1 Topic by eddie (edited by eddie 2021-12-27 09:41:38)

  • eddie
  • Member
  • Offline
  • Registered: 2021-12-14
  • Posts: 20

Topic: iredapd support for user alias on domain alias (alias@alias.com)

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 2012091301 Easy
- Deployed with iRedMail Easy or the downloadable installer? Easy
- Linux/BSD distribution name and version: Ubuntu 20.04
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):  MySQL
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? Nope
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

I have several domains, all alias to my core domain. I want all domains to alias the same local user names.

eddie@domain1.com --> eddie@coredomain.com
user@domain1.com --> user@coredomain.com

Adding an `alias_domain` record in SQL seems to let delivery work, but not sending.

Recipient address rejected: Sender is not same as SMTP authenticate username

I added a new table/query to `smtpd_sender_login_maps` to also check the `alias_domain` table instead of just `forwardings`, and that works for postmap queries.

Goal

Given:

  • a mailbox account: postmaster@example.com

  • Given an alias user:   eddie@example.com -> postmaster@example.com

  • Given an alias_domain:  example2.com

Then:

  • Alias domain for be implicit for all users:  eddie@example2.com --> postmaster@adirondack.com

According to postmap I have this working, but sogo is angry still.

# explicit forwardings table entry, works with postmap and sogo
root@mail:/etc/postfix/mysql# postmap -q "eddie@example2.com" mysql:./virtual_alias_maps.cf 
postmaster@example.com

# implicit alias (defined as alias for core domain, but using alias_domain)
# this fails on existing alias maps
root@mail:/etc/postfix/mysql# postmap -q "tls-reports@example2.com" mysql:./virtual_alias_maps.cf 
root@mail:/etc/postfix/mysql#

# new map, added main.cf's smtpd_sender_login_maps table list uses alias_domain
root@mail:/etc/postfix/mysql# postmap -q "tls-reports@example2.com" mysql:./virtual_alias_maps_cross_domain.cf 
postmaster@example.com

# ^ SUCCESS!  postmap finds the right mailbox.

So, since postmap is happy, I am curious

What besides smtpd_sender_login_maps influences Sogo sending?

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by eddie

  • eddie
  • Member
  • Offline
  • Registered: 2021-12-14
  • Posts: 20

Re: iredapd support for user alias on domain alias (alias@alias.com)

Seems its not postfix but rather iredapd that is behaving this way.   But delegating to postfix doesnt work since sogo not not authenticate locally (as i understand).

https://docs.iredmail.org/manage.iredap … strictions

So any chance we could see changes in APD to support cross-domain aliases to work without explicit enumeration?

eddie@1
postmaster@1
abuse@1
eddie@2
postmaster@2z
abuse@2
......

3 Reply by eddie (edited by eddie 2021-12-27 09:16:58)

  • eddie
  • Member
  • Offline
  • Registered: 2021-12-14
  • Posts: 20

Re: iredapd support for user alias on domain alias (alias@alias.com)

iredapd code says my use case should _almost_ work, but it doesn;'t

https://github.com/iredmail/iRedAPD/blo … py#L80-L87

#       With MySQL/PostgreSQL backends, user alias address is username part +
#       alias domain name. For example, if primary domain `primary.com` has
#       two alias domains: `alias-1.com`, `alias-2.com`. User `user@primary.com`
#       is allowed to send email as:
#
#       + user@primary.com
#       + user@alias-1.com
#       + user@alias-2.com

However when there is a name alias on top of a domain alias it fails.

#       + user@primary.com # works
#.      + vanity@primary.com # works (with alias defined)
#       + user@alias-1.com 
#       + vanity@alias-1.com # does not work

4 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,088

Re: iredapd support for user alias on domain alias (alias@alias.com)

I don't think your use case requires any changes to Postfix or iRedAPD config file or SQL structure. Simply inserting a new record in sql table "forwardings" should do the trick:

address = eddie@example2.com
forwarding = postmaster@example.com

5 Reply by eddie (edited by eddie 2021-12-27 20:43:47)

  • eddie
  • Member
  • Offline
  • Registered: 2021-12-14
  • Posts: 20

Re: iredapd support for user alias on domain alias (alias@alias.com)

ZhangHuangbin wrote:

I don't think your use case requires any changes to Postfix or iRedAPD config file or SQL structure. Simply inserting a new record in sql table "forwardings" should do the trick:

address = eddie@example2.com
forwarding = postmaster@example.com

Thanks @ZHang, this is true and reasonable when I had a couple of each.  But it needs to be repeated for every single combination.   

domain_alias x mailbox x name_alias

In this state it seems like all `alias_*domain*` did was set up a single forwarding rule (mailbox@newdomain), not an aliased domain (in which existing names - including aliases -  all work).

I have 8 mailbox-aliases (tls-reports, abuse, postmaster, etc) and right now 7 domains and counting.

I could solve this with 15 records with a change (alias and domain_alias) or 71 records (15+56 for forwardings) with current config.  Adding a single new alias domain needs 8 new forwarding records, and adding a single user needs 7 new rules. Forwarding rules are repeated across every user, every alias.

So unless I am misunderstanding the intention of domain_alias, why don;t we eliminate the extra work by letting mysql do the intersection of all those permutations?


In postfix that's easy enough with sql

SELECT forwardings.forwarding from mailbox join alias_domain on alias_domain.target_domain = mailbox.domain   join forwardings on (forwardings.address = CONCAT('%u','@',mailbox.domain)  and forwardings.forwarding=mailbox.username)    where alias_domain.alias_domain = '%d'

6 Reply by eddie

  • eddie
  • Member
  • Offline
  • Registered: 2021-12-14
  • Posts: 20

Re: iredapd support for user alias on domain alias (alias@alias.com)

Also noting this is how providers like Google Suites works.

A user can have name aliases, defined once.
A domain can have domain aliases, defined once.
Any permutation of the 2 will work.

7 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,088

Re: iredapd support for user alias on domain alias (alias@alias.com)

So if we have a primary domain primary.com and an alias domain alias.com, then all mailboxes and mail aliases and mailing lists should have the same account in alias.com, but we have only mailboxes right now. And what you want is supporting mail alias and mailing list accounts, right?

Do i understand correctly?

8 Reply by eddie

  • eddie
  • Member
  • Offline
  • Registered: 2021-12-14
  • Posts: 20

Re: iredapd support for user alias on domain alias (alias@alias.com)

ZhangHuangbin wrote:

So if we have a primary domain primary.com and an alias domain alias.com, then all mailboxes and mail aliases and mailing lists should have the same account in alias.com

Yes.

ZhangHuangbin wrote:

but we have only mailboxes right now. And what you want is supporting mail alias and mailing list accounts, right?

Hmm, not sure.  I don't use mailing lists, but let me share explicit example.

Example:

Primary domain:
Me@primary.tld
- alias: eddie
- alias: postmaster

You@primary.tld
- alias: zhang
- alias: zhb

I should only ever define my user aliases on the primary domain. Defining any "alias" domains should use all existing mappings.

Alias Domain: alias.tld
- zhang@alias.tld --> zhang@primary.tld --> you@primary.tld
- zhb@alias.tld --> zhb@primary.tld --> you@primary.tld
- postmaster@alias.tld --> postmaster@primary.tld --> me@primary.tld



As you pointed out, I can accomnplish the same outcome with many additional records in FORWARDINGS table, but unless I role that into the iredadmin-cli or something else it's just not reasonable to manage.

I'm hoping to have alias act more like google workspace alias:

User alias domain:
if you want to add email aliases (alternate email addresses) for your existing users. Google Workspace will automatically create aliases after you've added the domain.

Once your user alias domain is active, users can use their new alternate email addresses to send and receive messages.

https://support.google.com/a/answer/750 … il-address

9 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,088

Re: iredapd support for user alias on domain alias (alias@alias.com)

eddie wrote:

Alias Domain: alias.tld
- zhang@alias.tld --> zhang@primary.tld --> you@primary.tld
- zhb@alias.tld --> zhb@primary.tld --> you@primary.tld
- postmaster@alias.tld --> postmaster@primary.tld --> me@primary.tld

Now i got your point.

I will put it on my TODO list and implement it in the future, sorry no promise here.