Solved

Postfix sender_dependent_default_transport_maps Default Behavior

Posted on 2010-08-20
13
2,472 Views
Last Modified: 2013-11-30
We are trying to impliment the ability to filter based on who is sending and use a smarthost for some of these people.

I found several articles, and ended up using this one to configure this:
http://www.kutukupret.com/2010/01/02/postfix-bind-sender-domain-to-dedicated-outgoing-ip-address/

What I am looking for is a way to make any domains/users who are not set up in the file to send out using the local server and DNS.  I tried a few things, but so far no luck.  Any ideas?

Running Ubuntu 10.04 with Postfix 2.7
0
Comment
Question by:TacoFlavoredKisses
  • 5
  • 5
  • 3
13 Comments
 
LVL 9

Expert Comment

by:Barry Gill
ID: 33486913
create a listener in master.cf that bypasses the sender dependant transport maps
0
 
LVL 9

Expert Comment

by:Barry Gill
ID: 33486928
sorry, create a sender dependant map that points to the localhost on port 10025 (or whatever) and then create a listener in master.cf to listen on that port and use the -o tag to overwrite the sender dependant maps parameter
0
 
LVL 1

Author Comment

by:TacoFlavoredKisses
ID: 33487071
I saw another article with similar info but I don't follow completely.  
0
 
LVL 9

Expert Comment

by:Barry Gill
ID: 33487511
postfix listens on port 25
processes rules and forwards to new smtp service as per the sender maps.
one of those rules forwards to localhost port 10025 (or something you specify) and postfix has a listening daemon on that port that changes some of the normal rules.
these new rules DO NOT INCLUDE the sender_dependant_recipient maps and as such postfix will deliver to final destination.

this is the same type of configuration/process with postfix that you would use for spamassassin and clam through...
0
 
LVL 19

Assisted Solution

by:bevhost
bevhost earned 400 total points
ID: 33494518
See
http://www.postfix.org/postconf.5.html#sender_dependent_default_transport_maps



sender_dependent_default_transport_maps (default: empty)

    A sender-dependent override for the global default_transport parameter setting. The tables are searched by the envelope sender address and @domain. A lookup result of DUNNO terminates the search without overriding the global default_transport parameter setting. This information is overruled with the transport(5) table.

    Note: this overrides default_transport, not transport_maps, and therefore the expected syntax is that of default_transport, not the syntax of transport_maps. Specifically, this does not support the transport_maps syntax for null transport, null nexthop, or null email addresses.

    For safety reasons, this feature does not allow $number substitutions in regular expression maps.

    This feature is available in Postfix 2.7 and later.



sender_dependent_relayhost_maps (default: empty)

    A sender-dependent override for the global relayhost parameter setting. The tables are searched by the envelope sender address and @domain. A lookup result of DUNNO terminates the search without overriding the global relayhost parameter setting (Postfix 2.6 and later). This information is overruled with relay_transport, sender_dependent_default_transport_maps, default_transport and with the transport(5) table.

    For safety reasons, this feature does not allow $number substitutions in regular expression maps.

    This feature is available in Postfix 2.3 and later.
0
 
LVL 9

Expert Comment

by:Barry Gill
ID: 33494918
thanks Bev, I learned something :) I didn't realise that the fail would result in normal transport.
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 
LVL 1

Author Comment

by:TacoFlavoredKisses
ID: 33497639
I am going to work on implementing this.  I will update here once done.
0
 
LVL 1

Author Comment

by:TacoFlavoredKisses
ID: 33497671
When it is failing to find the domain it is just hanging on the server.
0
 
LVL 1

Author Comment

by:TacoFlavoredKisses
ID: 33497699
Here is what I have:

Error I am getting is:
Aug 22 21:26:53 postfix03 default/smtp[30064]: connect to gmail-smtp-in.l.google.com[74.125.93.27]:25: Invalid argument

In master.cf:

domaina  unix -       -       n       -       -       smtp
   -o smtp_bind_address=192.168.6.89
   -o smtp_helo_name=domaina.com
   -o syslog_name=domaina


default  unix -       -       n       -       -       smtp
   -o smtp_bind_address=127.0.0.1
   -o smtp_helo_name=postfix03.domainx.com
   -o syslog_name=default

In main.cf:
sender_dependent_default_transport_maps = regexp:/etc/postfix/sdd_transport_maps.regexp

In sdd_transport_maps.regexp
/@domaina\.com$/      domaina:
/@domainb\.net$/       default:
0
 
LVL 19

Expert Comment

by:bevhost
ID: 33498167
This transport can only talk to localhost as it does not have a public IP address.
default  unix -       -       n       -       -       smtp

   -o smtp_bind_address=127.0.0.1

   -o smtp_helo_name=postfix03.domainx.com

   -o syslog_name=default

Open in new window

0
 
LVL 19

Accepted Solution

by:
bevhost earned 400 total points
ID: 33498179
I'm not sure why you don't setup the sender_dependent_default_transport_maps like this

/@domaina\.com$/      smtp:[smarthost]


Then again, perhaps I don't understand what you are trying to achieve here.
0
 
LVL 9

Assisted Solution

by:Barry Gill
Barry Gill earned 100 total points
ID: 33498977
gmail-smtp-in.l.google.com[74.125.93.27]:25: Invalid argument

your failure above is because the syntax in your sdd_transport_maps.regexp is wrong.

My apologies for making this complex, bevhost is correct.
undo the changes to master.cf and revert back to just using the sender_dependant_default_transport_maps as per bevhosts post above.
you will have then...

/@domaina\.com$/      smtp:[192.168.6.89]
/@domainc\.com$/      smtp:[192.168.6.90]
/@domaind\.com$/      smtp:smtp.google.com

etc

note there is no domainb listed here as that will fall back to default delivery mechanism.
0
 
LVL 1

Author Comment

by:TacoFlavoredKisses
ID: 33501065
Wow.  That is much easier than I was making it.  Thanks bevhost and barrulus

I took out the crazyness in master.cf and just used the smtp: in the sdd file.  Works exactly as expected now.  

I would think it would still work linking it to something in the master.cf .  At first I just had the top one and tried to let the others go out when they don't meet the rule, but there was a transport error then.  Either way, this is a much simpler configuration.
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Join & Write a Comment

The purpose of this article is to fix the unknown display problem in Linux Mint operating system. After installing the OS if you see Display monitor is not recognized then we can install "MESA" utilities to fix this problem or we can install additio…
Granting full access permission allows users to access mailboxes present in their database. By giving full access permission one can open and read the content of any mailbox but cannot send emails from that mailbox.
In this video we show how to create a User Mailbox in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Recipients >> Mailb…
To show how to generate a certificate request in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Servers >> Certificates…

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now