3

Basically what I want to do is rewriting the From: Header, using header_checks, but only if the mail goes to a certain domain.

The problem with header_check is, that I can't check for a combination of To: and From: Headers.

Now I was wondering if it was possible to use the header_checks in combination with smtpd_restriction_classes or something similar.

I've found a lot information about header_checks and multiple header fields, when searching the net. All of them basically telling me, that one can't combine two header for checking. But I didn't find any information if it was possible to only do a header check if a condition (eg. mail goes to example.com) was met.

Edit:

While doing some more Research I've found the following article which suggests to add a Service in postfix master.cf, use a transportmap to pass mails for the Domain to that service and have a separate header_check defined with -o.

The thing is that I can't get it to work...

What I did so far is adding the Service to the master.cf:

example      unix  -       -       n       -       -       smtpd
    -o header_checks=regexp:/etc/postfix/check_headers_example

Adding the followin Line to the transportmap:

example.com                 example:

Last but not least I have two regexp-files for header checks, one for the newly added service, and one to redirect answers to the rewritten domain.

check_headers_example:

/From:(.*)@mydomain.ain>(.*)/ REPLACE From:$1@mydomain.example.com>$2

Obviously if someone answers, the mail would go to nirvana, so I have the following check_headers defined in the main postfix process:

/To:(.*)<(.*)@mydomain.example.com>(.*)/ REDIRECT $2@mydomain.ain$2

Somehow the Transport is ignored. Any help is appreciated.

Edit 2:

I'm still stuck... I did try the following:

smtpd_restriction_classes = header_rewrite 
header_rewrite = regexp:/etc/postfix/rewrite_headers_domain 
smtpd_recipient_restrictions = (some checks) check_recipient_access hash:/etc/postfix/rewrite_table, (more checks)

In the rewrite_table the following entries exist:

/From:(.*)@mydomain.ain>(.*)/ REPLACE From:$1@mydomain.example.com>$2

All it gets me is a NOQUEUE: reject: 451 4.3.5 Server configuration error. I couldn't find any resources on how you would do that but some people saying it wasn't possible.

Edit 3:

The reason I asked this question was, that we have a customer (lets say customer.com) who uses some aliases that will forward mail to a domain, let's say example.com.

The mailserver at example.com does not accept any mail from an external server that come from a sender @example.com.

So all mails that are written from example.com to alias@customer.com will be rejected in the end.

An exception on example.com's mailserver is not possible.

We didn't really solve this problem, but will try to work around it by using lists (mailman) instead of aliases. This is not really nice though, nor a real solution.

I'd appreciate all suggestions how this could be done in a proper way.

Lukas
  • 277
  • 1
  • 4
  • 16
  • So did you activate the transportmap? Restarted Postfix? – mailq Nov 23 '11 at 22:23
  • Yes, I did. It didn't work, so I added a header_check in the main.cf in which I check the To: header and use the FILTER Action to pass it to the service created. Now the Mails gets passed to this service but then gets stuck. I will see if there is another possibility and keep you posted. – Lukas Nov 24 '11 at 07:41
  • I know this is very old, but did you actually achieve this setup? I got a similar problem. – Zulakis May 25 '13 at 22:10
  • @Zulakis No, in the End I didn't have to. I don't remember why any more, but I think the customer found a work around, that he preferred, on his side. – Lukas May 27 '13 at 06:44

2 Answers2

2

I am not sure if you were able to achieve what you wanted. I was testing a similar thing, needed keyword filtering, etc on per domain basis and was able to use header_checks on per domain or for the domains that I wanted using postfix's multi instance feature.

You create an instance, you just change the smtp port on that particular instance. You use transport_maps on the primary instance to route emails for a specific domain to the secondary instance's smtp port. And do all the header_checks there and relay the email off!

Cheers!

Gaumire
  • 825
  • 6
  • 13
  • Thanks for the answer, I never thought of that. For me the problem kind of solved itself, in the way that we didn't need it anymore... – Lukas Nov 08 '12 at 08:34
0

You can setup a new server, route all domains that you want to process using transport file, then apply header_checks rules on the new server.

Anita Salerno
  • 16
  • 1