Skip to content

Commit

Permalink
Fix wildcard relay rule
Browse files Browse the repository at this point in the history 
According to Postfix's behavior, we can implement rule priority in this
evaluation order:

1. Recipient rules, by domain or full address
2. Sender rules, by domain or full address
3. Wildcard rule, if none of the above matches
  • Loading branch information
@DavidePrincipi
DavidePrincipi committed Nov 22, 2024
1 parent 70cf181 commit 3079d4b
Show file tree
Hide file tree
Showing 4 changed files with 10 additions and 3 deletions.
4 changes: 2 additions & 2 deletions postfix/README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -107,5 +107,5 @@ defined with this method:

- `relayrules` Relay host configuration matching a sender or a destination
pattern. Implementation of sender/recipient based relay rules.
Default/fallback "relayhost" (smarthost) is implemented as a wildcard
rule.
Default/fallback "relayhost" (smarthost) is configured with
"default_transport" to support SMTPS too.
2 changes: 1 addition & 1 deletion postfix/etc/postfix/relaydest.cf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,5 +7,5 @@ dbpath = /srv/pcdb.sqlite
query = SELECT FORMAT('%%s:[%%s]:%%s', transport, host, port) AS route
FROM relayrules
WHERE enabled = 1 AND (
rule_subject = '%s' AND rule_type IN ('recipient', 'always-bcc', 'wildcard')
rule_subject = '%s' AND rule_type IN ('recipient', 'always-bcc')
)
5 changes: 5 additions & 0 deletions postfix/usr/local/bin/reload-config
View file
Original file line number Diff line number Diff line change
Expand Up @@ -87,6 +87,11 @@ else
tmpl_smtp_sender_dependent_authentication='no'
fi
tmpl_always_bcc="${POSTFIX_ALWAYS_BCC}"
tmpl_default_transport=$(pcdbquery "SELECT transport FROM relayrules WHERE rule_type='wildcard' AND rule_subject='*'")
if [ -z "${tmpl_default_transport}"]; then
tmpl_default_transport=smtp
fi
tmpl_relayhost=$(pcdbquery "SELECT FORMAT('[%%s]:%%s', host, port) FROM relayrules WHERE rule_type='wildcard' AND rule_subject='*'")
set +a

envsubst >/etc/postfix/main.cf <"${TEMPLATES_DIR:?}/main.cf"
Expand Down
2 changes: 2 additions & 0 deletions postfix/usr/local/lib/templates/main.cf
View file
Original file line number Diff line number Diff line change
Expand Up @@ -77,6 +77,8 @@ address_verify_cache_cleanup_interval = 4h
#
# Relay authentication rules, SMTP server passwords and TLS policy
#
default_transport = ${tmpl_default_transport}
relayhost = ${tmpl_relayhost}
smtpd_sender_login_maps = sqlite:${S}meta_directory/senderlogin.cf,
smtp_sasl_password_maps = sqlite:${S}meta_directory/relaycredentials.cf,
sender_dependent_relayhost_maps = sqlite:${S}meta_directory/relaysender_nexthop.cf,
Expand Down

0 comments on commit 3079d4b

Please sign in to comment.