diff options
| author | Guilhem Moulin <guilhem@fripost.org> | 2014-07-09 23:28:21 +0200 |
|---|---|---|
| committer | Guilhem Moulin <guilhem@fripost.org> | 2015-06-07 02:52:52 +0200 |
| commit | c71f1cf51e7f6e8f43b5f7afb1d8a2012fd83259 (patch) | |
| tree | d406b62dcf18c1c70ba9d75db4487e183f7cb9b0 /roles/MX | |
| parent | 19b5b582ef0cb02d490ad4c0a99e73c81fc27393 (diff) | |
Use $virtual_alias_domains not $virtual_mailbox_domains.
Quoting postconf(5):
smtpd_reject_unlisted_recipient (default: yes)
Request that the Postfix SMTP server rejects mail for unknown recipient
addresses, even when no explicit reject_unlisted_recipient access
restriction is specified. This prevents the Postfix queue from filling
up with undeliverable MAILER-DAEMON messages.
An address is always considered "known" when it matches a virtual(5)
alias or a canonical(5) mapping.
[…]
* The recipient domain matches $virtual_alias_domains but the recipient
is not listed in $virtual_alias_maps.
* The recipient domain matches $virtual_mailbox_domains but the
recipient is not listed in $virtual_mailbox_maps, and
$virtual_mailbox_maps is not null.
Since we alias everything under special, "invalid", domains (mda.f.o and
mailman.f.o), our $virtual_mailbox_maps was null, which led to
reject_unlisted_recipient not being triggered for say, "noone@fripost.org".
However, replacing $virtual_mailbox_domains with $virtual_alias_domains fits
into the second point above.
Diffstat (limited to 'roles/MX')
| -rw-r--r-- | roles/MX/tasks/main.yml | 2 | ||||
| -rw-r--r-- | roles/MX/templates/etc/postfix/main.cf.j2 | 25 | ||||
| -rw-r--r-- | roles/MX/templates/etc/postfix/virtual/domains.cf.j2 (renamed from roles/MX/templates/etc/postfix/virtual/mailbox_domains.cf.j2) | 0 | ||||
| -rw-r--r-- | roles/MX/templates/etc/postfix/virtual/list.cf.j2 | 2 | ||||
| -rw-r--r-- | roles/MX/templates/etc/postfix/virtual/transport.j2 | 4 |
5 files changed, 16 insertions, 17 deletions
diff --git a/roles/MX/tasks/main.yml b/roles/MX/tasks/main.yml index a6c68f6..db4bb58 100644 --- a/roles/MX/tasks/main.yml +++ b/roles/MX/tasks/main.yml @@ -45,7 +45,7 @@ owner=root group=root mode=0644 with_items: - - mailbox_domains.cf + - domains.cf # no need to reload upon change, as cleanup(8) is short-running - reserved_alias.pcre - alias.cf diff --git a/roles/MX/templates/etc/postfix/main.cf.j2 b/roles/MX/templates/etc/postfix/main.cf.j2 index b0da1bc..e3b8ce0 100644 --- a/roles/MX/templates/etc/postfix/main.cf.j2 +++ b/roles/MX/templates/etc/postfix/main.cf.j2 @@ -54,19 +54,18 @@ relay_domains = # We use a dedicated "virtual" domain to decongestion potential # bottlenecks on trivial_rewrite(8) due to slow LDAP lookups in # tranport_maps. -virtual_transport = error:5.1.1 Virtual transport unavailable -virtual_mailbox_domains = ldap:$config_directory/virtual/mailbox_domains.cf -virtual_alias_maps = pcre:$config_directory/virtual/reserved_alias.pcre - # first we do the alias resolution... - ldap:$config_directory/virtual/alias.cf - # ...and unless there is matching mailbox/list... - ldap:$config_directory/virtual/mailbox.cf - ldap:$config_directory/virtual/list.cf - # ...we resolve alias domains and catch alls - ldap:$config_directory/virtual/alias_domains.cf - ldap:$config_directory/virtual/catchall.cf -virtual_mailbox_maps = -transport_maps = cdb:$config_directory/virtual/transport +virtual_transport = error:5.1.1 Virtual transport unavailable +virtual_alias_domains = ldap:$config_directory/virtual/domains.cf +virtual_alias_maps = pcre:$config_directory/virtual/reserved_alias.pcre + # first we do the alias resolution... + ldap:$config_directory/virtual/alias.cf + # ...and unless there is matching mailbox/list... + ldap:$config_directory/virtual/mailbox.cf + ldap:$config_directory/virtual/list.cf + # ...we resolve alias domains and catch alls + ldap:$config_directory/virtual/alias_domains.cf + ldap:$config_directory/virtual/catchall.cf +transport_maps = cdb:$config_directory/virtual/transport # Don't rewrite remote headers diff --git a/roles/MX/templates/etc/postfix/virtual/mailbox_domains.cf.j2 b/roles/MX/templates/etc/postfix/virtual/domains.cf.j2 index 1cb8add..1cb8add 100644 --- a/roles/MX/templates/etc/postfix/virtual/mailbox_domains.cf.j2 +++ b/roles/MX/templates/etc/postfix/virtual/domains.cf.j2 diff --git a/roles/MX/templates/etc/postfix/virtual/list.cf.j2 b/roles/MX/templates/etc/postfix/virtual/list.cf.j2 index a2ff325..5de79d9 100644 --- a/roles/MX/templates/etc/postfix/virtual/list.cf.j2 +++ b/roles/MX/templates/etc/postfix/virtual/list.cf.j2 @@ -10,4 +10,4 @@ query_filter = (&(objectClass=FripostVirtualList)(!(objectClass=FripostPendi result_attribute = fvl # Use a dedicated "virtual" domain to decongestion potential bottlenecks # on trivial_rewrite(8) due to slow LDAP lookups in tranport_maps. -result_format = %D/%U@lists.fripost.org +result_format = %D/%U@mailman.fripost.org diff --git a/roles/MX/templates/etc/postfix/virtual/transport.j2 b/roles/MX/templates/etc/postfix/virtual/transport.j2 index 85715a0..9eac2be 100644 --- a/roles/MX/templates/etc/postfix/virtual/transport.j2 +++ b/roles/MX/templates/etc/postfix/virtual/transport.j2 @@ -7,7 +7,7 @@ mda.fripost.org smtp:[mda.fripost.org]:{{ postfix_instance.IMAP.port }} {% endif %} {% if 'lists' in group_names %} -lists.fripost.org smtpl:[127.0.0.1]:{{ postfix_instance.lists.port }} +mailman.fripost.org smtpl:[127.0.0.1]:{{ postfix_instance.lists.port }} {% else %} -lists.fripost.org smtp:[lists.fripost.org]:{{ postfix_instance.lists.port }} +mailman.fripost.org smtp:[lists.fripost.org]:{{ postfix_instance.lists.port }} {% endif %} |