DevHeads.net

sender_dependent_default_transport_maps difficulties

<html>
<head>

<meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
</head>
<body bgcolor="#FFFFFF" text="#000000">
Hi all,<br>
<br>
I am having a very difficult time getting
sender_dependent_default_transport_maps to actually work as
described.<br>
<br>
I have a simple postfix 2.9.3 server with 2 IP addresses. I want all
mail sent from a sender address of *@example1 to go through 1.1.1.1,
and all mail sent from a sender address of *@example2.com to go
through 1.1.1.2.<br>
<br>
My master.cf currently looks similar to the following:<br>
<br>
<small><tt>1.1.1.1:smtp&nbsp;&nbsp;&nbsp;&nbsp; inet&nbsp;&nbsp;&nbsp; n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; -&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; -&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; smtpd -o smtpd_sasl_auth_enable=yes -o
smtpd_tls_key_file=/etc/postfix/server.key -o
smtpd_tls_cert_file=/etc/postfix/server.crt -o
myhostname=mail.domain1.com<br>
1.1.1.1:submission inet n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; -&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; -&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; -&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
smtpd -o smtpd_sasl_auth_enable=yes -o
smtpd_tls_key_file=/etc/postfix/server.key -o
smtpd_tls_cert_file=/etc/postfix/server.crt -o
myhostname=mail.domain1.com<br>
1.1.1.2:smtp&nbsp;&nbsp;&nbsp;&nbsp; inet&nbsp;&nbsp;&nbsp; n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; -&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; -&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; -&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
smtpd -o smtpd_sasl_auth_enable=yes -o
smtpd_tls_key_file=/etc/postfix/mail_domain2_com.key -o
smtpd_tls_cert_file=/etc/postfix/mail_domain2_com.crt -o
myhostname=mail.domain2.com<br>
1.1.1.2:submission inet n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; -&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; -&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; -&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
smtpd -o smtpd_sasl_auth_enable=yes -o
smtpd_tls_key_file=/etc/postfix/mail_domain2_com.key -o
smtpd_tls_cert_file=/etc/postfix/mail_domain2_com.crt -o
myhostname=mail.domain2.com<br>
127.0.0.1:smtp&nbsp;&nbsp;&nbsp;&nbsp; inet&nbsp;&nbsp;&nbsp; n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; -&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; -&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; smtpd -o smtpd_sasl_auth_enable=yes -o
smtpd_tls_key_file=/etc/postfix/server.key -o
smtpd_tls_cert_file=/etc/postfix/server.crt<br>
127.0.0.1:submission inet n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; -&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; n&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; -&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
-&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; smtpd -o smtpd_sasl_auth_enable=yes -o
smtpd_tls_key_file=/etc/postfix/server.key -o
smtpd_tls_cert_file=/etc/postfix/server.crt<br>
</tt></small><br>
<br>
<br>
I tried the following setup in
/etc/postfix/sender_dependent_default_transport_maps with no luck :<br>
<br>
/@domain2\.com$/&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 1.1.1.2:smtp:<br>
<br>
I have the following in /etc/postfix/main.cf:<br>
sender_dependent_default_transport_maps =
regexp:/etc/postfix/sender_dependent_default_transport_maps<br>
<br>
<br>
It gives the following error:<br>
dsn=4.3.0, status=deferred (mail transport unavailable)<br>
<br>
<br>
<br>
What is the simplest way of doing this? I've tried both regexp and a
standard hash format as described on various pages I have Googled
with no luck.<br>
<br>
Thanks in advance!
</body>
</html>

Comments

Re: sender_dependent_default_transport_maps difficulties

By Viktor Dukhovni at 07/30/2012 - 00:18

[ No HTML posts, please! ]

Why do you believe this is the correct syntax? The transport(5)
documentation specifies:

transport:nexthop

not

nexthop:transport

Re: sender_dependent_default_transport_maps difficulties

By Russell Jones at 07/30/2012 - 00:30

Hi Viktor,

I have been following (or attempting to follow) these two sites I found
that showed how to set this up. They both show domain then transport:

<a href="http://www.ericmichaelstone.com/?p=5359" title="http://www.ericmichaelstone.com/?p=5359">http://www.ericmichaelstone.com/?p=5359</a>
<a href="http://www.zoobey.com/index.php/resources/all-articles-list/210-postfix-outbound-mail-router-by-domain" title="http://www.zoobey.com/index.php/resources/all-articles-list/210-postfix-outbound-mail-router-by-domain">http://www.zoobey.com/index.php/resources/all-articles-list/210-postfix-...</a>

So both of these are not correct and it should be swapped? If so I will
schedule some downtime again and attempt to get this correct. If this is
my only problem then I am doing good :-)

Btw I believe I have thunderbird set to send in plain text now to this
mailing list.

On 7/30/2012 12:18 AM, Viktor Dukhovni wrote:

Re: sender_dependent_default_transport_maps difficulties

By Viktor Dukhovni at 07/30/2012 - 00:45

I don't see this at either site. All I found was "transport:",
with custom transport names defined in master.cf. Read the
tutorials on the Postfix website:

<a href="http://www.postfix.org/documentation.html" title="http://www.postfix.org/documentation.html">http://www.postfix.org/documentation.html</a>

and only then search examples that illustrate these. There is a
lot of garbage advice out there, and while the postfix.org tutorials
may pose a steep learning curve in some cases, rare uncaught typos
aside, they are never wrong.

Your initial searches should include "site:www.postfix.org" in the
Google search query.

I can't speak to any other problems, but you certainly must fix
this one by using the correct syntax, as documented at:

<a href="http://www.postfix.org/postconf.5.html#sender_dependent_default_transport_maps" title="http://www.postfix.org/postconf.5.html#sender_dependent_default_transport_maps">http://www.postfix.org/postconf.5.html#sender_dependent_default_transpor...</a>
<a href="http://www.postfix.org/postconf.5.html#default_transport" title="http://www.postfix.org/postconf.5.html#default_transport">http://www.postfix.org/postconf.5.html#default_transport</a>
<a href="http://www.postfix.org/transport.5.html" title="http://www.postfix.org/transport.5.html">http://www.postfix.org/transport.5.html</a>

Thanks.

Re: sender_dependent_default_transport_maps difficulties

By Russell Jones at 07/30/2012 - 21:57

Thanks Viktor. I feel like I am closer, just not quite there yet. I am
now getting the following error:
mail for 1.1.1.1 loops back to myself

main.cf:
sender_dependent_default_transport_maps =
hash:/etc/postfix/sender_dependent_default_transport_maps

master.cf:
1.1.1.1:smtp inet n - n - - smtpd -o
smtpd_sasl_auth_enable=yes -o myhostname=mail.domain1.tld
1.1.1.1:submission inet n - n - - smtpd -o
smtpd_sasl_auth_enable=yes -o myhostname=mail.domain1.tld

sender_dependent_default_transport_maps:
@domain1.tld smtp:1.1.1.1

Not sure what I am doing wrong. Unfortunately a search for pages
utilizing sender_dependent_default_transport_maps on postfix.org yielded
nothing besides the man page outlining what that variable is for. No
examples or tutorials.

On 7/30/2012 12:45 AM, Viktor Dukhovni wrote:

Re: sender_dependent_default_transport_maps difficulties

By Viktor Dukhovni at 07/30/2012 - 23:20

You configured Postfix to deliver mail to itself. It dutifully
tries to do so and reports a loop as it should. I don't know what
your intentions are, but you appear to be stumbling around in the
dark without any real understanding of what you're doing.

You need to take a step back and think harder about what problem
you're really trying to solve with these settings, draw a diagram
of the desired mail flow, and think about how the Postfix MTA fits
into the desired end-state, and understand how the corresponding
configuration settings affect the mail flow.

<a href="http://www.postfix.org/OVERVIEW.html" title="http://www.postfix.org/OVERVIEW.html">http://www.postfix.org/OVERVIEW.html</a>

The No-Starch or the O'Reilly Postfix books will be helpful.

Cargo-cult configuration will not get you very far when your needs
are specialized, you need to reach a higher level of proficiency.

Re: sender_dependent_default_transport_maps difficulties

By Russell Jones at 07/30/2012 - 23:33

Thank you for the delightful insight. I thought I was pretty clear in
what I was attempting to do in my first email:

"I have a simple postfix 2.9.3 server with 2 IP addresses. I want all
mail sent from a sender address of *@example1 to go through 1.1.1.1, and
all mail sent from a sender address of *@example2.com to go through
1.1.1.2."

My understanding is sender_dependent_default_transport_maps is what I
want here based on my research prior to emailing this list, but I could
be wrong. I don't feel like I need an O'Reily book to achieve this.......

On 7/30/2012 11:20 PM, Viktor Dukhovni wrote:

Re: sender_dependent_default_transport_maps difficulties

By Viktor Dukhovni at 07/30/2012 - 23:43

What does "go through" mean?

The main trouble with not knowing is not knowing what you don't
know. The sender_dependent_default_transport_maps is a mechanism
in Postfix, that overrides the default transport:nexthop for outbound
mail based on the sender address.

It makes no sense to set this to an address handled by the same
Postfix MTA that received the mail, this is a loop. Thus your
understanding of how the pieces fit together is as yet insufficient
to meet your goals. A book or in-depth tutorial should in fact
be quite helpful:

<a href="http://www.postfix.org/OVERVIEW.html" title="http://www.postfix.org/OVERVIEW.html">http://www.postfix.org/OVERVIEW.html</a>
<a href="http://www.postfix.org/ADDRESS_CLASS_README.html" title="http://www.postfix.org/ADDRESS_CLASS_README.html">http://www.postfix.org/ADDRESS_CLASS_README.html</a>
<a href="http://www.postfix.org/ADDRESS_REWRITING_README.html" title="http://www.postfix.org/ADDRESS_REWRITING_README.html">http://www.postfix.org/ADDRESS_REWRITING_README.html</a>
<a href="http://www.postfix.org/transport.5.html" title="http://www.postfix.org/transport.5.html">http://www.postfix.org/transport.5.html</a>
<a href="http://www.postfix.org/postconf.5.html#default_transport" title="http://www.postfix.org/postconf.5.html#default_transport">http://www.postfix.org/postconf.5.html#default_transport</a>
<a href="http://www.postfix.org/MULTI_INSTANCE_README.html" title="http://www.postfix.org/MULTI_INSTANCE_README.html">http://www.postfix.org/MULTI_INSTANCE_README.html</a>

Re: sender_dependent_default_transport_maps difficulties

By Russell Jones at 07/30/2012 - 23:56

The source IP is defined based on the sender's domain. This is what I
need to achieve: "Recently there have been requests for sending mail
with source IP addresses that depend on the envelope sender."
(<a href="http://www.mail-archive.com/postfix- ... at postfix dot org/msg18419.html" title="http://www.mail-archive.com/postfix- ... at postfix dot org/msg18419.html">http://www.mail-archive.com/postfix- ... at postfix dot org/msg18419.html</a>)

Fair enough. I never claimed to be a Postfix guru, nor do I have the
urge to be one. Hence why I am posting here for assistance *from* the
experts :) . I understand that having it deliver to itself is a silly
task to attempt to undertake - my attempt was to get it to send from
that IP/service.

This was simple to achieve in Exim. Re-reading the same man pages is
futile, and buying a book to achieve what should be a simple goal seems
like overkill.

On 7/30/2012 11:43 PM, Viktor Dukhovni wrote:

Re: sender_dependent_default_transport_maps difficulties

By Viktor Dukhovni at 07/31/2012 - 00:21

The source IP address of an outbound delivery is controlled by the
kernel IP stack, but can be pre-empted by the SMTP delivery agent.

To send *from* 192.0.2.1, instead of configuring an inbound listeners
on 192.0.2.1 and setting the transport:nexthop to smtp:192.0.2.1,
which means delivering *to* that IP address, you need a master.cf
entry (a transport), which sends from that IP address:

master.cf:
foo_smtp unix - - - - - smtp
-o smtp_bind_address=$foo_smtp_bind_address
bar_smtp unix - - - - - smtp
-o smtp_bind_address=$bar_smtp_bind_address
...

main.cf:
indexed = ${default_database_type}:${config_directory}/
sender_dependent_default_transport_maps = ${indexed}def-xprt
...
foo_smtp_bind_address = 192.0.2.1
bar_smtp_bind_address = 192.0.2.2
...

def-xprt:
@example.com foo_smtp
@example.net bar_smtp

But you have not taken the time to understand what either the
default_transport parameter or its sender-dependent behaviour mean.
Hence, re-read the documentation until these are actually clear.

Since you've chosen Postfix, something else you want is easier to
achieve in Postfix, all designs have trade-offs. Choose the MTA
that best meets your needs. Study it well, a lot of effort goes
into comprehensive documentation of Postfix, and the books expand
on this with extensive analysis of use cases that expand your
understanding.

Rereading is rarely futile, each time I re-read technical material
that introduces new concepts I learn something new unless/until I
am as expert as the author on the topic at hand. The trick is to
read carefully and to take the time to test one's knowledge with
exercises (in the case of Postfix test configurations that that
prove to yourself that your mental model matches reality).

Re: sender_dependent_default_transport_maps difficulties

By Russell Jones at 07/31/2012 - 00:36

Thanks Viktor, the examples helped considerably. I now have it working
as intended :)

Hopefully this thread will help others in the future that may have
issues too.

On 7/31/2012 12:21 AM, Viktor Dukhovni wrote:

Re: sender_dependent_default_transport_maps difficulties

By Russell Jones at 07/31/2012 - 00:09

Some clarification, I'm not asking you (or anyone) to write my configs
for me, but to just point me in some sort of direction that has some
working examples I could pick up off of.... the postfix documentation
has some nice examples and tutorials for all sort of things, just
nothing for this particular feature it seems.

On 7/30/2012 11:56 PM, Russell Jones wrote: