Hi Gilles,
On Tue, Aug 15, 2017 at 11:15:32AM +0200, Gilles Chehade wrote:
> On Tue, Aug 15, 2017 at 09:22:41AM +0200, Walter Alejandro Iglesias wrote:
> > Hello everyone,
> >
> > I'd appreciate experienced opensmtpd users tell me if I'm understanding
> > well the mechanism in the following rule.
> >
> > Currently, in my smtpd.conf I have this line:
> >
> > accept from any for domain <vdomains> virtual <valiases> deliver to mbox
> >
> > But since all keys in my "valiases" table are full email addresses, in
> > the form:
> >
> > [email protected] user
> >
> > I'm thinking the use of "vdomains" table is redundant. I could safely
> > simplify the rule to:
> >
> > accept from any for any virtual <valiases> deliver to mbox
> >
> >
> > Am I wrong in this assumption?
> >
>
> kind of, smtpd.conf being a first match ruleset it is impossible to make
> this kind of analysis without having your other rules too.
Sorry, I should've added it's the only "from any" rule I have:
# /etc/mail/smptd.conf
egress_int="em0"
server="server.roquesor.com"
table aliases file:/etc/mail/aliases
table valiases file:/etc/mail/valiases
table vdomains file:/etc/mail/vdomains
table addresses file:/etc/mail/addresses
table users file:/etc/mail/users
pki $server certificate "/etc/ssl/server.crt"
pki $server key "/etc/ssl/private/server.key"
listen on lo0
listen on $egress_int port 25 tls pki $server
listen on $egress_int port 465 smtps pki $server auth \
senders <users> masquerade
accept from local for local alias <aliases> deliver to mbox
accept from any for domain <vdomains> virtual <valiases> deliver to mbox
accept from local sender <addresses> for any relay
# End of file
>
> in this case, this may or may not give the desired behavior depending on
> rules following it because envelope matching happens _before_ virtual is
> even evaluated.
>
> with:
>
> accept from any for domain <vdomains> [...]
>
> you will only match envelopes for the domains in <vdomains>, it allows a
> different rule to match other domains:
>
> accept from any for domain <vdomains> [...]
> accept from any for domain foobar.org [...]
>
> with:
>
> accept from any for any [...]
>
> you will match all envelopes so you're essentially creating a catch-all.
>
>
> virtual happens AFTER a rule has been matched so if you recipient is not
> found the RCPT will be rejected, smtpd will not search for another rule.
If I'm understanding you well then it's what I want.
My question was if the "virtual" entry in the rule is enough to reject
not matching recipients. For example, having this rule:
accept from any for any virtual <valiases> [...]
and a "valiases" file containing only this line:
[email protected] user
will messages sent to i.e. [email protected] or [email protected] be
rejected?
>
>
> --
> Gilles Chehade
>
> https://www.poolp.org @poolpOrg
