postfix 3.5.6 升級後,對應到多個收件者的虛擬別名將被視為包含逗號的單一名稱

postfix 3.5.6 升級後,對應到多個收件者的虛擬別名將被視為包含逗號的單一名稱

剛從 debian wheezy postfix 2.9.6 升級到 debian bullseye postfix 3.5.6。

我們使用虛擬別名映射到多個收件人,如下所示:

[電子郵件受保護]@theidsp-network.inter-realm.net,[電子郵件受保護]

因此,郵件發送至[電子郵件受保護]均轉發至 [電子郵件受保護][電子郵件受保護]。多年來它一直正常運作。

我們之前了解到http://www.postfix.org/virtual.5.html多個接收者的順序很重要。 “當結果採用 @otherdomain 形式時,結果將成為 otherdomain 中的相同使用者。這僅適用於多位址查找結果中的第一個位址。”所以我們把通配符@收件人放在第一位。

postfix 升級後,smtpd 似乎正在嘗試轉發給單一收件者”[電子郵件受保護],吉姆“@space-port-pros.com。

由於該用戶不存在,因此該郵件將被丟棄。

以下是 mail.log 的一些輸出:

Apr 14 10:45:17 mail7-057 sslmx/smtpd[8640]: connect to subsystem private/proxymap
Apr 14 10:45:17 mail7-057 sslmx/smtpd[8640]: send attr request = lookup
Apr 14 10:45:17 mail7-057 sslmx/smtpd[8640]: send attr table = mysql:/etc/postfix/mysql-virtual_forwardings.cf
Apr 14 10:45:17 mail7-057 sslmx/smtpd[8640]: send attr flags = 540736
Apr 14 10:45:17 mail7-057 sslmx/smtpd[8640]: send attr key = [email protected]
Apr 14 10:45:17 mail7-057 sslmx/smtpd[8640]: private/proxymap socket: wanted attribute: status
Apr 14 10:45:17 mail7-057 sslmx/smtpd[8640]: input attribute name: status
Apr 14 10:45:17 mail7-057 sslmx/smtpd[8640]: input attribute value: 0
Apr 14 10:45:17 mail7-057 sslmx/smtpd[8640]: private/proxymap socket: wanted attribute: value
Apr 14 10:45:17 mail7-057 sslmx/smtpd[8640]: input attribute name: value
Apr 14 10:45:17 mail7-057 sslmx/smtpd[8640]: input attribute value: @theidsp-network.inter-realm.net,[email protected]
Apr 14 10:45:17 mail7-057 sslmx/smtpd[8640]: private/proxymap socket: wanted attribute: (list terminator)
Apr 14 10:45:17 mail7-057 sslmx/smtpd[8640]: input attribute name: (end)
Apr 14 10:45:17 mail7-057 sslmx/smtpd[8640]: dict_proxy_lookup: table=mysql:/etc/postfix/mysql-virtual_forwardings.cf flags=lock|fold_fix|utf8_request
 [email protected] -> status=0 [email protected],[email protected]
Apr 14 10:45:17 mail7-057 sslmx/smtpd[8640]: maps_find: virtual_alias_maps: proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf(0,lock|fold_fix|utf8
_request): [email protected] = @theidsp-network.inter-realm.net,[email protected]
Apr 14 10:45:17 mail7-057 sslmx/smtpd[8640]: mail_addr_find: [email protected] -> @theidsp-network.inter-realm.net,[email protected]
...
Apr 14 10:45:17 mail7-057 postfix/smtp[8669]: 55E65C895: to=<"[email protected],jim"@space-port-pros.com>, orig_to=<jimays@theids
p.net>, relay=mail7-052.idsp56.net[192.168.56.52]:52025, delay=0.06, delays=0.01/0.02/0.01/0.02, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 5F628
A882)

以下是 6 月日誌的片段,顯示轉送先前導致了兩行帶有 status=sent 的不同行,其中一行透過 smtp 傳輸到[電子郵件受保護]一個透過 lmtp-g 傳輸到[電子郵件受保護]

Jun 20 06:30:58 mail7-057 sslmx/smtpd[28956]: connect from mail7-055.idsp56.net[192.168.56.55]
Jun 20 06:30:58 mail7-057 sslmx/smtpd[28956]: Anonymous TLS connection established from mail7-055.idsp56.net[192.168.56.55]: TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)
Jun 20 06:30:58 mail7-057 sslmx/smtpd[28956]: B91A42BE4: client=mail7-055.idsp56.net[192.168.56.55]
Jun 20 06:30:58 mail7-057 cleanup-srs/cleanup[28963]: B91A42BE4: message-id=<[email protected]>
Jun 20 06:30:58 mail7-057 postfix/qmgr[19327]: B91A42BE4: from=<SRS0=Z5tX=LO=connect.match.com=bounces-MA-1-858-ea0868c4-498f-401a-b6f1-c3ce593994a7@trumail7.inter-dimensional-space-port.net>, size=47942, nrcpt=2 (queue active)
Jun 20 06:30:58 mail7-057 sslmx/smtpd[28956]: disconnect from mail7-055.idsp56.net[192.168.56.55]
Jun 20 06:30:58 mail7-057 postfix/smtp[28966]: Anonymous TLS connection established to mail7-052.idsp56.net[192.168.56.52]:52025: TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)
Jun 20 06:30:58 mail7-057 lmtp-g/lmtp[28965]: Trusted TLS connection established to lmtp7-g.inter-dimensional-space-port.net[216.184.19.228]:64007: TLSv1 with cipher AES256-SHA (256/256 bits)
Jun 20 06:30:58 mail7-057 postfix/smtp[28966]: B91A42BE4: to=<[email protected]>, relay=mail7-052.idsp56.net[192.168.56.52]:52025, delay=0.16, delays=0.04/0.02/0.02/0.08, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as C66855B94)
Jun 20 06:30:59 mail7-057 sslmx/smtpd[28956]: connect from mail7-055.idsp56.net[192.168.56.55]
Jun 20 06:30:59 mail7-057 sslmx/smtpd[28956]: Anonymous TLS connection established from mail7-055.idsp56.net[192.168.56.55]: TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)
Jun 20 06:30:59 mail7-057 sslmx/smtpd[28956]: 9D1D12CA5: client=mail7-055.idsp56.net[192.168.56.55]
Jun 20 06:30:59 mail7-057 cleanup-srs/cleanup[28963]: 9D1D12CA5: message-id=<[email protected]>
Jun 20 06:30:59 mail7-057 postfix/qmgr[19327]: 9D1D12CA5: from=<SRS0=Z5tX=LO=connect.match.com=bounces-MA-1-858-ea0868c4-498f-401a-b6f1-c3ce593994a7@trumail7.inter-dimensional-space-port.net>, size=50423, nrcpt=1 (queue active)
Jun 20 06:30:59 mail7-057 sslmx/smtpd[28956]: disconnect from mail7-055.idsp56.net[192.168.56.55]
Jun 20 06:31:07 mail7-057 lmtp-g/lmtp[28965]: B91A42BE4: to=<[email protected]>, relay=lmtp7-g.inter-dimensional-space-port.net[216.184.19.228]:64007, delay=8.9, delays=0.04/0.02/0.12/8.7, dsn=2.0.0, status=sent (250 Ok)
Jun 20 06:31:07 mail7-057 postfix/qmgr[19327]: B91A42BE4: removed

http://www.postfix.org/COMPATIBILITY_README.html沒有提及有關虛擬別名映射中的行為變更的任何具體資訊。

mysql-virtual_forwardings.cf 採用 ISPConfig 所建立的標準​​格式。

user = ispconfig
password = redacted
dbname = idsp_mail7_062
table = mail_forwarding
select_field = destination
where_field = source
additional_conditions = and active = 'y' and server_id = 81
hosts = 192.168.56.121

呼叫該檔案的 main.cf 的相關部分是:

virtual_alias_maps = regexp:/etc/postfix/regexp-virtual_forwardings__admin.cf, proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, proxy:mysql:/etc
/postfix/mysql-virtual_email2email.cf

virtual_forwardings 表如下所示:

MariaDB [idsp_mail7_057]> select * from mail_forwarding where source='[email protected]';
+---------------+------------+-------------+---------------+----------------+----------------+-----------+--------------------+----------------------------------------------------------+---------+--------+
| forwarding_id | sys_userid | sys_groupid | sys_perm_user | sys_perm_group | sys_perm_other | server_id | source             | destination                                              | type    | active |
+---------------+------------+-------------+---------------+----------------+----------------+-----------+--------------------+----------------------------------------------------------+---------+--------+
|           201 |          2 |           2 | riud          | riud           |                |        69 | [email protected] | @theidsp-network.inter-realm.net,[email protected] | forward | y      |
+---------------+------------+-------------+---------------+----------------+----------------+-----------+--------------------+----------------------------------------------------------+---------+--------+
1 row in set (0.001 sec)

增加了 smtpd -v -v 的日誌記錄,這在日誌中顯示:

dict_proxy_lookup: table=mysql:/etc/postfix/mysql-virtual_forwardings.cf flags=lock|fold_fix|utf8_request
 [email protected] -> status=0 [email protected],[email protected]
Apr 20 16:44:37 mail7-057 sslmx/smtpd[9561]: maps_find: virtual_alias_maps: proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf(0,lock|fold_fix|utf8
_request): [email protected] = @theidsp-network.inter-realm.net,[email protected]
Apr 20 16:44:37 mail7-057 sslmx/smtpd[9561]: mail_addr_find: [email protected] -> @theidsp-network.inter-realm.net,[email protected]

因此,查找似乎正確進行,但仍然只發生一次調度,而不是兩次。

答案1

當且僅當使用“@otherdomain”形式時才遇到它,所以它可以解決

  1. 透過從已棄用的形式遷移到在檔案中table/select_field/..指定並在 SQL 中模仿 postfix 不再執行的操作,或者querymysql-*.cf
  2. 透過永久更改您的表以將這些別名擴展為完整user@domain形式。

兩種解決方法都涉及一個查詢,其中包含類似以下內容的查詢:CASE WHEN destination LIKE "@%" THEN SUBSTR(source,1,INSTR(source,"@"))||destination ELSE destination END如果查找以 @ 開頭,則讓 SQL 僅連接來源郵箱。 user+extensions@onedomain如果您正在使用諸如 之類的地址擴展,請仔細考慮應該發生什麼!

在尋找行為改變的可能原因時,我遇到了一些 rfc822 引用/取消引用返工可能相關的,CHANGELOG 提到:

正確傳播地址擴展

從“aa bb+ext”@example.com 到“cc dd+ext”@other.example

儘管人們同樣可以認為整個僅在對位址清單中的第一個條目執行時才起作用的功能事情首先就是一個錯誤。此類後處理步驟應套用於結果集的所有元素,郵箱/副檔名/分隔符號之間不存在任何可能的歧義。


我能夠使用queryand table/select_field/..、帶或不帶複製 Postfix 3.4.13(由 Ubuntu 分發)中的列表/郵箱類型混淆代理映射,並且具有多行結果或單一逗號分隔結果。您可以將以下幾乎可行的步驟套用到工作複製器中以向上游報告。明顯地僅在測試盒上運行這些步驟

exit 1  # DATA LOSS! ONLY RUN ON VIRTUAL MACHINE FOR TESTING!
postconf virtual_transport=error
postconf virtual_alias_maps=proxy:sqlite:/etc/postfix/repro.cf
postconf virtual_alias_domains=e.invalid
postconf debug_peer_list=[::1]
sqlite3 /etc/postfix/repro.sqlite3 <<'EOF'
CREATE TABLE repro(s text, d text);
INSERT INTO repro(s,d) VALUES ("[email protected]", "@e.invalid,[email protected]");
INSERT INTO repro(s,d) VALUES ("[email protected]", "[email protected],[email protected]");
EOF
cat >/etc/postfix/repro.cf <<'EOF'
dbpath=/etc/postfix/repro.sqlite3
query=SELECT d FROM repro WHERE s='%s'
EOF
# send test mail (smtp not setuid, because smtp produces nicer logs)
printf %b 'import smtplib;\nsmtplib.SMTP("::1").sendmail("","[email protected]", "")' | python3
printf %b 'import smtplib;\nsmtplib.SMTP("::1").sendmail("","[email protected]", "")' | python3
# check logs

相關內容