Postfix BCC mapping for ISPConfig 2 to 3 migration - not working

Discussion in 'Server Operation' started by toolish, Nov 13, 2014.

  1. toolish

    toolish ISPConfig Developer ISPConfig Developer

    Hello!

    Background:
    I have to migrate an ISPConfig 2 system over to a newly installed ISPConfig 3 system. I have no real time limits on this so I'd like to move over a client at a time, there are around 20 or so clients in all. All the web/db side of stuff I'm fairly comfortable with.

    I'm trying to get postfix on the ISPConfig 2 system to duplicate mail for a domain at a time and send it on to the ISPConfig 3 server.

    I've followed the instructions here:
    http://www.linuxmail.info/backup-mail-postfix/
    For setting up such a process.

    But the mails are never forwarded on according to the logs on the ISPConfig 2 server.

    I'm wondering whether this note from the Postfix documentation is having an effect
    "Note: automatic BCC recipients are produced only for new mail. To avoid mailer loops, automatic BCC recipients are not generated for mail that Postfix forwards internally, nor for mail that Postfix generates itself."

    Is it possible that the usage of procmail for the ISPConfig 2 server is intercepting the mail before it can be forwarded?
    Perhaps there's a better way?


    Here is my postfix setup:

    main.cf
    Code:
    # See /usr/share/postfix/main.cf.dist for a commented, more complete version
    
    
    # Debian specific:  Specifying a file name will cause the first
    # line of that file to be used as the name.  The Debian default
    # is /etc/mailname.
    #myorigin = /etc/mailname
    
    smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
    biff = no
    
    # appending .domain is the MUA's job.
    append_dot_mydomain = no
    
    # Uncomment the next line to generate "delayed mail" warnings
    #delay_warning_time = 4h
    
    # TLS parameters
    smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.pem
    smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
    smtpd_use_tls = yes
    smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
    smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
    
    # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
    # information on enabling SSL in the smtp client.
    
    myhostname = serverdomain.co.uk
    alias_maps = hash:/etc/aliases
    alias_database = hash:/etc/aliases
    myorigin = /etc/mailname
    #mydestination = serverdomain.co.uk, localhost.serverdomain.co.uk, , localhost
    relayhost =
    mynetworks = 127.0.0.0/8
    mailbox_command = procmail -a "$EXTENSION"
    mailbox_size_limit = 0
    message_size_limit = 204800000
    recipient_delimiter = +
    inet_interfaces = all
    inet_protocols = all
    smtpd_sasl_local_domain =
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_security_options = noanonymous
    broken_sasl_auth_clients = yes
    smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
    smtpd_tls_auth_only = no
    smtp_use_tls = yes
    smtp_tls_note_starttls_offer = yes
    # See /usr/share/postfix/main.cf.dist for a commented, more complete version
    
    
    # Debian specific:  Specifying a file name will cause the first
    # line of that file to be used as the name.  The Debian default
    # is /etc/mailname.
    #myorigin = /etc/mailname
    
    smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
    biff = no
    
    # appending .domain is the MUA's job.
    append_dot_mydomain = no
    
    # Uncomment the next line to generate "delayed mail" warnings
    #delay_warning_time = 4h
    
    # TLS parameters
    smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.pem
    smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
    smtpd_use_tls = yes
    smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
    smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
    
    # See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
    # information on enabling SSL in the smtp client.
    
    myhostname = serverdomain.co.uk
    alias_maps = hash:/etc/aliases
    alias_database = hash:/etc/aliases
    myorigin = /etc/mailname
    #mydestination = serverdomain.co.uk, localhost.serverdomain.co.uk, , localhost
    relayhost =
    mynetworks = 127.0.0.0/8
    mailbox_command = procmail -a "$EXTENSION"
    mailbox_size_limit = 0
    message_size_limit = 204800000
    recipient_delimiter = +
    inet_interfaces = all
    inet_protocols = all
    smtpd_sasl_local_domain =
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_security_options = noanonymous
    broken_sasl_auth_clients = yes
    smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
    smtpd_tls_auth_only = no
    smtp_use_tls = yes
    smtp_tls_note_starttls_offer = yes
    smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
    
    smtpd_tls_loglevel = 1
    smtpd_tls_received_header = yes
    smtpd_tls_session_cache_timeout = 3600s
    tls_random_source = dev:/dev/urandom
    
    virtual_maps = hash:/etc/postfix/virtusertable
    
    mydestination = /etc/postfix/local-host-names
    
    smtp_bind_address = myipaddress
    
    
    recipient_bcc_maps = pcre:/etc/postfix/backup_bcc.pcre
    transport_maps = hash:/etc/postfix/transport
    smtp_generic_maps = pcre:/etc/postfix/generic.pcre
    
    /etc/postfix/backup_bcc.pcre:
    Code:
    /^(.*)@testdomain\.co.\.uk$/ $1@backup.testdomain.co.uk
    
    /etc/postfix/generic.pcre:
    Code:
    /^(.*)@backup\.testdomain\.co\.uk$/ $1@testdomain.co.uk
    
    /etc/postfix/transport:
    Code:
    backup.testdomain.co.uk    smtp:[xxx.xxx.xxx.xxx]
    

    mail.log entry showing the flow of 1 mail:
    Code:
    Nov 13 13:38:01 h40x4 postfix/smtpd[29817]: warning: xxx.xxx.xxx.xxx: hostname xxx.xxx.xxx.in-addr.arpa verification failed: Name or service not known
    Nov 13 13:38:01 h40x4 postfix/smtpd[29817]: connect from unknown[xxx.xxx.xxx.xxx]
    Nov 13 13:38:01 h40x4 postfix/smtpd[29817]: setting up TLS connection from unknown[xxx.xxx.xxx.xxx]
    Nov 13 13:38:01 h40x4 postfix/smtpd[29817]: Anonymous TLS connection established from unknown[xxx.xxx.xxx.xxx]: TLSv1 with cipher ADH-AES256-SHA (256/256 bits)
    Nov 13 13:38:01 h40x4 postfix/smtpd[29817]: 730A62760124: client=unknown[xxx.xxx.xxx.xxx]
    Nov 13 13:38:01 h40x4 postfix/cleanup[28775]: 730A62760124: message-id=<5464B437.5030109@blang.ath.cx>
    Nov 13 13:38:01 h40x4 postfix/qmgr[6423]: 730A62760124: from=<test@sender.com>, size=981, nrcpt=1 (queue active)
    Nov 13 13:38:01 h40x4 postfix/smtpd[29817]: disconnect from unknown[xxx.xxx.xxx.xxx]
    Nov 13 13:38:01 h40x4 postfix/pickup[31880]: 81DE22760130: uid=10009 from=<webX_user>
    Nov 13 13:38:01 h40x4 postfix/cleanup[28775]: 81DE22760130: message-id=<20141113133801.81DE22760130@serverdomain.co.uk>
    Nov 13 13:38:01 h40x4 postfix/qmgr[6423]: 81DE22760130: from=<webX_user@serverdomain.co.uk>, size=405, nrcpt=1 (queue active)
    Nov 13 13:38:01 h40x4 postfix/local[2393]: 81DE22760130: to=<admispconfig@localhost.localdomain>, relay=local, delay=0.02, delays=0.01/0/0/0.01, dsn=2.0.0, status=sent (delivered to command: /usr/bin/procmail -f-)
    Nov 13 13:38:01 h40x4 postfix/qmgr[6423]: 81DE22760130: removed
    Nov 13 13:38:17 h40x4 postfix/local[2410]: 730A62760124: to=<webX_user@serverdomain.co.uk>, orig_to=<me@testdomain.co.uk>, relay=local, delay=16, delays=0.04/0/0/16, dsn=2.0.0, status=sent (delivered to command: /usr/bin/procmail -f-)
    Nov 13 13:38:17 h40x4 postfix/qmgr[6423]: 730A62760124: removed
    
    Many thanks!
     
  2. toolish

    toolish ISPConfig Developer ISPConfig Developer

    Managed to get this working.

    It was a typo in /etc/postfix/backup_bcc.pcre
    Code:
    /^(.*)@testdomain\.co.\.uk$/ $1@backup.testdomain.co.uk
    
    ^ 1 too many dots in between co.uk!

    Also it seems as though dots don't need escaping. So for completeness this is what worked for me in /etc/postfix/backup_bcc.pcre should anyone else need it:
    Code:
    /^(.*)@testdomain.co.uk$/ $1@backup.testdomain.co.uk
    
    Cheers!
     

Share This Page