On 22-03-18 18:23, Stefan Günther via Users wrote:
we just installed Ciphermail as virtual machine
on a Univention Corporate Server (UCS).
The idea is that UCS grabs emails via fetchmail, sends them to the Ciphermail VM and
finally stores them in the local Kopano installation.
In the configuration of postfix@UCS I have defined the following transport map:
in-put.cm is defined as a relay domain in Ciphermail.
The problem now is, that the email loops between UCS and Ciphermail: Everytime Ciphermail
returns the email to postfix@UCS the email is forwarded to Ciphermail due to the transport
I have no idea, whether we could change anything in the Ciphermail configuration, so that
postfix@UCS recognizes that the email already has been forwarded once or do we have to
change the configuration of postfix@UCS?
Thanks for any hint or suggestion,
I do not completely understand your setup but I might have some suggestions.
Option 1. rewrite the recipients domain to some internal name after the
message has been handled by CipherMail.
For example rewrite from input.cm to input.cm.handled. The postfix@UCS
should be configured to also handle the domain input.cm.handled and not
only forward email to CipherMail if the recipient domain is input.cm
(and not input.cm.internal)
Option 2. Add an additional smtpd handler (on a different port) to
master.cf of postfix@UCS and set transport_maps for that port to an
empty value (note I have not tested whether you can override
transport_maps for an smtpd service). Then tell CipherMail to deliver to
that special port.
What about Option 3: TCP/IP communication between postfix on UCS and Ciphermail in
the virtual machine?
Instead of using
In master.cf I defined the djigzo transport and told postfix to listen on
192.168.0.9:10025 instead of 127.0.0.1:10025, configured Ciphermail to listen on
192.168.0.229:10025 and forward emails to 192.168.0.9:10025.
Finally I deactivated all firewall rules for testing.
Then I send an email from the command line of the UCS:
Mar 29 13:50:14 ucs postfix/qmgr: A40FF481158:
from=<root(a)ucs.ciphermail.intranet>et>, size=327, nrcpt=1 (queue active)
Mar 29 13:50:14 ucs postfix/smtp: A40FF481158:
delay=0.28, delays=0.11/0.04/0.06/0.06, dsn=5.7.1, status=bounced (host
192.168.0.229[192.168.0.229] said: 550 5.7.1 Requested action not taken: relaying denied
(in reply to RCPT TO command))
As we can see, the email is forwarded to Ciphermail and according to netstat, a java
process is listening on 192.168.0.229:10025. But this connection attempt is not recorded
Is the some line in the configuration of Ciphermail that limits connections only to ip
I guess this setup, with a separation of postfix and Ciphermail on two different hosts
would solve my problem.
Thanks for any hints/suggestions,