Bump... not solved this yet. I can't think of any reason why the sender address should be checked when it matches $mydomain. I require users to set up TLS and authenticate before sending e-mail, and once they are authenticated how does it matter if the address they specify exists or not? I do not have any smtpd_sender_restrictions, and smtpd_recipient_restrictions is set to permit_sasl_authenticated, reject. That should make postfix accept only e-mail from SASL-authenticated users. The logs show me successfully authenticating, then show Postfix happily refusing my e-mail based on 450: my sender address not being in the recipient table...
I've read and re-read the smtpd_x_restrictions parts of the postfix documentation but I can't find what is controlling this check and why it is necessary in the first place. Any help would be appreciated!
EDIT: purely in the interest of science I added an entry to the LDAP directory with mail = @agneovo.nl and uid = fake, the sender lookup now no longer returns empty and e-mail works as I want it to. All postfix wants is to be able to query the recipient table and get a match for the sender address, it then proceeds to do nothing with that information. Obviously this "solution" is hackish and wrong, and it will likely bite me in the future, but I cannot figure out for the life of me what I am supposed to do instead.
EDIT2: disabling all recipient table checking by setting "local_recipient_maps =" seems to have more of the desired effect in that the sender address lookups aren't done at all. But then again, neither are recipient address lookups, and somehow Postfix still delivers... I'm confused.
Last edited by [GOD]Anck; 02-16-2005 at 07:57 AM.
|