Postifix:对本地电子邮件使用 myorigin=$myhostname,对受信任网络使用 myorigin=$mydomain

tag-icon tag-icon postfix
Postifix:对本地电子邮件使用 myorigin=$myhostname,对受信任网络使用 myorigin=$mydomain

我有一个配置了地址重写的后缀实例,它允许从标头进行规范化。

当前(需要?)配置

这是相关配置:

# Basic conf
myhostname = hostname.example.test
mydomain = example.test
mynetworks = 127.0.0.0/8,1.2.3.4/32
myorigin = $mydomain
mydestination =

# Rewrite options
append_at_myorigin = yes
local_header_rewrite_clients = permit_mynetworks
sender_canonical_classes = envelope_sender, header_sender
sender_canonical_maps = hash:/etc/postfix/sender_canonical
recipient_canonical_classes = envelope_recipient, header_recipient
recipient_canonical_maps = hash:/etc/postfix/recipient_canonical

# restrictions (redacted for readability)
smtpd_sender_restrictions = permit_mynetworks, reject_non_fqdn_sender, permit

期望结果

我想实现这个目标:

  1. 当从 127.0.0.1 收到电子邮件时,From: root将重写为(即 root@$hostname)From: [email protected]
  2. 当从 1.2.3.4 收到电子邮件时,From: root将重写为(即 root@$mydomain)From: [email protected]
  3. 当收到其他人发来的电子邮件时,该电子邮件From: root将被拒绝(因为reject_non_fqdn_sender存在限制)

问题

该变量$myorigin应该根据接收地址而不同,但我找不到这样做的方法。到目前为止,我尝试了很多解决方案,但都失败了。

尝试失败...

我尝试创建两个 smtp 主服务 - 127.0.0.1:smtpwithmyorigin = $myhostname192.168.1.2:smtpwith myorigin = $mydomain- 但是由于 myorigin 选项与进程琐碎重写相关,因此被忽略。

canonical/的映射virtual似乎不可用,因为它们发生在执行简单重写之后。

的映射aliases似乎不可用,因为它们是在确定将消息发送到之后使用的$mydestination,但该消息却发送到其他地方。

答案1

谢谢安克斯反馈我找到了解决方案。

解决方案

根据Postfix 官方文档关于重写,主进程树如下:

smtp   --+--> cleanup --> rewrite --> [queue]
pickup --/

因此我最终为 localhost 创建了一个特定管道,如下所示:

192.168.1.2:smtp  --+--> cleanup --> rewrite ------------+--> [queue]
127.0.0.1:smtp  --+--> cleanup_local --> rewrite_local --/
pickup -----------/

配置

这是main.cf代表外部 IP 配置的配置:

#  configure the global desiderata

# Basic conf (for display purpose, use your own configuration)
# myhostname = hostname.example.test
# mydomain = example.test
# mydestination =
# mynetworks = 127.0.0.0/8,1.2.3.4/32

# Rewrite options
myorigin = $mydomain
append_at_myorigin = yes
local_header_rewrite_clients = permit_mynetworks
sender_canonical_classes = envelope_sender, header_sender
sender_canonical_maps = hash:/etc/postfix/sender_canonical
recipient_canonical_classes = envelope_recipient, header_recipient
recipient_canonical_maps = hash:/etc/postfix/recipient_canonical

# restrictions (redacted for readability)
smtpd_sender_restrictions = permit_mynetworks, reject_non_fqdn_sender, permit

这是master.cf带有定制管道的配置:

# add this for local smtp service
127.0.0.1:smtp      inet  n       -       n       -       -       smtpd
  -o myorigin=$myhostname
  -o cleanup_service_name=cleanup_local
  -o inet_interfaces=loopback-only
  -o local_header_rewrite_clients=permit_inet_interfaces

# edit pickup sevice with this two options
pickup    unix  n       -       n       60      1       pickup
  -o myorigin=$myhostname
  -o cleanup_service_name=cleanup_local

# add this for local email cleanup
cleanup_local   unix  n       -       n       -       0       cleanup
  -o myorigin=$myhostname
  -o rewrite_service_name=rewrite_local

# add this for local email basic rewrite
rewrite_local   unix  -       -       n       -       -       trivial-rewrite
  -o myorigin=$myhostname
  -o local_header_rewrite_clients=permit_inet_interfaces

# Then for each public IP assigned to the machine, add smtp service like this
192.168.3.85:smtp      inet  n       -       n       -       -       smtpd
# and remove default service smtp inet [..cut..] smtpd

相关内容