" 18131 trivial-rewrite NAMI "/usr/local/etc/postfix/vmail_domains.db" 18131 trivial-rewrite NAMI "/usr/local/etc/postfix/relocated.db" 18132 cleanup NAMI "/usr/local/etc/postfix/vmail_aliases.db" 18132 cleanup NAMI "/usr/local/etc/postfix/vcsc_aliases.db" 18132 cleanup NAMI "/usr/local/etc/postfix/lafn_aliases.db" 18132 cleanup NAMI "/usr/local/mailman/data/aliases.db" 18133 local NAMI "/usr/local/etc/postfix/aliases.db" 18133 local NAMI "/usr/local/etc/postfix/aliases.db" The first thing I noticed is that smtpd accesses some of the tables. That I didn't expect based on the README. I don't think it is using those tables to rewrite addresses, but it is not obvious why it accesses them. The aliases, vmail_aliases, lafn_alises,and mailman/data/aliases are all in the virtual_address_maps. I have them split into multiple files to make maintenance easier. smtpd accesses the vmail_mailbox table (virtual_mailbox_maps) also. It would appear that is required, but I don't see why. trivial-rewrite appears to be what I expected. I don't use relocated entries at this time, but I can see why it would use them. The rest of the entries seem obvious. -- Doug _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org