Local address rewrite problem with postfix configuration and sender dependent relayhosts - ISP

forTT Wed, 08 Sep 2021 06:33:43 -0700

Hello together,
I have "Ubuntu 20.04.3 LTS" on a raspberry pi 4, and I'm trying to config 
postfix to rewrite local-addresses and use then sender-dependent relayhosts.


Postfix is mail_version = 3.4.13 and i have a dynamic IP.


The setup looks /should be like this:

1) local user sends email to postfix (local emailserver)
2) postfix rewrites FROM Address
3) dependent on the rewriten FROM Address pick the right relayhost
4) submits the mail to the relayhost via port 587 with the credentials from 
pass_smarthost


For point 1) an 2) i have a file sender_canonical created:
-------------------------------------------------------------------------
Local_User_A@local.homenet us...@gmx.de
Local_User_B@local.homenet us...@gmail.com
-------------------------------------------------------------------------

For point 3) i have a file relaymap created:
-------------------------------------------------------------------------
@gmx.de mail.gmx.net:587
@gmail.com smtp.gmail.com:587
-------------------------------------------------------------------------

For point 4) i have a file pass_smarthost created:
-------------------------------------------------------------------------
us...@gmx.de us...@gmx.de:UserA-GMX-Password
us...@gmail.com us...@gmail.com:UserB-Gmail-Password
-------------------------------------------------------------------------

I tested it with this:
-------------------------------------------------------------------------
echo "test" | sendmail -f ttm  xxxx...@posteo.de
-------------------------------------------------------------------------

But currently i get:

tail -f /var/log/syslog | grep --line-buffered "postfix\|relay\|generic"
-------------------------------------------------------------------------
Sep  7 18:28:29 ubuntu-RPI4 postfix/pickup[24810]: 5CFF24028B: uid=0 from=<ttm>
Sep  7 18:28:29 ubuntu-RPI4 postfix/cleanup[24830]: 5CFF24028B: 
message-id=<20210907182829.5CFF24028B@ttmsacer.homenet>
Sep  7 18:28:29 ubuntu-RPI4 postfix/qmgr[24811]: 5CFF24028B: 
from=<ttm@ttmsacer.homenet>, size=256, nrcpt=1 (queue active)
Sep  7 18:28:29 ubuntu-RPI4 postfix/smtp[24833]: connect to 
mx04.posteo.de[185.67.36.64]:25: Connection refused
Sep  7 18:28:29 ubuntu-RPI4 postfix/smtp[24833]: connect to 
mx01.posteo.de[185.67.36.61]:25: Connection refused
Sep  7 18:28:29 ubuntu-RPI4 postfix/smtp[24833]: connect to 
mx01.posteo.de[185.67.36.62]:25: Connection refused
Sep  7 18:28:29 ubuntu-RPI4 postfix/smtp[24833]: connect to 
mx03.posteo.de[185.67.36.63]:25: Connection refused
Sep  7 18:28:29 ubuntu-RPI4 postfix/smtp[24833]: connect to 
mx03.posteo.de[185.67.36.70]:25: Connection refused
Sep  7 18:28:29 ubuntu-RPI4 postfix/smtp[24833]: 5CFF24028B: 
to=<xxxx...@posteo.de>, relay=none, delay=0.51, delays=0.07/0.08/0.36/0, 
dsn=4.4.1, status=deferred (connect to mx03.posteo.de[185.67.36.70]:25: 
Connection refused)
-------------------------------------------------------------------------

For me it looks like, that postfix tries to deliver the email directly
to the recipient server on port 25 - instead of using the relayhost
(here gmx.de).
And the rewrite didnt come to the correct address - maybe a circle?
After the rewrite the FROM Address should be the us...@gmx.de not 
ttm@ttmsacer.homenet.

I tried to add the "-v" option in the master.cf to see more details or get a 
hint whats going round.

But i didn't get the error. What am I missing? Any hint would be helpful.

Thank you in advance.



main.cf
-------------------------------------------------------------------------
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = no
compatibility_level = 2
inet_interfaces = 127.0.0.1, localhost, 192.168.178.20
inet_protocols = all
local_transport = virtual
mailbox_size_limit = 0
message_size_limit = 52768000
mydestination = localhost.homenet, localhost
mydomain = ttmsacer.homenet
myhostname = ubuntu-RPI4.homenet
mynetworks = 127.0.0.0/8, [::ffff:127.0.0.0]/104, [::1]/128, 192.168.178.0/24
myorigin = /etc/mailname
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps 
$virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains 
$relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps 
$recipient_canonical_maps $relocated_maps $transport_maps $mynetworks 
$smtpd_sender_login_maps
readme_directory = no
receive_override_options = no_address_mappings
recipient_delimiter = +
relayhost =
sender_canonical_classes = envelope_sender, header_sender
sender_canonical_maps = hash:/etc/postfix/sender_canonical
sender_dependent_relayhost_maps = hash:/etc/postfix/relaymap
smtp_connection_cache_on_demand = no
smtp_generic_maps = hash:/etc/postfix/sender_canonical
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/pass_smarthost
smtp_sasl_security_options = noanonymous
smtp_sender_dependent_authentication = yes
smtp_tls_policy_maps = hash:/etc/postfix/tls_policy
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_end_of_data_restrictions = check_sender_access static:INFO
smtpd_recipient_restrictions = permit_sasl_authenticated permit_mynetworks 
reject_unauth_destination reject_unknown_reverse_client_hostname
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated 
defer_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain = $mydomain
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_sender_login_maps = proxy:mysql:/etc/postfix/mysql_sender_login_maps.cf
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/postfix/sslcert/mailserver20210902.crt
smtpd_tls_key_file = /etc/postfix/sslcert/mailserver20210902.key
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:5000
virtual_mailbox_base = /home/vmail
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_limit = 0
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 104
virtual_transport = lmtps:inet:localhost:24
virtual_uid_maps = static:5000
-------------------------------------------------------------------------

master.cf
-------------------------------------------------------------------------
smtp       inet  n       -       y       -       -       smtpd
submission inet  n       -       n       -       -       smtpd
    -o syslog_name=postfix/submission
    -o smtpd_tls_security_level=encrypt
    -o smtpd_sasl_auth_enable=yes
    -o smtpd_tls_auth_only=yes
    -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
pickup     unix  n       -       y       60      1       pickup
cleanup    unix  n       -       y       -       0       cleanup -v
qmgr       unix  n       -       n       300     1       qmgr
tlsmgr     unix  -       -       y       1000?   1       tlsmgr
rewrite    unix  -       -       y       -       -       trivial-rewrite -v
bounce     unix  -       -       y       -       0       bounce
defer      unix  -       -       y       -       0       bounce
trace      unix  -       -       y       -       0       bounce
verify     unix  -       -       y       -       1       verify
flush      unix  n       -       y       1000?   0       flush
proxymap   unix  -       -       n       -       -       proxymap
proxywrite unix  -       -       n       -       1       proxymap
smtp       unix  -       -       y       -       -       smtp
relay      unix  -       -       y       -       -       smtp -v
    -o syslog_name=postfix/$service_name
showq      unix  n       -       y       -       -       showq
error      unix  -       -       y       -       -       error
retry      unix  -       -       y       -       -       error
discard    unix  -       -       y       -       -       discard
local      unix  -       n       n       -       -       local
virtual    unix  -       n       n       -       -       virtual
lmtp       unix  -       -       y       -       -       lmtp
anvil      unix  -       -       y       -       1       anvil
scache     unix  -       -       y       -       1       scache
postlog    unix-dgram n  -       n       -       1       postlogd
maildrop   unix  -       n       n       -       -       pipe flags=DRhu
    user=vmail argv=/usr/bin/maildrop -d ${recipient}
uucp       unix  -       n       n       -       -       pipe flags=Fqhu
    user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail     unix  -       n       n       -       -       pipe flags=F user=ftn
    argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp      unix  -       n       n       -       -       pipe flags=Fq.
    user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix - n       n       -       2       pipe flags=R
    user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop}
    ${user} ${extension}
mailman    unix  -       n       n       -       -       pipe flags=FR
    user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py ${nexthop}
    ${user}
lmtps      unix  -       -       -       -       -       lmtp
    -o lmtp_use_tls=yes
    -o lmtp_enforce_tls=yes
    -o lmtp_tls_mandatory_protocols=!SSLv2,!SSLv3
    -o lmtp_tls_protocols=!SSLv2,!SSLv3
    -o lmtp_tls_mandatory_ciphers=high
    -o lmtp_tls_ciphers=high
    -o lmtp_send_xforward_command=yes
    -o lmtp_tls_security_level=encrypt
    -o lmtp_tls_note_starttls_offer=yes
    -o lmtp_address_preference=ipv4
-------------------------------------------------------------------------



--
best regards,
Thomas

Local address rewrite problem with postfix configuration and sender dependent relayhosts - ISP

Reply via email to