我有一個配置為地址重寫的後綴實例,它允許來自標頭的規範化。
當前(必需?)配置
這是相關配置:
# Basic conf
myhostname = hostname.example.test
mydomain = example.test
mynetworks = 127.0.0.0/8,1.2.3.4/32
myorigin = $mydomain
mydestination =
# Rewrite options
append_at_myorigin = yes
local_header_rewrite_clients = permit_mynetworks
sender_canonical_classes = envelope_sender, header_sender
sender_canonical_maps = hash:/etc/postfix/sender_canonical
recipient_canonical_classes = envelope_recipient, header_recipient
recipient_canonical_maps = hash:/etc/postfix/recipient_canonical
# restrictions (redacted for readability)
smtpd_sender_restrictions = permit_mynetworks, reject_non_fqdn_sender, permit
期望的結果
我想實現這一目標:
- 當從 127.0.0.1 收到電子郵件時,
From: root
被重寫為(即 root@$hostname)From: [email protected]
- 當從 1.2.3.4 收到電子郵件時,
From: root
被重寫為(即 root@$mydomain)From: [email protected]
- 當收到其他人的電子郵件時,電子郵件
From: root
將被拒絕(因為reject_non_fqdn_sender
有限制)
問題
該變數$myorigin
應該根據接收地址而不同,但我找不到這樣做的方法。到目前為止,我嘗試了很多解決方案但都失敗了。
嘗試失敗...
我嘗試創建兩個 smtp 主服務 - 127.0.0.1:smtp
withmyorigin = $myhostname
和192.168.1.2:smtp
with myorigin = $mydomain
- 但由於 myorigin 選項與進程瑣碎重寫相關,因此它會被忽略。
canonical
/的映射virtual
似乎不可用,因為它們發生在執行簡單的重寫之後。
映射aliases
似乎無法使用,因為它們是在訊息確定發送到 後使用的$mydestination
,但此訊息在其他地方。
答案1
謝謝安克斯回饋我找到了解決方案。
解決方案
根據Postfix 官方文檔關於重寫,master進程樹如下:
smtp --+--> cleanup --> rewrite --> [queue]
pickup --/
所以我最終創建了一個特定於本地主機的管道,如下所示:
192.168.1.2:smtp --+--> cleanup --> rewrite ------------+--> [queue]
127.0.0.1:smtp --+--> cleanup_local --> rewrite_local --/
pickup -----------/
配置
這是main.cf
配置,代表外部 IP 配置:
# configure the global desiderata
# Basic conf (for display purpose, use your own configuration)
# myhostname = hostname.example.test
# mydomain = example.test
# mydestination =
# mynetworks = 127.0.0.0/8,1.2.3.4/32
# Rewrite options
myorigin = $mydomain
append_at_myorigin = yes
local_header_rewrite_clients = permit_mynetworks
sender_canonical_classes = envelope_sender, header_sender
sender_canonical_maps = hash:/etc/postfix/sender_canonical
recipient_canonical_classes = envelope_recipient, header_recipient
recipient_canonical_maps = hash:/etc/postfix/recipient_canonical
# restrictions (redacted for readability)
smtpd_sender_restrictions = permit_mynetworks, reject_non_fqdn_sender, permit
這是master.cf
帶有定制管道的配置:
# add this for local smtp service
127.0.0.1:smtp inet n - n - - smtpd
-o myorigin=$myhostname
-o cleanup_service_name=cleanup_local
-o inet_interfaces=loopback-only
-o local_header_rewrite_clients=permit_inet_interfaces
# edit pickup sevice with this two options
pickup unix n - n 60 1 pickup
-o myorigin=$myhostname
-o cleanup_service_name=cleanup_local
# add this for local email cleanup
cleanup_local unix n - n - 0 cleanup
-o myorigin=$myhostname
-o rewrite_service_name=rewrite_local
# add this for local email basic rewrite
rewrite_local unix - - n - - trivial-rewrite
-o myorigin=$myhostname
-o local_header_rewrite_clients=permit_inet_interfaces
# Then for each public IP assigned to the machine, add smtp service like this
192.168.3.85:smtp inet n - n - - smtpd
# and remove default service smtp inet [..cut..] smtpd