[Avcheck] postfix+cyrus+avcheck = virtual users problem
Michael Tokarev
mjt@tls.msk.ru
Sat, 27 Apr 2002 16:24:26 +0400
Stefano Tabacchiera wrote:
>
> Hi there,
> RedHat7.2 Linux box running postfix-1.1.7+pgsql patch, cyrus 2.0.16,
> avcheck-0.8.
>
> I have virtual users on a pgsql table.
> Postfix does alias expansion, then delivers to cyrus over lmtp.
> Note: I'm using postfix-style virtual-domains, so foo@virtual.com is an alias
> for the cyrus-style-mailbox user 'bar', but foo@`hostname` is NOT.
>
> from main.cf:
> mailbox_transport=lmtp:127.0.0.1
> fallback_transport=lmtp:127.0.0.1
>
> The problem has begun since I installed avcheck as content_filter over smtpd.
> That's what - I think - happens:
>
> 1) someone sends mail to foo@virtual.com
> 2) postfix does alias expansion over pgsql. The local user 'bar' is selected.
> 3) then the message passes through the content filter.
> 4) After filter processing, the message is reinjected into smtpd over
> localhost:1025 (no content filter here).
> 5) A ***NEW*** alias expansion (bar@`hostname`) is tried. But that's not
> anymore an alias.
Why? Why it's not *anymore* an alias?! Let's imagine the same scenario but
without content filter:
1) mail sent to foo@virtual.com
2) postfix does virtual (not alias as you wrote -- I suppose), and the
local user 'bar' is selected.
5) a ***NEW*** (why new?) alias expansion (bar@`hostname` - that's not quite
true, it's bar@$myorigin) is tried. If there is no such alias, when mail
will be bounced.
So what's the problem? Content_filter just moved it to another, different
place.
> 6) The query fails and the result is 550:user unknown.
> 7) The user bar never receive mail.
>
> Any clue?
Firts of all, recheck your configuration. There is an error somewhere.
Second, I'd recommend to disable any uce/whatether controls for
localhost:1025 (btw, use e.g. 10025 port instead - 1025 is the first
spare port and socketpair() with AF_INET will choose this port and thus
it will be busy). E.g.:
localhost:10025 ... smtpd
-olocal_recipient_maps=
-ovirtual_maps=
-osmtpd_recipient_restrictions=static:OK,reject
-ocontent_filter=
...
Regards,
Michael.