Commit f058c7ef authored by Marius Burkard's avatar Marius Burkard

Merge branch '5886-sender-rejected-inactive-domain' into 'develop'

Resolve ""Sender address rejected: not logged in" when sending from remote server with a inactive local domain"

Closes #5886

See merge request !1329
parents b9124cc5 a26d4fae
Pipeline #6525 passed with stage
in 12 seconds
......@@ -14,7 +14,8 @@ connect = host={mysql_server_host} dbname={mysql_server_database} user={mysql_se
default_pass_scheme = CRYPT
# password-query with prefetch
password_query = SELECT email as user, password, maildir as userdb_home, CONCAT( maildir_format, ':', maildir, '/', IF(maildir_format='maildir','Maildir',maildir_format)) as userdb_mail, uid as userdb_uid, gid as userdb_gid, CONCAT('*:storage=', quota, 'B') AS userdb_quota_rule, CONCAT(maildir, '/.sieve') as userdb_sieve FROM mail_user WHERE (login = '%u' OR email = '%u') AND `disable%Ls` = 'n' AND server_id = '{server_id}'
password_query = SELECT email as user, password, maildir as userdb_home, CONCAT( maildir_format, ':', maildir, '/', IF(maildir_format='maildir','Maildir',maildir_format)) as userdb_mail, uid as userdb_uid, gid as userdb_gid, CONCAT('*:storage=', quota, 'B') AS userdb_quota_rule, CONCAT(maildir, '/.sieve') as userdb_sieve FROM mail_user WHERE (login = '%u' OR email = '%u') AND `disable%Ls` = 'n' AND server_id = '{server_id}' AND EXISTS (SELECT domain_id FROM mail_domain WHERE domain = '%d' AND active = 'y' AND server_id = {server_id})
user_query = SELECT email as user, maildir as home, CONCAT( maildir_format, ':', maildir, '/', IF(maildir_format='maildir','Maildir',maildir_format)) as mail, uid, gid, CONCAT('*:storage=', quota, 'B') AS quota_rule, CONCAT(maildir, '/.sieve') as sieve FROM mail_user WHERE (login = '%u' OR email = '%u') AND `disable%Ls` = 'n' AND server_id = '{server_id}'
# The iterate_query is required for the doveadm command only and works only on dovecot 2 servers.
......
......@@ -121,7 +121,8 @@ connect = host={mysql_server_host} dbname={mysql_server_database} user={mysql_se
default_pass_scheme = CRYPT
# password-query with prefetch
password_query = SELECT email as user, password, maildir as userdb_home, CONCAT( maildir_format, ':', maildir, '/', IF(maildir_format='maildir','Maildir',maildir_format)) as userdb_mail, uid as userdb_uid, gid as userdb_gid, CONCAT('*:storage=', quota, 'B') AS userdb_quota_rule, CONCAT(maildir, '/.sieve') as userdb_sieve FROM mail_user WHERE (login = '%u' OR email = '%u') AND `disable%Ls` = 'n' AND server_id = '{server_id}'
password_query = SELECT email as user, password, maildir as userdb_home, CONCAT( maildir_format, ':', maildir, '/', IF(maildir_format='maildir','Maildir',maildir_format)) as userdb_mail, uid as userdb_uid, gid as userdb_gid, CONCAT('*:storage=', quota, 'B') AS userdb_quota_rule, CONCAT(maildir, '/.sieve') as userdb_sieve FROM mail_user WHERE (login = '%u' OR email = '%u') AND `disable%Ls` = 'n' AND server_id = '{server_id}' AND EXISTS (SELECT domain_id FROM mail_domain WHERE domain = '%d' AND active = 'y' AND server_id = {server_id})
user_query = SELECT email as user, maildir as home, CONCAT( maildir_format, ':', maildir, '/', IF(maildir_format='maildir','Maildir',maildir_format)) as mail, uid, gid, CONCAT('*:storage=', quota, 'B') AS quota_rule, CONCAT(maildir, '/.sieve') as sieve FROM mail_user WHERE (login = '%u' OR email = '%u') AND `disable%Ls` = 'n' AND server_id = '{server_id}'
# The iterate_query is required for the doveadm command only and works only on dovecot 2 servers.
......
......@@ -28,6 +28,7 @@ proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virt
smtpd_helo_required = yes
smtpd_helo_restrictions = reject_invalid_helo_hostname, permit_mynetworks, check_helo_access regexp:{config_dir}/helo_access, permit_sasl_authenticated, reject_non_fqdn_helo_hostname, check_helo_access regexp:{config_dir}/blacklist_helo, {reject_unknown_helo_hostname}, permit
smtpd_sender_restrictions = {reject_aslm} check_sender_access regexp:{config_dir}/tag_as_originating.re, permit_mynetworks{reject_slm}, permit_sasl_authenticated, reject_non_fqdn_sender, check_sender_access regexp:{config_dir}/tag_as_foreign.re, check_sender_access proxy:mysql:{config_dir}/mysql-virtual_sender.cf
smtpd_reject_unlisted_sender = yes
smtpd_client_restrictions = check_client_access proxy:mysql:{config_dir}/mysql-virtual_client.cf, permit_inet_interfaces, permit_mynetworks, permit_sasl_authenticated{rbl_list}, reject_unauth_pipelining {reject_unknown_client_hostname}, permit
smtpd_etrn_restrictions = permit_mynetworks, reject
smtpd_data_restrictions = permit_mynetworks, reject_unauth_pipelining, reject_multi_recipient_bounce, permit
......
......@@ -134,7 +134,8 @@ connect = host={mysql_server_host} dbname={mysql_server_database} user={mysql_se
default_pass_scheme = CRYPT
# password-query with prefetch
password_query = SELECT email as user, password, maildir as userdb_home, CONCAT( maildir_format, ':', maildir, '/', IF(maildir_format='maildir','Maildir',maildir_format)) as userdb_mail, uid as userdb_uid, gid as userdb_gid, CONCAT('*:storage=', quota, 'B') AS userdb_quota_rule, CONCAT(maildir, '/.sieve') as userdb_sieve FROM mail_user WHERE (login = '%u' OR email = '%u') AND `disable%Ls` = 'n' AND server_id = '{server_id}'
password_query = SELECT email as user, password, maildir as userdb_home, CONCAT( maildir_format, ':', maildir, '/', IF(maildir_format='maildir','Maildir',maildir_format)) as userdb_mail, uid as userdb_uid, gid as userdb_gid, CONCAT('*:storage=', quota, 'B') AS userdb_quota_rule, CONCAT(maildir, '/.sieve') as userdb_sieve FROM mail_user WHERE (login = '%u' OR email = '%u') AND `disable%Ls` = 'n' AND server_id = '{server_id}' AND EXISTS (SELECT domain_id FROM mail_domain WHERE domain = '%d' AND active = 'y' AND server_id = {server_id})
user_query = SELECT email as user, maildir as home, CONCAT( maildir_format, ':', maildir, '/', IF(maildir_format='maildir','Maildir',maildir_format)) as mail, uid, gid, CONCAT('*:storage=', quota, 'B') AS quota_rule, CONCAT(maildir, '/.sieve') as sieve FROM mail_user WHERE (login = '%u' OR email = '%u') AND `disable%Ls` = 'n' AND server_id = '{server_id}'
# The iterate_query is required for the doveadm command only and works only on dovecot 2 servers.
......
......@@ -24,6 +24,7 @@ proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virt
smtpd_helo_required = yes
smtpd_helo_restrictions = reject_invalid_helo_hostname, permit_mynetworks, check_helo_access regexp:{config_dir}/helo_access, permit_sasl_authenticated, reject_non_fqdn_helo_hostname, check_helo_access regexp:{config_dir}/blacklist_helo, {reject_unknown_helo_hostname}, permit
smtpd_sender_restrictions = {reject_aslm} check_sender_access regexp:{config_dir}/tag_as_originating.re, permit_mynetworks{reject_slm}, permit_sasl_authenticated, reject_non_fqdn_sender, check_sender_access regexp:{config_dir}/tag_as_foreign.re, check_sender_access proxy:mysql:{config_dir}/mysql-virtual_sender.cf
smtpd_reject_unlisted_sender = yes
smtpd_client_restrictions = check_client_access proxy:mysql:{config_dir}/mysql-virtual_client.cf, permit_inet_interfaces, permit_mynetworks, permit_sasl_authenticated{rbl_list}, reject_unauth_pipelining {reject_unknown_client_hostname}, permit
smtpd_etrn_restrictions = permit_mynetworks, reject
smtpd_data_restrictions = permit_mynetworks, reject_unauth_pipelining, reject_multi_recipient_bounce, permit
......
......@@ -23,6 +23,7 @@ proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virt
smtpd_helo_required = yes
smtpd_helo_restrictions = reject_invalid_helo_hostname, permit_mynetworks, check_helo_access regexp:{config_dir}/helo_access, permit_sasl_authenticated, reject_non_fqdn_helo_hostname, check_helo_access regexp:{config_dir}/blacklist_helo, {reject_unknown_helo_hostname}, permit
smtpd_sender_restrictions = {reject_aslm} check_sender_access regexp:{config_dir}/tag_as_originating.re, permit_mynetworks{reject_slm}, permit_sasl_authenticated, reject_non_fqdn_sender, check_sender_access regexp:{config_dir}/tag_as_foreign.re, check_sender_access proxy:mysql:{config_dir}/mysql-virtual_sender.cf
smtpd_reject_unlisted_sender = yes
smtpd_client_restrictions = check_client_access proxy:mysql:{config_dir}/mysql-virtual_client.cf, permit_inet_interfaces, permit_mynetworks, permit_sasl_authenticated{rbl_list}, reject_unauth_pipelining {reject_unknown_client_hostname}, permit
smtpd_etrn_restrictions = permit_mynetworks, reject
smtpd_data_restrictions = permit_mynetworks, reject_unauth_pipelining, reject_multi_recipient_bounce, permit
......
......@@ -3,5 +3,7 @@ password = {mysql_server_ispconfig_password}
dbname = {mysql_server_database}
hosts = {mysql_server_ip}
query = SELECT email FROM mail_user WHERE email = '%s' AND forward_in_lda = 'n' AND disabledeliver = 'n' AND postfix = 'y' AND server_id = {server_id}
AND EXISTS (SELECT domain_id FROM mail_domain WHERE domain = SUBSTRING_INDEX('%s', '@', -1) AND active = 'y' AND server_id = {server_id})
UNION
SELECT cc AS email FROM mail_user WHERE email = '%s' AND cc != '' AND (forward_in_lda = 'n' OR disabledeliver = 'y') AND postfix = 'y' AND server_id = {server_id}
AND EXISTS (SELECT domain_id FROM mail_domain WHERE domain = SUBSTRING_INDEX('%s', '@', -1) AND active = 'y' AND server_id = {server_id})
......@@ -2,4 +2,5 @@ user = {mysql_server_ispconfig_user}
password = {mysql_server_ispconfig_password}
dbname = {mysql_server_database}
hosts = {mysql_server_ip}
query = select gid from mail_user where email = '%s' and postfix = 'y' and server_id = {server_id}
query = SELECT gid FROM mail_user WHERE email = '%s' AND postfix = 'y' AND server_id = {server_id}
AND EXISTS (SELECT domain_id FROM mail_domain WHERE domain = SUBSTRING_INDEX('%s', '@', -1) AND active = 'y' AND server_id = {server_id})
......@@ -2,4 +2,5 @@ user = {mysql_server_ispconfig_user}
password = {mysql_server_ispconfig_password}
dbname = {mysql_server_database}
hosts = {mysql_server_ip}
query = select CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1),'/') from mail_user where email = '%s' and postfix = 'y' and disabledeliver = 'n' and server_id = {server_id}
query = SELECT CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1),'/') FROM mail_user WHERE email = '%s' AND postfix = 'y' AND disabledeliver = 'n' AND server_id = {server_id}
AND EXISTS (SELECT domain_id FROM mail_domain WHERE domain = SUBSTRING_INDEX('%s', '@', -1) AND active = 'y' AND server_id = {server_id})
......@@ -4,7 +4,9 @@ dbname = {mysql_server_database}
hosts = {mysql_server_ip}
query = SELECT sender_cc FROM (
SELECT SUBSTRING_INDEX(sender_cc, ',', 1) AS sender_cc
FROM mail_user WHERE email = '%s' AND disablesmtp = 'n' AND sender_cc != '' AND server_id = {server_id}
FROM mail_user
WHERE email = '%s' AND disablesmtp = 'n' AND sender_cc != '' AND server_id = {server_id}
AND EXISTS (SELECT domain_id FROM mail_domain WHERE domain = SUBSTRING_INDEX('%s', '@', -1) AND active = 'y' AND server_id = {server_id})
UNION
SELECT SUBSTRING_INDEX(u.sender_cc, ',', 1) AS sender_cc
FROM mail_user u, mail_forwarding f
......@@ -13,4 +15,5 @@ query = SELECT sender_cc FROM (
'[[:blank:]]*(,[[:blank:]]*[[:alnum:]]|,?[[:blank:]]*(\\r?\\n|$))' )
AND u.disablesmtp = 'n' AND u.sender_cc != '' AND u.server_id = {server_id}
AND f.source = '%s' AND f.allow_send_as = 'y' AND f.active = 'y' AND f.server_id = {server_id}
AND EXISTS (SELECT domain_id FROM mail_domain WHERE domain = SUBSTRING_INDEX('%s', '@', -1) AND active = 'y' AND server_id = {server_id})
) table1 WHERE sender_cc != '' LIMIT 1
......@@ -5,9 +5,10 @@ hosts = {mysql_server_ip}
query = SELECT 'greylisting' FROM
(
SELECT `greylisting`, 1 as `prio` FROM `mail_user` WHERE `server_id` = {server_id} AND `email` = '%s'
AND EXISTS (SELECT domain_id FROM mail_domain WHERE domain = SUBSTRING_INDEX('%s', '@', -1) AND active = 'y' AND server_id = {server_id})
UNION
SELECT `greylisting`, 2 as `prio` FROM `mail_forwarding` WHERE `server_id` = {server_id} AND `source` = '%s'
SELECT `greylisting`, 2 as `prio` FROM `mail_forwarding` WHERE `server_id` = {server_id} AND `source` = '%s' AND active = 'y'
UNION
SELECT `greylisting`, 3 as `prio` FROM `mail_forwarding` WHERE `server_id` = {server_id} AND `source` = '@%d' ORDER BY `prio` ASC LIMIT 1
SELECT `greylisting`, 3 as `prio` FROM `mail_forwarding` WHERE `server_id` = {server_id} AND `source` = '@%d' AND active = 'y' ORDER BY `prio` ASC LIMIT 1
) AS rules
WHERE rules.greylisting = 'y'
......@@ -4,4 +4,5 @@ dbname = {mysql_server_database}
hosts = {mysql_server_ip}
query = SELECT destination FROM mail_forwarding WHERE source = '%s' AND active = 'y' AND allow_send_as = 'y' AND server_id = {server_id}
UNION
SELECT email FROM mail_user WHERE email = '%s' AND disablesmtp = 'n' AND server_id = {server_id};
SELECT email FROM mail_user WHERE email = '%s' AND disablesmtp = 'n' AND server_id = {server_id}
AND EXISTS (SELECT domain_id FROM mail_domain WHERE domain = SUBSTRING_INDEX('%s', '@', -1) AND active = 'y' AND server_id = {server_id})
......@@ -2,4 +2,5 @@ user = {mysql_server_ispconfig_user}
password = {mysql_server_ispconfig_password}
dbname = {mysql_server_database}
hosts = {mysql_server_ip}
query = select uid from mail_user where email = '%s' and postfix = 'y' and server_id = {server_id}
query = SELECT uid FROM mail_user WHERE email = '%s' AND postfix = 'y' AND server_id = {server_id}
AND EXISTS (SELECT domain_id FROM mail_domain WHERE domain = SUBSTRING_INDEX('%s', '@', -1) AND active = 'y' AND server_id = {server_id})
......@@ -134,7 +134,8 @@ connect = host={mysql_server_host} dbname={mysql_server_database} user={mysql_se
default_pass_scheme = CRYPT
# password-query with prefetch
password_query = SELECT email as user, password, maildir as userdb_home, CONCAT( maildir_format, ':', maildir, '/', IF(maildir_format='maildir','Maildir',maildir_format)) as userdb_mail, uid as userdb_uid, gid as userdb_gid, CONCAT('*:storage=', quota, 'B') AS userdb_quota_rule, CONCAT(maildir, '/.sieve') as userdb_sieve FROM mail_user WHERE (login = '%u' OR email = '%u') AND `disable%Ls` = 'n' AND server_id = '{server_id}'
password_query = SELECT email as user, password, maildir as userdb_home, CONCAT( maildir_format, ':', maildir, '/', IF(maildir_format='maildir','Maildir',maildir_format)) as userdb_mail, uid as userdb_uid, gid as userdb_gid, CONCAT('*:storage=', quota, 'B') AS userdb_quota_rule, CONCAT(maildir, '/.sieve') as userdb_sieve FROM mail_user WHERE (login = '%u' OR email = '%u') AND `disable%Ls` = 'n' AND server_id = '{server_id}' AND EXISTS (SELECT domain_id FROM mail_domain WHERE domain = '%d' AND active = 'y' AND server_id = {server_id})
user_query = SELECT email as user, maildir as home, CONCAT( maildir_format, ':', maildir, '/', IF(maildir_format='maildir','Maildir',maildir_format)) as mail, uid, gid, CONCAT('*:storage=', quota, 'B') AS quota_rule, CONCAT(maildir, '/.sieve') as sieve FROM mail_user WHERE (login = '%u' OR email = '%u') AND `disable%Ls` = 'n' AND server_id = '{server_id}'
# The iterate_query is required for the doveadm command only and works only on dovecot 2 servers.
......
......@@ -26,6 +26,7 @@ proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virt
smtpd_helo_required = yes
smtpd_helo_restrictions = reject_invalid_helo_hostname, permit_mynetworks, check_helo_access regexp:{config_dir}/helo_access, permit_sasl_authenticated, reject_non_fqdn_helo_hostname, check_helo_access regexp:{config_dir}/blacklist_helo, {reject_unknown_helo_hostname}, permit
smtpd_sender_restrictions = {reject_aslm} check_sender_access regexp:{config_dir}/tag_as_originating.re, permit_mynetworks{reject_slm}, permit_sasl_authenticated, reject_non_fqdn_sender, check_sender_access regexp:{config_dir}/tag_as_foreign.re, check_sender_access proxy:mysql:{config_dir}/mysql-virtual_sender.cf
smtpd_reject_unlisted_sender = yes
smtpd_client_restrictions = check_client_access proxy:mysql:{config_dir}/mysql-virtual_client.cf, permit_inet_interfaces, permit_mynetworks, permit_sasl_authenticated{rbl_list}, reject_unauth_pipelining {reject_unknown_client_hostname}, permit
smtpd_etrn_restrictions = permit_mynetworks, reject
smtpd_data_restrictions = permit_mynetworks, reject_unauth_pipelining, reject_multi_recipient_bounce, permit
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment