Re: canonicalised address gives: Recipient address rejected: User unknown in local recipient table

2016-03-02 Thread Tom Robinson 
On 03/03/16 08:58, wilfried.es...@essignetz.de wrote:
>> I was guessing that this would have to be aliased but didn't see it in the 
>> documentation for
>> canonical. Is it the correct way to set up full.name mapping to local users? 
>> Also I'm more used to
>> sendmail and qmail. This is my first time configuring postfix.
> 
> Correct is probably the wrong word.
> 
> If you need mailadresses, that aren't the same as loginnames or
> mailboxnames, you have to define aliases. For me, using aliases, instead
> of internal usernames, is the usual way. But, usually, i don't use
> canonical for that. Maybe it makes sense, when changing from mailaddress
> scheme "firstname" to, e.g.,  "first.lastname".
> 
> You can define aliases also in virtual table.
> 

Still wading through the doco. From what I can determine /etc/postfix/canonical 
is used to rewrite
the envelope and headers. From the doco 
http://www.postfix.org/ADDRESS_REWRITING_README.html:

---8<---
Canonical address mapping

The cleanup(8) daemon uses the canonical(5) tables to rewrite addresses in 
message envelopes and in
message headers. By default all header and envelope addresses are rewritten; 
this is controlled with
the canonical_classes configuration parameter.

---8<---
Local alias database

When mail is to be delivered locally, the local(8) delivery agent runs each 
local recipient name
through the aliases(5) database. The mapping does not affect addresses in 
message headers. Local
aliases are typically used to implement distribution lists, or to direct mail 
for standard aliases
such as postmaster to real people. The table can also be used to map 
"Firstname.Lastname" addresses
to login names.
---8<---

My apologies that I didn't read _all_ the doco before attempting the mapping. 
So my understanding is
now that the /etc/postfix/canonical file allows envelope and header rewrites to 
the final delivered
email but /etc/aliases is used to create the actual mapping for 
firsname.lastname to a local user
and that is necessary for successful delivery of email.

So, if out of two users, shaun and tom and I have only canonicalised tom as 
follows:
/etc/aliases:
shaun.fielder: shaun
tom.robinson: tom

/etc/postfix/canonical:
tom tom.robinson

Using sendmail to generate a report helps explain what happens:

/usr/sbin/sendmail -bv tom

in the report I can see the mail is deliverable to the local user 
(t...@motec.com.au) but the To: is
rewritten to tom.robin...@motec.com.au:

---8<---
   The mail system

 (expanded from ): delivery via local: delivers to
maildir

---8<---

Final-Recipient: rfc822; t...@motec.com.au
Original-Recipient: rfc822; tom
Action: deliverable
Status: 2.0.0
Diagnostic-Code: X-Postfix; delivery via local: delivers to maildir

--66BDF295D.1456957031/camber.motec.com.au
Content-Description: Message Headers
Content-Type: text/rfc822-headers

Return-Path: 
Received: by camber.motec.com.au (Postfix, from userid 0)
id 66BDF295D; Thu,  3 Mar 2016 09:17:11 +1100 (AEDT)
DKIM-Filter: OpenDKIM Filter v2.10.3 camber.motec.com.au 66BDF295D
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=motec.com.au;
s=mail.motec.com.au; t=1456957031;
bh=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=;
h=From:Subject:To:Date:From;
b=dWhEOD1NdRiFqTz/bHCytLEWfZiuQiqi1nSY058RhH3oZsZ44SWvPe3ihAUfHlOA3
 fNK39lnH5+dejADrx++k03VXgyjfNLL54+lyiQuCU2OnJrRQoJP8ll1KShgm7AvPlv
 +cMeDrR1mXrzHC8nEDsQch3cjzD9+STDmph6Ko+E=
From: r...@motec.com.au
Subject: probe
To: tom.robin...@motec.com.au
Message-Id: <20160302221711.66bdf2...@camber.motec.com.au>
Date: Thu,  3 Mar 2016 09:17:11 +1100 (AEDT)

--66BDF295D.1456957031/camber.motec.com.au--
---8<---

Using sendmail again for user shaun (who has _no_ canonicalisation to 
firstname.lastname):

/usr/sbin/sendmail -bv shaun

in the report I can see the mail is deliverable to the local user 
(sh...@motec.com.au) but the To:
is unchanged:

---8<---
   The mail system

 (expanded from ): delivery via local: delivers to
maildir

---8<---

Final-Recipient: rfc822; sh...@motec.com.au
Original-Recipient: rfc822; shaun
Action: deliverable
Status: 2.0.0
Diagnostic-Code: X-Postfix; delivery via local: delivers to maildir

--D8F30295D.1456957257/camber.motec.com.au
Content-Description: Message Headers
Content-Type: text/rfc822-headers

Return-Path: 
Received: by camber.motec.com.au (Postfix, from userid 0)
id D8F30295D; Thu,  3 Mar 2016 09:20:56 +1100 (AEDT)
DKIM-Filter: OpenDKIM Filter v2.10.3 camber.motec.com.au D8F30295D
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=motec.com.au;
s=mail.motec.com.au; t=1456957256;
bh=47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=;
h=From:Subject:To:Date:From;
b=VZaX2Z1dmJy+X6qXe28KFco8blbjQ6kNJM5XyQR+Y1Q7mHlTqvbrHAfEETF6rHp+A

Re: canonicalised address gives: Recipient address rejected: User unknown in local recipient table

2016-03-02 Thread wilfried.es...@essignetz.de 
> I was guessing that this would have to be aliased but didn't see it in the 
> documentation for
> canonical. Is it the correct way to set up full.name mapping to local users? 
> Also I'm more used to
> sendmail and qmail. This is my first time configuring postfix.

Correct is probably the wrong word.

If you need mailadresses, that aren't the same as loginnames or
mailboxnames, you have to define aliases. For me, using aliases, instead
of internal usernames, is the usual way. But, usually, i don't use
canonical for that. Maybe it makes sense, when changing from mailaddress
scheme "firstname" to, e.g.,  "first.lastname".

You can define aliases also in virtual table.


Willi

Re: canonicalised address gives: Recipient address rejected: User unknown in local recipient table

2016-03-02 Thread Tom Robinson 
On 03/03/16 08:02, wilfried.es...@essignetz.de wrote:
> 
> Am 02.03.2016 um 21:52 schrieb Tom Robinson:
>> On 03/03/16 06:33, wilfried.es...@essignetz.de wrote:
>>> Am 02.03.2016 um 06:32 schrieb Tom Robinson:
 Hi,

 I'm trying to map users to first.last in canonical but I get
 an error when sending email to the canonicalized address 
 first.last@domain:
>>> ...
 My Error: Mar  2 15:47:36 camber policyd-spf[17984]: None; 
 identity=helo; client-ip=10.0.6.3; helo=motec.com.au; 
 envelope-from=r...@motec.com.au; 
 receiver=tom.robin...@motec.com.au Mar  2 15:47:36 camber 
 policyd-spf[17984]: None; identity=mailfrom;
 client-ip=10.0.6.3; helo=motec.com.au;
 envelope-from=r...@motec.com.au; 
 receiver=tom.robin...@motec.com.au Mar  2 15:47:36 camber 
 postfix/smtpd[17974]: NOQUEUE: reject: RCPT from 
 caster.motec.com.au[10.0.6.3]: 550 5.1.1 
 : Recipient address rejected: User 
 unknown in local recipient table; from= 
 to= proto=SMTP helo= 
>>>
>>> Hi,
>>>
>>> can you show the according entries from /etc/aliases and 
>>> /etc/postfix/canonical?
>>>
>>> What name has the target mailbox for tom.robin...@motec.com.au?
>>
>> Hi Willi,
>>
>> Thanks for taking a look.
>>
>> I don't have an entry in aliases and maybe that's the problem. From
>> /etc/postfix/canonical:
>>
>> tom tom.robinson
>>
>> The real user is tom.
> 
> 
> OK. I think you'll need entries like
> 
> tom.robinson: tom
> 
> in your /etc/aliases. (Don't forget newaliases)
> 

I replied as you wrote this. I made that change which seems to have worked. My 
other post has more
details and a question.

Thanks,
Tom




signature.asc
Description: OpenPGP digital signature

Re: canonicalised address gives: Recipient address rejected: User unknown in local recipient table

2016-03-02 Thread Tom Robinson 
On 03/03/16 07:52, Tom Robinson wrote:
> On 03/03/16 06:33, wilfried.es...@essignetz.de wrote:
>> Am 02.03.2016 um 06:32 schrieb Tom Robinson:
>>> Hi,
>>>
>>> I'm trying to map users to first.last in canonical but I get an
>>> error when sending email to the canonicalized address
>>> first.last@domain:
>> ...
>>> My Error: Mar  2 15:47:36 camber policyd-spf[17984]: None;
>>> identity=helo; client-ip=10.0.6.3; helo=motec.com.au;
>>> envelope-from=r...@motec.com.au;
>>> receiver=tom.robin...@motec.com.au Mar  2 15:47:36 camber
>>> policyd-spf[17984]: None; identity=mailfrom; client-ip=10.0.6.3; 
>>> helo=motec.com.au; envelope-from=r...@motec.com.au;
>>> receiver=tom.robin...@motec.com.au Mar  2 15:47:36 camber
>>> postfix/smtpd[17974]: NOQUEUE: reject: RCPT from 
>>> caster.motec.com.au[10.0.6.3]: 550 5.1.1
>>> : Recipient address rejected: User
>>> unknown in local recipient table; from=
>>> to= proto=SMTP helo= 
>>
>> Hi,
>>
>> can you show the according entries from /etc/aliases and
>> /etc/postfix/canonical?
>>
>> What name has the target mailbox for tom.robin...@motec.com.au?
> 
> Hi Willi,
> 
> Thanks for taking a look.
> 
> I don't have an entry in aliases and maybe that's the problem. From 
> /etc/postfix/canonical:
> 
> tom tom.robinson
> 
> The real user is tom.
> 

I have since made this entry in /etc/aliases:

tom.robinson:   tom

and rebuilt with postalias.

If that's the only change and the correct way to set this up, I think it's 
fixed. Is that the
correct way to set it up?

When I send a test email:

# telnet 10.0.6.5 25
Trying 10.0.6.5...
Connected to 10.0.6.5.
Escape character is '^]'.
220 camber.motec.com.au ESMTP Postfix
mail from: r...@motec.com.au
250 2.1.0 Ok
rcpt to: tom.robin...@motec.com.au
250 2.1.5 Ok
data
354 End data with .
Subject: test full.name
email to full.name
.
250 2.0.0 Ok: queued as 2BE6A295D
quit
221 2.0.0 Bye
Connection closed by foreign host.

The log shows this:
Mar  3 07:54:37 camber policyd-spf[27063]: None; identity=mailfrom; 
client-ip=10.0.6.3;
helo=motec.com.au; envelope-from=r...@motec.com.au; 
receiver=tom.robin...@motec.com.au
Mar  3 07:54:37 camber postfix/smtpd[27055]: 2BE6A295D: 
client=caster.motec.com.au[10.0.6.3]
Mar  3 07:54:54 camber postfix/cleanup[27064]: 2BE6A295D: message-id=<>
Mar  3 07:54:54 camber opendkim[9340]: 2BE6A295D: can't determine message 
sender; accepting
Mar  3 07:54:54 camber postfix/qmgr[17616]: 2BE6A295D: 
from=, size=446, nrcpt=1
(queue active)
Mar  3 07:54:55 camber postfix/local[27074]: 2BE6A295D: to=,
orig_to=, relay=local, delay=23, 
delays=22/0.03/0/0.06, dsn=2.0.0,
status=sent (delivered to maildir)
Mar  3 07:54:55 camber postfix/qmgr[17616]: 2BE6A295D: removed

And in the Maildir/cur of user tom I see:

$ cat 1456952094.Vfd11I55455b9M998906.camber.motec.com.au:2,a
Return-Path: 
X-Original-To: tom.robin...@motec.com.au
Delivered-To: tom.robin...@motec.com.au
Received-SPF: None (no SPF record) identity=mailfrom; client-ip=10.0.6.3; 
helo=motec.com.au;
envelope-from=r...@motec.com.au; receiver=tom.robin...@motec.com.au
Authentication-Results: camber.motec.com.au; dkim=permerror (bad 
message/signature format)
Received: from caster.motec.com.au (caster.motec.com.au [10.0.6.3])
by camber.motec.com.au (Postfix) with SMTP id 2BE6A295D
for ; Thu,  3 Mar 2016 07:54:32 +1100 (AEDT)
Subject: test full.name

email to full.name

I was guessing that this would have to be aliased but didn't see it in the 
documentation for
canonical. Is it the correct way to set up full.name mapping to local users? 
Also I'm more used to
sendmail and qmail. This is my first time configuring postfix.

Kind regards,
Tom

-- 

Tom Robinson
IT Manager/System Administrator

MoTeC Pty Ltd

121 Merrindale Drive
Croydon South
3136 Victoria
Australia

T: +61 3 9761 5050
F: +61 3 9761 5051
E: tom.robin...@motec.com.au





signature.asc
Description: OpenPGP digital signature

Re: canonicalised address gives: Recipient address rejected: User unknown in local recipient table

2016-03-02 Thread wilfried.es...@essignetz.de 

Am 02.03.2016 um 21:52 schrieb Tom Robinson:
> On 03/03/16 06:33, wilfried.es...@essignetz.de wrote:
>> Am 02.03.2016 um 06:32 schrieb Tom Robinson:
>>> Hi,
>>> 
>>> I'm trying to map users to first.last in canonical but I get
>>> an error when sending email to the canonicalized address 
>>> first.last@domain:
>> ...
>>> My Error: Mar  2 15:47:36 camber policyd-spf[17984]: None; 
>>> identity=helo; client-ip=10.0.6.3; helo=motec.com.au; 
>>> envelope-from=r...@motec.com.au; 
>>> receiver=tom.robin...@motec.com.au Mar  2 15:47:36 camber 
>>> policyd-spf[17984]: None; identity=mailfrom;
>>> client-ip=10.0.6.3; helo=motec.com.au;
>>> envelope-from=r...@motec.com.au; 
>>> receiver=tom.robin...@motec.com.au Mar  2 15:47:36 camber 
>>> postfix/smtpd[17974]: NOQUEUE: reject: RCPT from 
>>> caster.motec.com.au[10.0.6.3]: 550 5.1.1 
>>> : Recipient address rejected: User 
>>> unknown in local recipient table; from= 
>>> to= proto=SMTP helo= 
>> 
>> Hi,
>> 
>> can you show the according entries from /etc/aliases and 
>> /etc/postfix/canonical?
>> 
>> What name has the target mailbox for tom.robin...@motec.com.au?
> 
> Hi Willi,
> 
> Thanks for taking a look.
> 
> I don't have an entry in aliases and maybe that's the problem. From
> /etc/postfix/canonical:
> 
> tom tom.robinson
> 
> The real user is tom.


OK. I think you'll need entries like

tom.robinson:   tom

in your /etc/aliases. (Don't forget newaliases)


Willi




> 
> Kind regards, Tom
>

Re: canonicalised address gives: Recipient address rejected: User unknown in local recipient table

2016-03-02 Thread wilfried.es...@essignetz.de 
Am 02.03.2016 um 06:32 schrieb Tom Robinson:
> Hi,
> 
> I'm trying to map users to first.last in canonical but I get an
> error when sending email to the canonicalized address
> first.last@domain:
...
> My Error: Mar  2 15:47:36 camber policyd-spf[17984]: None;
> identity=helo; client-ip=10.0.6.3; helo=motec.com.au;
> envelope-from=r...@motec.com.au;
> receiver=tom.robin...@motec.com.au Mar  2 15:47:36 camber
> policyd-spf[17984]: None; identity=mailfrom; client-ip=10.0.6.3; 
> helo=motec.com.au; envelope-from=r...@motec.com.au;
> receiver=tom.robin...@motec.com.au Mar  2 15:47:36 camber
> postfix/smtpd[17974]: NOQUEUE: reject: RCPT from 
> caster.motec.com.au[10.0.6.3]: 550 5.1.1
> : Recipient address rejected: User
> unknown in local recipient table; from=
> to= proto=SMTP helo= 

Hi,

can you show the according entries from /etc/aliases and
/etc/postfix/canonical?

What name has the target mailbox for tom.robin...@motec.com.au?


Willi

canonicalised address gives: Recipient address rejected: User unknown in local recipient table

2016-03-01 Thread Tom Robinson 
Hi,

I'm trying to map users to first.last in canonical but I get an error when 
sending email to the
canonicalized address first.last@domain:

Recipient address rejected: User unknown in local recipient table

What am I not understanding? Any help is appreciated.

Here are my configs and the error from the logs:

# postconf -nf
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases, hash:/etc/mailman/aliases
canonical_maps = hash:/etc/postfix/canonical
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd
$daemon_directory/$process_name $process_id & sleep 5
home_mailbox = Maildir/
html_directory = no
inet_interfaces = all
inet_protocols = all
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
milter_default_action = accept
milter_protocol = 2
mydestination = localhost.$mydomain, localhost, mail.$mydomain, $mydomain
mydomain = motec.com.au
myhostname = camber.motec.com.au
mynetworks = cidr:/etc/postfix/network_table
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
non_smtpd_milters = inet:localhost:8891
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.10.1/README_FILES
sample_directory = /usr/share/doc/postfix-2.10.1/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_milters = inet:localhost:8891
smtpd_recipient_restrictions = permit_sasl_authenticated permit_mynetworks
reject_unauth_destination check_policy_service unix:private/policy-spf
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = no
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous, noplaintext
smtpd_sasl_tls_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_tls_CAfile = /etc/pki/tls/certs/ca-bundle
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/pki/tls/certs/crt
smtpd_tls_exclude_ciphers = EXPORT
smtpd_tls_key_file = /etc/pki/tls/private/key
smtpd_tls_loglevel = 2
smtpd_tls_security_level = may
unknown_local_recipient_reject_code = 550

# postconf -Mf
smtp   inet  n   -   n   -   -   smtpd
smtps  inet  n   -   n   -   -   smtpd
-o syslog_name=postfix/smtps -o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
pickup unix  n   -   n   60  1   pickup
cleanupunix  n   -   n   -   0   cleanup
qmgr   unix  n   -   n   300 1   qmgr
tlsmgr unix  -   -   n   1000?   1   tlsmgr
rewriteunix  -   -   n   -   -   trivial-rewrite
bounce unix  -   -   n   -   0   bounce
defer  unix  -   -   n   -   0   bounce
trace  unix  -   -   n   -   0   bounce
verify unix  -   -   n   -   1   verify
flush  unix  n   -   n   1000?   0   flush
proxymap   unix  -   -   n   -   -   proxymap
proxywrite unix  -   -   n   -   1   proxymap
smtp   unix  -   -   n   -   -   smtp
relay  unix  -   -   n   -   -   smtp
showq  unix  n   -   n   -   -   showq
error  unix  -   -   n   -   -   error
retry  unix  -   -   n   -   -   error
discardunix  -   -   n   -   -   discard
local  unix  -   n   n   -   -   local
virtualunix  -   n   n   -   -   virtual
lmtp   unix  -   -   n   -   -   lmtp
anvil  unix  -   -   n   -   1   anvil
scache unix  -   -   n   -   1   scache
policy-spf unix  -   n   n   -   -   spawn
user=nobody argv=/usr/libexec/postfix/policyd-spf

My Error:
Mar  2 15:47:36 camber policyd-spf[17984]: None; identity=helo; 
client-ip=10.0.6.3;
helo=motec.com.au; envelope-from=r...@motec.com.au; 
receiver=tom.robin...@motec.com.au
Mar  2 15:47:36 camber policyd-spf[17984]: None; identity=mailfrom; 
client-ip=10.0.6.3;
helo=motec.com.au; envelope-from=r...@motec.com.au; 
receiver=tom.robin...@motec.com.au
Mar  2 15:47:36 camber postfix/smtpd[17974]: NOQUEUE: reject: RCPT from
caster.motec.com.au[10.0.6.3]: 550 5.1.1 : Recipient 
address rejected:
User unknown in local recipient table; from= 
to=
proto=SMTP helo=



Kind regards,
Tom

-- 

Tom Robinson
IT Manager/System Administrator

MoTeC Pty Ltd

121 Merrindale Drive
Croydon South
3136 Victoria
Australia

T: +61 3 9761 5050
F: +61 3 9761 5051
E: tom.robin...@motec.com.au




signature.asc
Description: OpenPGP digital signature