Virtual Alias and To header rewrite

2018-04-25 Thread Gary Smith 
Hi Everyone, 

It's been a long time since something in postfix has stumped me.  I am using 
virtual alias rewrites to handle 50k incoming email addresses that expand to 
1+n recipients.  The recipients are the line managers and lower level people 
that handle those accounts.  The virtual alias has been working in a general 
sense, lately I have been receiving bounces from Comcast and google with 
invalid recipients.  Normally this would be expected if a manager entered the 
wrong email for a line member (these are outside consultants using gmail, 
Comcast, etc).  The bounce however shows the original email address and not the 
alias email address, so it's really hard to track down the email issue this way.

So I would like to either rewrite the "to" field or add a header with the 
exploded virtual alias mapping.  From reading a few external articles the email 
should already have the to field set in the header, but that contradicts what I 
have read in the postfix virtual readme.  I have also tried using a 
header_check to and a new header (which I can do for the original address, but 
not the virtual alias mapped address).

When it's bounces via gmail I get the bounce below, which shows the original TO 
and not the expected virtual alias mapped.  I have several gmail accounts that 
are successful however.

What I would really like to do is add the envelope TO field to the TO header of 
the outgoing emails.  Is this possible?  This would let us at least track the 
bounces.  Is there a better approach?

Bounce message:

mx.google.com rejected your message to the following email addresses:
original_email_address (original_email_addr...@accounts.jellybelly.com)
The email address you entered couldn't be found. Please check the recipient's 
email address and try to resend the message. If the problem continues, please 
contact your email admin.
mx.google.com gave this error:
The email account that you tried to reach does not exist. Please try 
double-checking the recipient's email address for typos or unnecessary spaces. 
Learn more at https://support.google.com/mail/?p=NoSuchUser 
p25si12399124pgd.395 - gsmtp 


Diagnostic information for administrators:
Generating server: FFExchange3.jellybelly.net
original_email_addr...@accounts.jellybelly.com
mx.google.com
Remote Server returned '550-5.1.1 The email account that you tried to reach 
does not exist. Please try 550-5.1.1 double-checking the recipient's email 
address for typos or 550-5.1.1 unnecessary spaces. Learn more at 550 5.1.1 
https://support.google.com/mail/?p=NoSuchUser p25si12399124pgd.395 - gsmtp'
Original message headers:
Received: from FFExchange3.jellybelly.net (172.16.24.220) by
 FFExchange3.jellybelly.net (172.16.24.220) with Microsoft SMTP Server
 (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id
 15.1.1261.35; Tue, 24 Apr 2018 13:13:18 -0700
Received: from AZMTA1.accounts.jellybelly.com (10.207.41.21) by
 FFExchange3.jellybelly.net (172.16.24.220) with Microsoft SMTP Server id
 15.1.1261.35 via Frontend Transport; Tue, 24 Apr 2018 13:13:18 -0700
Received: from v1lpgssmtp02.prod.kibocommerce.com (smtp2.mozu.com 
[34.199.13.167])
by AZMTA1.accounts.jellybelly.com (Postfix) with ESMTP id A00FA3001857
for ; Tue, 24 Apr 2018 
13:13:18 -0700 (PDT)
Received: from v1dwpt1ws0702 (unknown [10.10.1.236])
by v1lpgssmtp02.prod.kibocommerce.com (Postfix) with ESMTP id 
5F2C2C3FAC7
for ; Tue, 24 Apr 2018 
20:13:18 + (UTC)
MIME-Version: 1.0
From: "Jelly Belly " 
To: original_email_address 
Reply-To: "donotre...@jellybelly.com" 
Date: Tue, 24 Apr 2018 20:13:18 +
Subject: Order Confirmation
Content-Type: text/html; charset="utf-8"
Content-Transfer-Encoding: base64
Return-Path: donotre...@jellybelly.com
Message-ID: 
X-OrganizationHeadersPreserved: FFExchange3.jellybelly.net
X-CrossPremisesHeadersFilteredByDsnGenerator: FFExchange3.jellybelly.net


[root@AZMTA1 custom]# cat add_original_rcpt.pcre
# I know, this only sets the original email address, but that will be important 
as well.
/^To:(\s)?(.*)$/ PREPEND X-Original-To: $2

[root@AZMTA1 custom]# postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
bounce_queue_lifetime = 4d
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd 
$daemon_directory/$process_name $process_id & sleep 5
default_transport = smtp:[172.16.24.220]
header_checks = pcre:/etc/postfix/custom/add_original_rcpt.pcre
html_directory = no
inet_interfaces = all
inet_protocols = all
lmtp_pix_workarounds =
mail_owner = postfix

rsyslogd and postfix

2018-04-25 Thread @lbutlr 
This might be of use to others out there. I decided that monitoring mail.log 
was too much of a pain with all the postscreen and dnsblog 'noise' from 
obscuring the information that I wanted to see, so I split those log events 
into their own log file using rsyslogd with the following lines in 
rsyslogd.conf (before the lines that log mail.log)

if $syslogtag contains 'postscreen' then /var/log/postscreen.log
if $syslogtag contains 'postscreen' then ~
if $syslogtag contains 'dnsblog' then /var/log/postscreen.log
if $syslogtag contains 'dnsblog' then ~

This lets me keep mail.log for quite a while and rotate off postscreen.log very 
quickly since it is not something I need to check very often at all.

I've been doing this for a week or two now and found it useful enough I thought 
it worth passing along.

Re: user unknown in virtual mailbox table

2018-04-25 Thread Alfredo De Luca 
Hi guys. any clue on this issue?

/Alfredo

On Fri, 20 Apr 2018, 17:24 Alfredo De Luca, 
wrote:

> Hi all. I had a run with postmap and these are the founding
>
> so we have mydomain1.com which is the original domain.and
> mydomain2.com which is the actual domanin of our company.
> So when I do the following
>
> - postmap -q arel...@mydomain1.comregexp:./domain_rewriting ldap:./
> ldap-virtual-maps.cf
>areluca basically doesn't exist with my mydomain1.com so...I get a
> message back with *user unknown*
>
> - postmap -q arel...@mydomain2.comregexp:./domain_rewriting ldap:./
> ldap-virtual-maps.cf
> returns arel...@mydomain1.com..which DOESN\t exist. but cause it
> find a result anyway I dont get any mail back saying *user unknown*
>
> So it's something in the ldap that I need to add or trigger.
>
> Maybe mailacceptinggeneralid will do the job accordingly to 
> *http://www.postfix.org/LDAP_README.html#config?
> ??*
>
>
> Thanks
>
>
>
>
>
>
>
>
>
> On Fri, Apr 20, 2018 at 4:03 PM, Viktor Dukhovni <
> postfix-us...@dukhovni.org> wrote:
>
>>
>>
>> > On Apr 20, 2018, at 8:03 AM, @lbutlr  wrote:
>> >
>> > The biggest issue between regex (POSIX) and PCRE is that POSIX regex is
>> greedy. that is, it matches the longest possible left, while PCRE matches
>> the shortest possible left.
>>
>> That's false (example uses a Bash in-line file):
>>
>>$ postmap -q aaa pcre:<(printf '%s\n' '/(a*)(a)/ $1:$2')
>>aa:a
>>
>> however, PCRE does also provide non-greedy "*" and "+" variants:
>>
>>   $ postmap -q aaa pcre:<(printf '%s\n' '/(a+?)(a)/ $1:$2')
>>   a:a
>>
>>   $ postmap -q aaa pcre:<(printf '%s\n' '/(a*?)(a)/ $1:$2')
>>   :a
>>
>> --
>> Viktor.
>>
>>
>
>
> --
> *Alfredo*
>
>

Re: Postfix set up with postfixadmin, trying to create /dev/null account

2018-04-25 Thread wilfried.es...@essignetz.de 
Hi,


suggest you to tell your postfix to accept mail for bounce.localdomain
for local delivery (http://www.postfix.org/postconf.5.html#mydestination)


Willi

Am 25.04.2018 um 11:11 schrieb K F:
> Hi All
> As I wrote above, this mailserver is set up with postfixadmin and mysql.
> I'm trying to set up a /dev/null mail account.So I've created an 
> aliasdevnull: /dev/nullAnd I've created a virtual mailbox on one of the 
> domains
> If I look in the MySQL database I see:
> select * from alias where address='relayt...@my.ownserver.com';
> +---+-+-+-+-++
> | address   | goto    | domain  | 
> created | modified    | active |
> +---+-+-+-+-++
> | relayt...@my.ownserver.com | devnull | my.ownserver.com | 2018-04-25 
> 10:18:24 | 2018-04-25 10:18:24 |  1 |
> +---+-+-+-+-++
> But if I look in the maillog I see this:Apr 25 10:28:13 bounce 
> postfix/smtp[61347]: 6A23E40ED1F2: to=, 
> orig_to=, relay=none, delay=22, 
> delays=22/0.01/0.02/0, dsn=5.4.4, status=bounced (Host or domain name not 
> found. Name service error for name=bounce.localdomain type=A: Host not found)
> The servers hostname is bounce.
> So what should I do?I tried changing the goto to devnull@localhost and also 
> devnull@bounce.localdomain but I still get errors.
> I hope somebody can help me out?
> Best wishesKenneth
>

Postfix set up with postfixadmin, trying to create /dev/null account

2018-04-25 Thread K F 
Hi All
As I wrote above, this mailserver is set up with postfixadmin and mysql.
I'm trying to set up a /dev/null mail account.So I've created an aliasdevnull: 
/dev/nullAnd I've created a virtual mailbox on one of the domains
If I look in the MySQL database I see:
select * from alias where address='relayt...@my.ownserver.com';
+---+-+-+-+-++
| address   | goto    | domain  | 
created | modified    | active |
+---+-+-+-+-++
| relayt...@my.ownserver.com | devnull | my.ownserver.com | 2018-04-25 10:18:24 
| 2018-04-25 10:18:24 |  1 |
+---+-+-+-+-++
But if I look in the maillog I see this:Apr 25 10:28:13 bounce 
postfix/smtp[61347]: 6A23E40ED1F2: to=, 
orig_to=, relay=none, delay=22, 
delays=22/0.01/0.02/0, dsn=5.4.4, status=bounced (Host or domain name not 
found. Name service error for name=bounce.localdomain type=A: Host not found)
The servers hostname is bounce.
So what should I do?I tried changing the goto to devnull@localhost and also 
devnull@bounce.localdomain but I still get errors.
I hope somebody can help me out?
Best wishesKenneth