Solved

Redirect / forward mail  to another user for mail from speicfic address

Posted on 2009-05-18
19
679 Views
Last Modified: 2013-12-16
Hello, i wish to intercept / forward email that is sent to one user on  multi user mail server, i only want  email from one specific address to be redirected and it will be redirected to another user on same server.

The email should not arrive in original users inbox.

I have tried using this recipe below but the mail never arrives anywhere, have even tried with forward address not being on server?

Server runs postfix and procmail
:0 * ^(From|Cc|To).*redirect@domain.com {

   :0

   ! receive@domain.com

   }

Open in new window

0
Comment
Question by:carperman
  • 10
  • 5
  • 4
19 Comments
 
LVL 16

Accepted Solution

by:
ai_ja_nai earned 250 total points
Comment Utility
In postfix if you edit /etc/postfix/aliases you can define an alias for a certain address. An email sent to an 'alias' box will be redirected to the configured address. The syntax is

user1@mail.com: user2@mail.com

All user1's mail will be redirected to user2. After adding the lines save and close and type newaliases to rebuild the db of aliases
0
 

Author Comment

by:carperman
Comment Utility
Hello, yes i aware of that but i don't all email to a user to be redirected only email FROM a specific address to that user.

ie

email from

user1@domain-1.com

sent to

user1@ourdomain.com

to be redirected to

user2@ourdomain.com



 user1@ourdomain.com should still get all other email including email from domain *@domain-1.com but NOTt email from user1@domain-1.com

hope this is clearer.

cheers
0
 
LVL 16

Expert Comment

by:ai_ja_nai
Comment Utility
So, like an antispam filter, but with the spam redirected to a special folder?
0
 

Author Comment

by:carperman
Comment Utility
"So, like an antispam filter, but with the spam redirected to a special folder?2


yes and no!

Yes it needs to be redirected but unlike spam the mail is ONLY from one specific email address and must go to folder that is NOT in the original recipients mailfolder!

0
 
LVL 16

Expert Comment

by:ai_ja_nai
Comment Utility
try this
:0 

* ^From: .*user1@domain-1.com 

! user1@ourdomain.com | $SENDMAIL user2@ourdomain.com

Open in new window

0
 

Author Comment

by:carperman
Comment Utility
Ok tried that and no go but may be on right track if can sort out from logs what has gone amiss.


The way the server works is it pulls in email from main dedicated server by fetchmail and this process by postfix and then check for spam and virus with procmail.

the localmail server is known as ourmail.ourdomain.com

I can see 2 possible issues:


 warning: the Postfix sendmail command has set-uid root file permissions
 warning: or the command is run from a set-uid root process
 warning: the Postfix sendmail command must be installed without set-uid root file permissions


and

mailserv postfix/local[29564]: 119A72BC46: to=</usr/sbin/sendmail@ourdomain.com>, relay=local, delay=0.04, delays=0.02/0/0/0.02, dsn=5.1.1, status=bounced (unknown user: "/usr/sbin/sendmail")
mailserv postfix/local[29609]: 119A72BC46: to=<|@ourdomain.com>, relay=local, delay=0.04, delays=0.02/0.01/0/0.01, dsn=5.1.1, status=bounced (unknown user: "|")



logs

May 18 17:57:33 mailserv postfix/local[29564]: 3CF102BC63: to=<user1@localhost.ourdomain.com>, relay=local, delay=2.7, delays=0.01/0/0/2.7, dsn=2.0.0, status=sent (delivered to command: /usr/bin/procmail)
May 18 17:57:33 mailserv postfix/qmgr[5166]: 3CF102BC63: removed
May 18 16:57:33 mailserv postfix/sendmail[29605]: warning: the Postfix sendmail command has set-uid root file permissions
May 18 16:57:33 mailserv postfix/sendmail[29605]: warning: or the command is run from a set-uid root process
May 18 16:57:33 mailserv postfix/sendmail[29605]: warning: the Postfix sendmail command must be installed without set-uid root file permissions
May 18 17:57:33 mailserv postfix/pickup[28675]: EB60D2BC63: uid=529 from=<user1>
May 18 17:57:33 mailserv postfix/cleanup[29558]: EB60D2BC63: message-id=<200905181759.29670.user1@domain-1.com>
May 18 17:57:33 mailserv postfix/qmgr[5166]: EB60D2BC63: from=<user1@ourdomain.com>, size=2531, nrcpt=4 (queue active)
May 18 17:57:33 mailserv amavis[25101]: (25101-29) LMTP::10024 /var/amavis/tmp/amavis-20090518T144635-25101: <user1@ourdomain.com> -> </usr/sbin/sendmail@ourdomain.com>,<|@ourdomain.com>,<user1@ourdomain.com>,<user2@ourdomain.com> SIZE=2531 Received: from ourmail.ourdomain.com ([127.0.0.1]) by localhost (ourmail.ourdomain.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP; Mon, 18 May 2009 17:57:33 +0100 (BST)
May 18 17:57:34 mailserv amavis[25101]: (25101-29) smtp connection cache, dt: 1041.3, state: 0
May 18 17:57:34 mailserv amavis[25101]: (25101-29) Checking: JxRuShoLlKrR [127.0.0.1] <user1@ourdomain.com> -> </usr/sbin/sendmail@ourdomain.com>,<|@ourdomain.com>,<user1@ourdomain.com>,<user2@ourdomain.com>
May 18 17:57:34 mailserv amavis[25101]: (25101-29) cached e1c06d85ae7b8b032bef47e42e4c08f9 from <user1@ourdomain.com> (1,0)
May 18 17:57:34 mailserv amavis[25101]: (25101-29) p001 1 Content-Type: text/plain, size: 2 B, name:
May 18 17:57:34 mailserv amavis[25101]: (25101-29) local delivery: <> -> <clean-quarantine>, mbx=/var/amavis/quarantine/clean/JxRuShoLlKrR
May 18 17:57:34 mailserv postfix/smtpd[29562]: connect from mailserv.ourmail.ourdomain.com[127.0.0.1]
May 18 17:57:34 mailserv postfix/smtpd[29562]: 119A72BC46: client=mailserv.ourmail.ourdomain.com[127.0.0.1]
May 18 17:57:34 mailserv postfix/cleanup[29563]: 119A72BC46: message-id=<200905181759.29670.user1@domain-1.com>
May 18 17:57:34 mailserv postfix/qmgr[5166]: 119A72BC46: from=<user1@ourdomain.com>, size=3016, nrcpt=4 (queue active)
May 18 17:57:34 mailserv postfix/smtpd[29562]: disconnect from mailserv.ourmail.ourdomain.com[127.0.0.1]
May 18 17:57:34 mailserv amavis[25101]: (25101-29) FWD via SMTP: <user1@ourdomain.com> -> </usr/sbin/sendmail@ourdomain.com>,<|@ourdomain.com>,<user1@ourdomain.com>,<user2@ourdomain.com>,BODY=7BIT 250 2.0.0 Ok, id=25101-29, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 119A72BC46
May 18 17:57:34 mailserv amavis[25101]: (25101-29) Passed CLEAN, [127.0.0.1] [77.101.149.193] <user1@ourdomain.com> -> </usr/sbin/sendmail@ourdomain.com>,<|@ourdomain.com>,<user1@ourdomain.com>,<user2@ourdomain.com>, quarantine: clean/JxRuShoLlKrR, Message-ID: <200905181759.29670.user1@domain-1.com>, mail_id: JxRuShoLlKrR, Hits: -, size: 2531, queued_as: 119A72BC46, 128 ms
May 18 17:57:34 mailserv postfix/local[29564]: 119A72BC46: to=</usr/sbin/sendmail@ourdomain.com>, relay=local, delay=0.04, delays=0.02/0/0/0.02, dsn=5.1.1, status=bounced (unknown user: "/usr/sbin/sendmail")
May 18 17:57:34 mailserv postfix/local[29609]: 119A72BC46: to=<|@ourdomain.com>, relay=local, delay=0.04, delays=0.02/0.01/0/0.01, dsn=5.1.1, status=bounced (unknown user: "|")
May 18 17:57:34 mailserv postfix/lmtp[29559]: EB60D2BC63: to=</usr/sbin/sendmail@ourdomain.com>, orig_to=</usr/sbin/sendmail>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.15, delays=0.02/0/0/0.13, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=25101-29, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 119A72BC46)
May 18 17:57:34 mailserv postfix/lmtp[29559]: EB60D2BC63: to=<|@ourdomain.com>, orig_to=<|>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.16, delays=0.02/0/0/0.13, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=25101-29, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 119A72BC46)
May 18 17:57:34 mailserv postfix/lmtp[29559]: EB60D2BC63: to=<user1@ourdomain.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.16, delays=0.02/0/0/0.13, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=25101-29, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 119A72BC46)
May 18 17:57:34 mailserv postfix/lmtp[29559]: EB60D2BC63: to=<user2@ourdomain.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.16, delays=0.02/0/0/0.13, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=25101-29, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 119A72BC46)
May 18 17:57:34 mailserv postfix/qmgr[5166]: EB60D2BC63: removed
May 18 17:57:34 mailserv amavis[25101]: (25101-29) TIMING [total 141 ms] - SMTP greeting: 3 (2%)2, SMTP LHLO: 1 (1%)3, SMTP pre-MAIL: 0 (0%)3, SMTP pre-DATA-flush: 4 (3%)6, SMTP DATA: 35 (25%)31, check_init: 1 (1%)32, digest_hdr: 1 (1%)32, digest_body: 0 (0%)33, gen_mail_id: 3 (2%)34, mime_decode: 13 (9%)44, get-file-type1: 12 (9%)53, decompose_part: 1 (1%)53, parts_decode: 0 (0%)53, check_header: 4 (3%)56, update_cache: 3 (2%)58, decide_mail_destiny: 1 (0%)58, open-mbx: 4 (3%)61, write-header: 1 (1%)62, save-to-local-mailbox: 0 (0%)62, fwd-connect: 6 (4%)67, fwd-mail-pip: 4 (3%)69, fwd-rcpt-pip: 1 (1%)70, fwd-data-chkpnt: 0 (0%)70, write-header: 2 (1%)71, fwd-data-contents: 0 (0%)71, fwd-end-chkpnt: 16 (12%)83, prepare-dsn: 2 (1%)84, main_log_entry: 12 (8%)92, update_snmp: 5 (4%)96, SMTP pre-response: 2 (1%)97, SMTP response: 2 (2%)99, unlink-1-files: 1 (0%)99, rundown: 2 (1%)100
May 18 17:57:34 mailserv postfix/smtp[29608]: 119A72BC46: to=<user1@ourdomain.com>, relay=mailhost.zen.co.uk[212.23.3.98]:25, delay=0.48, delays=0.02/0.02/0.21/0.23, dsn=2.0.0, status=sent (250 OK id=1M66HZ-0004On-TO)
May 18 17:57:34 mailserv postfix/smtp[29608]: 119A72BC46: to=<user2@ourdomain.com>, relay=mailhost.zen.co.uk[212.23.3.98]:25, delay=0.48, delays=0.02/0.02/0.21/0.23, dsn=2.0.0, status=sent (250 OK id=1M66HZ-0004On-TO)
May 18 17:57:34 mailserv postfix/cleanup[29563]: 85B7F2BC63: message-id=<20090518165734.85B7F2BC63@ourmail.ourdomain.com>
May 18 17:57:34 mailserv postfix/bounce[29610]: 119A72BC46: sender non-delivery notification: 85B7F2BC63
May 18 17:57:34 mailserv postfix/qmgr[5166]: 85B7F2BC63: from=<>, size=5282, nrcpt=1 (queue active)
May 18 17:57:34 mailserv postfix/qmgr[5166]: 119A72BC46: removed
May 18 17:57:37 mailserv postfix/local[29564]: 85B7F2BC63: to=<user1@ourdomain.com>, relay=local, delay=3, delays=0.01/0/0/3, dsn=2.0.0, status=sent (delivered to command: /usr/bin/procmail)
May 18 17:57:37 mailserv postfix/qmgr[5166]: 85B7F2BC63: removed
0
 
LVL 16

Expert Comment

by:ai_ja_nai
Comment Utility
Uhm, check you syntax on your config, you are sending an email to those users
unknown user: "/usr/sbin/sendmail"

unknown user: "|"

Open in new window

0
 
LVL 4

Assisted Solution

by:ewest02
ewest02 earned 250 total points
Comment Utility
:0 c
* ^From: .*user1@domain-1.com
! user2@ourdomain.com


Note the "c" directive
0
 

Author Comment

by:carperman
Comment Utility
ai_ja_nai:

the syntax was exactly as you gave with only email addresses changed.
0
Find Ransomware Secrets With All-Source Analysis

Ransomware has become a major concern for organizations; its prevalence has grown due to past successes achieved by threat actors. While each ransomware variant is different, we’ve seen some common tactics and trends used among the authors of the malware.

 

Author Comment

by:carperman
Comment Utility
ewest02: are you giving a different solution then ai_ja_nai:?

cheers
0
 
LVL 4

Expert Comment

by:ewest02
Comment Utility
carperman...

I was suggesting a variation on a theme. :-)

"c" is a directive to create a carbon copy
the leading "!" in a recipe line tells procmail to forward the copy to the named address

I believe that the problem encountered with ai_ja_nai's suggested recipe line is that procmail is treating everything that follows the "!" forward directive as an email address. Hence the pipe and sendmail command were not recognized as part of a command line.

  --Eric
0
 

Author Comment

by:carperman
Comment Utility
ewest02: thanks for clarification, with carbon will the email go to the original recipient?

I want it so it does not?
0
 

Author Comment

by:carperman
Comment Utility
Hello, ok tried adding the c to filter and logs report no error and email appears to have be forwarded but it never arrives at either address?


:0 c
* ^From: .*user1@domain-1.com
! user1@ourdomain.com | $SENDMAIL user2@ourdomain.com



May 19 12:30:06 mailserv amavis[1473]: (01473-11) LMTP::10024 /var/amavis/tmp/amavis-20090519T115515-01473: <user1@ourdomain.com> -> </usr/sbin/sendmail@ourdomain.com>,<|@ourdomain.com>,<user1@ourdomain.com>,<user2@ourdomain.com> SIZE=2531 Received: from ourmail.ourdomain.com ([127.0.0.1]) by localhost (ourmail.ourdomain.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP; Tue, 19 May 2009 12:30:06 +0100 (BST)
May 19 12:30:06 mailserv amavis[1473]: (01473-11) Checking: 0Rx8bedx-wDV [127.0.0.1] <user1@ourdomain.com> -> </usr/sbin/sendmail@ourdomain.com>,<|@ourdomain.com>,<user1@ourdomain.com>,<user2@ourdomain.com>
May 19 12:30:08 mailserv amavis[1473]: (01473-11) FWD via SMTP: <user1@ourdomain.com> -> </usr/sbin/sendmail@ourdomain.com>,<|@ourdomain.com>,<user1@ourdomain.com>,<user2@ourdomain.com>,BODY=7BIT 250 2.0.0 Ok, id=01473-11, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 9C3B42BC46
May 19 12:30:08 mailserv amavis[1473]: (01473-11) Passed CLEAN, [127.0.0.1] [77.101.149.193] <user1@ourdomain.com> -> </usr/sbin/sendmail@ourdomain.com>,<|@ourdomain.com>,<user1@ourdomain.com>,<user2@ourdomain.com>, quarantine: clean/0Rx8bedx-wDV, Message-ID: <200905191232.12346.user1@domain-1.com>, mail_id: 0Rx8bedx-wDV, Hits: -, size: 2531, queued_as: 9C3B42BC46, 1577 ms
May 19 12:30:08 mailserv postfix/lmtp[2103]: 7F39C2BC64: to=<user2@ourdomain.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=1.6, delays=0.02/0/0.01/1.6, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=01473-11, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 9C3B42BC46)
May 19 12:30:08 mailserv postfix/smtp[2553]: 9C3B42BC46: to=<user2@ourdomain.com>, relay=mailhost.zen.co.uk[567.34.3.98]:25, delay=2, delays=1.5/0.01/0.26/0.28, dsn=2.0.0, status=sent (250 OK id=1M6NeM-0007PN-Hq)
0
 
LVL 4

Expert Comment

by:ewest02
Comment Utility
change
    ! user1@ourdomain.com | $SENDMAIL user2@ourdomain.com
to
   ! user2@ourdomain.com


Note from the log above;  /usr/sbin/sendmail@ourdomain.com>,

This occurs because the procmail recipe is treating all of your recipe as a set of forwarding addresses. See my earlier response.

  --Eric
0
 

Author Comment

by:carperman
Comment Utility
ewest02, sorry no joy :(

It looks like it did do it but the email was not redirected and only went to original recipient and not to redirected to user?

May 20 12:43:35 mailserv amavis[11387]: (11387-22) Passed CLEAN, [127.0.0.1] [77.101.149.193] <user1@ourdomain.comk> -> <user2@ourdomain.com>, quarantine: clean/i+8pZJQ38lNV, Message-ID: <200905201245.07149.user@domain-1.com>, mail_id: i+8pZJQ38lNV, Hits: -, size: 2529, queued_as: C35DC2BC46, 140 ms

The email has to be redirected to user2 and noting goes to user1.

:0 c
* ^From: .*user@domain-1.com
! user2@ourdomain.com



many thanks
0
 

Author Comment

by:carperman
Comment Utility
Yep this is a tough one so have up the points.
0
 
LVL 4

Expert Comment

by:ewest02
Comment Utility
You can get more information on what procmail is doing by enabling logging. Add the following to the top of your .procmailrc

VERBOSE=on
LOGFILE=${MAILDIR}/procmail.log
LOGABSTRACT=all

MAILDIR should be set as appropriate...


Also.. some experimenting on my own system...

Try adding a recipe line to delete the email sent to the original addressee.

:0
* ^From: .*user@domain-1.com
{
        :0 c
        ! user2@ourdomain.com
        :0
        /dev/null
}

0
 

Author Comment

by:carperman
Comment Utility
hello still no joy with this but am wondering if i can use postfix virtual alias maps?


so edit /etc/postfix/virtual with

user1@domain.com user2



this works for email sent  to but can see no way to set to use 'from' variable?
0
 
LVL 4

Expert Comment

by:ewest02
Comment Utility
Did you enable procmail logging? Do you have any more useful log messages?
0

Featured Post

What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

Join & Write a Comment

Over the last ten+ years I have seen Linux configuration tools come and go. In the early days there was the tried-and-true, all-powerful linuxconf that many thought would remain the one and only Linux configuration tool until the end of times. Well,…
Linux users are sometimes dumbfounded by the severe lack of documentation on a topic. Sometimes, the documentation is copious, but other times, you end up with some obscure "it varies depending on your distribution" over and over when searching for …
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now