Re: Limiting .forward file processing

2010-06-23 Thread Mariusz Kiełpiński 
Victor Duchovni wrote:

 You don't postmap regexp tables. More importantly you are aliasing this
 address local-part in all remote domains to be local. That's wrong.
 You must list the local domains one by one in the transport table

   u...@a.example.com  local_no_forward
   u...@b.example.com  local_no_forward
   u...@c.example.com  local_no_forward

 and use a non-regexp transport table.
 It seems that maps works because
 DF82C8B2E8: to=u...@xxx, relay=local_no_forward, delay=0.12,
 delays=0.06/0.01/0/0.05, dsn=2.0.0, status=sent (forwarded as
 EFDC48B2E6)

Ok. I can see your point.
It was the configuration to test the idea. As you can see the mail was
properly assigned to local_no_forward. You are right - in the final
configuration this transport map should be rewrited.

 However .forward file in home directory of user still works

 The mail did not get piped to a command, it got forwarded to an address
 listed in .forward, the allow_mail_to... disable command processing.

That the real problem. I that case what option can be used to stop looking
into these files.


Regards,
Mariusz Kielpinski

Re: Limiting .forward file processing

2010-06-22 Thread Mariusz Kiełpiński 
Victor Duchovni wrote:
 On Tue, Jun 22, 2010 at 11:53:37AM +0200, Mariusz Kie?pi?ski wrote:

 allow_mail_to_commands and allow_mail_to_files according to
 http://www.postfix.org/postconf.5.html are global for all users. I have a
 need do disallow processing of .forward for most user (default
behavior)
 however some of them should still have a possibility of usage .forward
file. In the other words is this possible to block processing .forward
file for some users ?

 Yes, by using multiple copies of the local transport in master.cf, and
using transport_maps to route mail for selected users to an alternate
local transport, (with -o foo=bar overrides in master.cf).

 local2unix  -   n   n   -   -   local
   -o ...

Ok. So I added in master.cf
local_no_forwardunix  -   n   n   -   -   local
-o allow_mail_to_commands=alias
-o allow_mail_to_files=alias

I also created
transport_maps
/u...@.*/ local_no_forward:

and postmap-ed it

To main.cf
I added
transport_maps = pcre:/etc/postfix/transport_maps

It seems that maps works because
DF82C8B2E8: to=u...@xxx, relay=local_no_forward, delay=0.12,
delays=0.06/0.01/0/0.05, dsn=2.0.0, status=sent (forwarded as EFDC48B2E6)

However .forward file in home directory of user still works
What is wrong ?