I have a Linux server that is an OpenVPN endpoint, but also hosts a webserver. When my client connects to the server address for the webserver, the packets travel outside the VPN. Rightly so, since the route to the server set by OpenVPN is more specific than the default route to enter the VPN. However I see that as a "leak".

Hence I tried to setup a similar setup as Wireguard does (Wireguard is great, but I need OpenVPN because it needs to be TCP).

I based my setup on the Wireguard page, as well as on other questions: Prevent routing loop with FwMark in Wireguard (Hat off for the lecture held there !) Routing fwmark to VPN gateway using nftables mark

Despite the setup, Wireshark shows the http/https requests still go through the physical interface and not through the vpn tun0 interface. When I look at the packet marks with nft monitor trace, it seems the meta mark is properly set and only the appropriate packets (to/from port 1194) appear.

So I suspected this is:

• the pbr rule that does not work as expected.
• the packet marking that does not happen early enough.

I tried to change the chain to mark outgoing packets as:

• type route hook output
• type filter hook output
• --> with no more luck

These commands return the following:

- ip rule:
0:  from all lookup local
32764:  from all lookup main suppress_prefixlength 0
32765:  not from all fwmark 0x4 lookup vpn
32766:  from all lookup main
32767:  from all lookup default

- ip route show table vpn:
default dev tun0 scope link

- ip route:
default via 10.8.0.1 dev tun0 proto static metric 50 
default via 192.168.1.1 dev wlp4s0 proto dhcp src 192.168.1.10 metric 600 
10.8.0.0/24 dev tun0 proto kernel scope link src 10.8.0.2 metric 50 
END.POINT.IP.ADDRESS via 192.168.1.1 dev wlp4s0 proto static metric 50 
192.168.1.0/24 dev wlp4s0 proto kernel scope link src 192.168.1.10 metric 600 

-nft list ruleset:
table inet vpn {
    chain premangle {
        type filter hook prerouting priority mangle; policy accept;
        ip saddr END.POINT.IP.ADDRESS tcp sport 1194 meta nftrace set 1
        meta mark set ct mark
    }

    chain postmangle {
        type filter hook postrouting priority mangle; policy accept;
        ip daddr END.POINT.IP.ADDRESS tcp dport 1194 meta nftrace set 1
        ip daddr END.POINT.IP.ADDRESS tcp dport 1194 meta mark set 0x00000004
        meta mark 0x00000004 ct mark set meta mark
    }
}

- traceroute -n --fwmark=0x4 END.POINT.IP.ADDRESS
    shows it goes via the physical interface out of the vpn (as expected)
    
- traceroute -n END.POINT.IP.ADDRESS
    shows it goes via the physical interface out of the vpn (UNWANTED)

Thank you so much in advance !

We get an infinite loop once quota is exceeded.

Having set up the dovecot quota as per https://doc.dovecot.org/configuration_manual/quota/

Here are the parameters I modified (my setup was working with no concern):

90-quota.conf
plugin {
    quota = maildir:User quota
    quota_rule = *:storage=100MB
    # 10% of 1GB = 100MB
    quota_rule2 = Trash:storage=+10%%
    # 20% of 1GB = 200MB
    quota_rule3 = Spam:storage=+20%%
    quota_max_mail_size = 30M

# Quota messages incl. user is no longer over quota
quota_warning   = storage=90%% quota-warning 95 %u %d
quota_warning2  = storage=80%% quota-warning 90 %u %d
quota_warning3 = -storage=100%% quota-warning below %u %d
#quota_exceeded_message = ERROR:422 - Mailbox full
}
  
service quota-warning {
  executable = script /var/mail/quota-warning.sh
  # use some unprivileged user for executing the quota warnings
  unix_listener quota-warning {
      user = mail


  }
}

With a script, that I did make inoperant by commenting the lines, hence the error does not come from the script actions:

quota-warning.sh 
#!/bin/sh
PERCENT=$1
USER=$2
DOMAIN=$3
#cat << EOF | /usr/libexec/dovecot/dovecot-lda -d $USER -o "plugin/quota=maildir:User quota:noenforcing"
#From: [email protected]
#Subject: quota warning
#Your mailbox is now $PERCENT% full.
#EOF

Here is what the output of journalctl -f -u postfix -u dovecot (CentOS):

ept. 29 15:40:22 mail.domain.net systemd[1]: Starting Dovecot IMAP/POP3 email server...
sept. 29 15:40:22 mail.domain.net dovecot[807534]: master: Dovecot v2.3.16 (7e2e900c1a) starting up for imap, pop3, lmtp
sept. 29 15:40:22 mail.domain.net systemd[1]: Started Dovecot IMAP/POP3 email server.
sept. 29 15:40:39 mail.domain.net auth[807553]: pam_sss(dovecot:auth): authentication success; logname= uid=0 euid=0 tty=dovecot ruser=comm rhost=192.168.1.30 user=comm
sept. 29 15:40:40 mail.domain.net dovecot[807537]: imap-login: Login: user=<comm>, method=PLAIN, rip=192.168.1.30, lip=192.168.1.20, mpid=807557, TLS, session=<r5W3eSLN+K4KCAAD>
sept. 29 15:40:50 mail.domain.net postfix/submission/smtpd[807564]: initializing the server-side TLS engine
sept. 29 15:40:50 mail.domain.net postfix/submission/smtpd[807564]: connect from unknown[192.168.1.30]
sept. 29 15:40:50 mail.domain.net postfix/submission/smtpd[807564]: setting up TLS connection from unknown[192.168.1.30]
sept. 29 15:40:50 mail.domain.net postfix/submission/smtpd[807564]: unknown[192.168.1.30]: TLS cipher list "aNULL:-aNULL:HIGH:MEDIUM:+RC4:@STRENGTH"
sept. 29 15:40:50 mail.domain.net postfix/submission/smtpd[807564]: SSL_accept:before SSL initialization
sept. 29 15:40:50 mail.domain.net postfix/submission/smtpd[807564]: SSL_accept:before SSL initialization
sept. 29 15:40:50 mail.domain.net postfix/submission/smtpd[807564]: SSL_accept:SSLv3/TLS read client hello
sept. 29 15:40:50 mail.domain.net postfix/submission/smtpd[807564]: SSL_accept:SSLv3/TLS write server hello
sept. 29 15:40:50 mail.domain.net postfix/submission/smtpd[807564]: SSL_accept:SSLv3/TLS write change cipher spec
sept. 29 15:40:50 mail.domain.net postfix/submission/smtpd[807564]: SSL_accept:TLSv1.3 write encrypted extensions
sept. 29 15:40:50 mail.domain.net postfix/submission/smtpd[807564]: SSL_accept:SSLv3/TLS write certificate
sept. 29 15:40:50 mail.domain.net postfix/submission/smtpd[807564]: SSL_accept:TLSv1.3 write server certificate verify
sept. 29 15:40:50 mail.domain.net postfix/submission/smtpd[807564]: SSL_accept:SSLv3/TLS write finished
sept. 29 15:40:50 mail.domain.net postfix/submission/smtpd[807564]: SSL_accept:TLSv1.3 early data
sept. 29 15:40:50 mail.domain.net postfix/submission/smtpd[807564]: SSL_accept:TLSv1.3 early data
sept. 29 15:40:50 mail.domain.net postfix/submission/smtpd[807564]: SSL_accept:SSLv3/TLS read finished
sept. 29 15:40:50 mail.domain.net postfix/submission/smtpd[807564]: unknown[192.168.1.30]: Issuing session ticket, key expiration: 1632924649
sept. 29 15:40:50 mail.domain.net postfix/submission/smtpd[807564]: SSL_accept:SSLv3/TLS write session ticket
sept. 29 15:40:50 mail.domain.net postfix/submission/smtpd[807564]: Anonymous TLS connection established from unknown[192.168.1.30]: TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256
sept. 29 15:40:51 mail.domain.net auth[807553]: pam_sss(dovecot:auth): authentication success; logname= uid=0 euid=0 tty=dovecot ruser=comm rhost=192.168.1.30 user=comm
sept. 29 15:40:52 mail.domain.net postfix/submission/smtpd[807564]: B898A7F9E7C: client=unknown[192.168.1.30], sasl_method=PLAIN, sasl_username=comm
sept. 29 15:40:53 mail.domain.net postfix/cleanup[807516]: B898A7F9E7C: message-id=<[email protected]>
sept. 29 15:40:55 mail.domain.net postfix/qmgr[807513]: B898A7F9E7C: from=<[email protected]>, size=829, nrcpt=2 (queue active)
sept. 29 15:40:55 mail.domain.net dovecot[807537]: lmtp(807580): Connect from local
sept. 29 15:40:55 mail.domain.net dovecot[807537]: lmtp(807581): Connect from local
sept. 29 15:40:55 mail.domain.net dovecot[807537]: lmtp(james)<807581><AkBAEedsVGGdUgwAgoIkEA>: sieve: msgid=<[email protected]>: failed to store into mailbox 'INBOX': Quota exceeded (mailbox for user is full)
sept. 29 15:40:55 mail.domain.net dovecot[807537]: lmtp(james)<807581><AkBAEedsVGGdUgwAgoIkEA>: sieve: Execution of script /var/spool/mail/SpamAndBcc.sieve failed with unsuccessful implicit keep
sept. 29 15:40:55 mail.domain.net dovecot[807537]: lmtp(807581): Disconnect from local: Logged out (state=READY)
sept. 29 15:40:55 mail.domain.net postfix/lmtp[807520]: B898A7F9E7C: to=<[email protected]>, relay=mail.domain.net[private/dovecot-lmtp], delay=2.9, delays=2.9/0/0.02/0.01, dsn=5.2.2, status=bounced (host mail.domain.net[private/dovecot-lmtp] said: 552 5.2.2 <[email protected]> Quota exceeded (mailbox for user is full) (in reply to end of DATA command))
sept. 29 15:40:55 mail.domain.net dovecot[807537]: lmtp(archive)<807580><tDXGEOdsVGGcUgwAgoIkEA>: sieve: msgid=<[email protected]>: failed to store into mailbox 'INBOX': Quota exceeded (mailbox for user is full)
sept. 29 15:40:55 mail.domain.net dovecot[807537]: lmtp(archive)<807580><tDXGEOdsVGGcUgwAgoIkEA>: sieve: Execution of script /var/spool/mail/SpamAndBcc.sieve failed with unsuccessful implicit keep
sept. 29 15:40:55 mail.domain.net dovecot[807537]: lmtp(807580): Disconnect from local: Logged out (state=READY)
sept. 29 15:40:55 mail.domain.net postfix/lmtp[807518]: B898A7F9E7C: to=<[email protected]>, relay=mail.domain.net[private/dovecot-lmtp], delay=2.9, delays=2.9/0/0.01/0.02, dsn=5.2.2, status=bounced (host mail.domain.net[private/dovecot-lmtp] said: 552 5.2.2 <[email protected]> Quota exceeded (mailbox for user is full) (in reply to end of DATA command))
sept. 29 15:40:55 mail.domain.net postfix/cleanup[807516]: 4C21A7F9E81: message-id=<[email protected]>
sept. 29 15:40:55 mail.domain.net postfix/bounce[807514]: B898A7F9E7C: sender non-delivery notification: 4C21A7F9E81
sept. 29 15:40:55 mail.domain.net postfix/qmgr[807513]: 4C21A7F9E81: from=<>, size=3725, nrcpt=1 (queue active)
sept. 29 15:40:55 mail.domain.net postfix/cleanup[807516]: 4E1987F9E83: message-id=<[email protected]>
sept. 29 15:40:55 mail.domain.net dovecot[807537]: lmtp(807581): Connect from local
sept. 29 15:40:55 mail.domain.net postfix/bounce[807514]: B898A7F9E7C: postmaster non-delivery notification: 4E1987F9E83
sept. 29 15:40:55 mail.domain.net postfix/qmgr[807513]: 4E1987F9E83: from=<[email protected]>, size=3735, nrcpt=1 (queue active)
sept. 29 15:40:55 mail.domain.net postfix/qmgr[807513]: B898A7F9E7C: removed
sept. 29 15:40:55 mail.domain.net dovecot[807537]: lmtp(807580): Connect from local
sept. 29 15:40:55 mail.domain.net dovecot[807537]: lmtp(james)<807580><4MiYE+dsVGGcUgwAgoIkEA>: sieve: msgid=<[email protected]>: failed to store into mailbox 'INBOX': Quota exceeded (mailbox for user is full)
sept. 29 15:40:55 mail.domain.net dovecot[807537]: lmtp(james)<807580><4MiYE+dsVGGcUgwAgoIkEA>: sieve: Execution of script /var/spool/mail/SpamAndBcc.sieve failed with unsuccessful implicit keep
sept. 29 15:40:55 mail.domain.net dovecot[807537]: lmtp(807580): Disconnect from local: Logged out (state=READY)
sept. 29 15:40:55 mail.domain.net postfix/lmtp[807518]: 4E1987F9E83: to=<[email protected]>, orig_to=<postmaster>, relay=mail.domain.net[private/dovecot-lmtp], delay=0.01, delays=0.01/0/0/0, dsn=5.2.2, status=bounced (host mail.domain.net[private/dovecot-lmtp] said: 552 5.2.2 <[email protected]> Quota exceeded (mailbox for user is full) (in reply to end of DATA command))
sept. 29 15:40:55 mail.domain.net postfix/cleanup[807516]: 564EF7F9E85: message-id=<[email protected]>
sept. 29 15:40:55 mail.domain.net postfix/bounce[807514]: 4E1987F9E83: sender non-delivery notification: 564EF7F9E85
sept. 29 15:40:55 mail.domain.net postfix/qmgr[807513]: 564EF7F9E85: from=<>, size=5838, nrcpt=1 (queue active)
sept. 29 15:40:55 mail.domain.net postfix/qmgr[807513]: 564EF7F9E85: to=<[email protected]>, relay=none, delay=0.01, delays=0.01/0/0/0, dsn=2.0.0, status=sent (undeliverable postmaster notification discarded)
sept. 29 15:40:55 mail.domain.net postfix/qmgr[807513]: 564EF7F9E85: removed
sept. 29 15:40:55 mail.domain.net postfix/cleanup[807516]: 582FA7F9E86: message-id=<[email protected]>
sept. 29 15:40:55 mail.domain.net postfix/bounce[807514]: 4E1987F9E83: postmaster non-delivery notification: 582FA7F9E86
sept. 29 15:40:55 mail.domain.net postfix/qmgr[807513]: 582FA7F9E86: from=<[email protected]>, size=2273, nrcpt=1 (queue active)
sept. 29 15:40:55 mail.domain.net postfix/qmgr[807513]: 4E1987F9E83: removed
sept. 29 15:40:55 mail.domain.net dovecot[807537]: lmtp(807580): Connect from local
sept. 29 15:40:55 mail.domain.net dovecot[807537]: lmtp(james)<807580><ANfqFedsVGGcUgwAgoIkEA>: sieve: msgid=<[email protected]>: failed to store into mailbox 'INBOX': Quota exceeded (mailbox for user is full)
sept. 29 15:40:55 mail.domain.net dovecot[807537]: lmtp(james)<807580><ANfqFedsVGGcUgwAgoIkEA>: sieve: Execution of script /var/spool/mail/SpamAndBcc.sieve failed with unsuccessful implicit keep
sept. 29 15:40:55 mail.domain.net dovecot[807537]: lmtp(807580): Disconnect from local: Logged out (state=READY)
sept. 29 15:40:55 mail.domain.net dovecot[807537]: lmtp(comm)<807581><YGYhE+dsVGGdUgwAgoIkEA>: sieve: msgid=<[email protected]>: stored mail into mailbox 'INBOX'
sept. 29 15:40:55 mail.domain.net postfix/lmtp[807520]: 4C21A7F9E81: to=<[email protected]>, relay=mail.domain.net[private/dovecot-lmtp], delay=0.06, delays=0.01/0/0/0.05, dsn=2.0.0, status=sent (250 2.0.0 <[email protected]> YGYhE+dsVGGdUgwAgoIkEA Saved)
sept. 29 15:40:55 mail.domain.net dovecot[807537]: lmtp(807581): Disconnect from local: Logged out (state=READY)
sept. 29 15:40:55 mail.domain.net postfix/qmgr[807513]: 4C21A7F9E81: removed
sept. 29 15:40:55 mail.domain.net postfix/lmtp[807518]: 582FA7F9E86: to=<[email protected]>, orig_to=<postmaster>, relay=mail.domain.net[private/dovecot-lmtp], delay=0.01, delays=0/0/0/0, dsn=5.2.2, status=bounced (host mail.domain.net[private/dovecot-lmtp] said: 552 5.2.2 <[email protected]> Quota exceeded (mailbox for user is full) (in reply to end of DATA command))
sept. 29 15:40:55 mail.domain.net postfix/cleanup[807516]: 5C8387F9E88: message-id=<[email protected]>
sept. 29 15:40:55 mail.domain.net postfix/bounce[807514]: 582FA7F9E86: sender non-delivery notification: 5C8387F9E88
sept. 29 15:40:55 mail.domain.net postfix/qmgr[807513]: 5C8387F9E88: from=<>, size=4376, nrcpt=1 (queue active)
sept. 29 15:40:55 mail.domain.net postfix/qmgr[807513]: 5C8387F9E88: to=<[email protected]>, relay=none, delay=0.01, delays=0.01/0/0/0, dsn=2.0.0, status=sent (undeliverable postmaster notification discarded)
sept. 29 15:40:55 mail.domain.net postfix/qmgr[807513]: 5C8387F9E88: removed
sept. 29 15:40:55 mail.domain.net postfix/cleanup[807601]: 5E7F37F9E89: message-id=<[email protected]>
sept. 29 15:40:55 mail.domain.net postfix/bounce[807514]: 582FA7F9E86: postmaster non-delivery notification: 5E7F37F9E89
sept. 29 15:40:55 mail.domain.net postfix/qmgr[807513]: 5E7F37F9E89: from=<[email protected]>, size=2273, nrcpt=1 (queue active)
sept. 29 15:40:55 mail.domain.net postfix/qmgr[807513]: 582FA7F9E86: removed
sept. 29 15:40:55 mail.domain.net dovecot[807537]: lmtp(807581): Connect from local
sept. 29 15:40:55 mail.domain.net dovecot[807537]: lmtp(james)<807581><YBy8F+dsVGGdUgwAgoIkEA>: sieve: msgid=<[email protected]>: failed to store into mailbox 'INBOX': Quota exceeded (mailbox for user is full)
sept. 29 15:40:55 mail.domain.net dovecot[807537]: lmtp(james)<807581><YBy8F+dsVGGdUgwAgoIkEA>: sieve: Execution of script /var/spool/mail/SpamAndBcc.sieve failed with unsuccessful implicit keep
sept. 29 15:40:55 mail.domain.net dovecot[807537]: lmtp(807581): Disconnect from local: Logged out (state=READY)
sept. 29 15:40:55 mail.domain.net postfix/lmtp[807520]: 5E7F37F9E89: to=<[email protected]>, orig_to=<postmaster>, relay=mail.domain.net[private/dovecot-lmtp], delay=0.02, delays=0.01/0/0/0.01, dsn=5.2.2, status=bounced (host mail.domain.net[private/dovecot-lmtp] said: 552 5.2.2 <[email protected]> Quota exceeded (mailbox for user is full) (in reply to end of DATA command))
sept. 29 15:40:55 mail.domain.net postfix/cleanup[807516]: 644BE7F9E8B: message-id=<[email protected]>
sept. 29 15:40:55 mail.domain.net postfix/bounce[807514]: 5E7F37F9E89: sender non-delivery notification: 644BE7F9E8B
sept. 29 15:40:55 mail.domain.net postfix/qmgr[807513]: 644BE7F9E8B: from=<>, size=4376, nrcpt=1 (queue active)
sept. 29 15:40:55 mail.domain.net postfix/qmgr[807513]: 644BE7F9E8B: to=<[email protected]>, relay=none, delay=0.01, delays=0.01/0/0/0, dsn=2.0.0, status=sent (undeliverable postmaster notification discarded)
sept. 29 15:40:55 mail.domain.net postfix/qmgr[807513]: 644BE7F9E8B: removed
sept. 29 15:40:55 mail.domain.net postfix/cleanup[807601]: 65F957F9E8C: message-id=<[email protected]>
sept. 29 15:40:55 mail.domain.net postfix/bounce[807514]: 5E7F37F9E89: postmaster non-delivery notification: 65F957F9E8C
sept. 29 15:40:55 mail.domain.net postfix/qmgr[807513]: 65F957F9E8C: from=<[email protected]>, size=2273, nrcpt=1 (queue active)
sept. 29 15:40:55 mail.domain.net postfix/qmgr[807513]: 5E7F37F9E89: removed

And it keeps going the same way until I restart postfix & dovecot. It looks like the system geneates an email from postmaster to james, and since james's mailbox is full it keeps looping. Any clue on a parameter to fix this ?

Thanks in advance.

On a dovecot IMAP setup,we need to share the root of the other user's mailbox; i.e. Inbox bu also Sent, Trash, etc.

Here we could only share 'INBOX' as doveadm does not accept / nor * when giving the right acl and register in the dict.

Any clue on how to share entire mailbox and populate `shared/user/{Inbox, Sent, Trash,...} ?

Setup

On a postfix+dovecot setup with system users, mailbox sharing has been setup:

acl.conf:
plugin {
  #acl = vfile:/etc/dovecot/global-acls:cache_secs=300
  acl = vfile
}

# To let users LIST mailboxes shared by other users, Dovecot needs a
# shared mailbox dictionary. For example:
plugin {
  #acl_shared_dict = file:/var/lib/dovecot/shared-mailboxes
  acl_shared_dict = file:/var/mail/shared-dict

}

shared.conf:
namespace {
  type = shared
  separator = /
  prefix = shared/%%u/
  location = maildir:%%h/mail:INDEX=~/mail/shared/%%u
  #subscriptions = no
  list = children
}
mail_shared_explicit_inbox = yes

Using doveadm to populate the acl and the dictionnary:

doveadm -Dv acl add -u james 'INBOX' user=john lookup read write write-seen write-deleted insert post expunge create delete admin

All works.

Problem

1. Folders

Logged in as james, the shared/john folder show only the inbox folder. ANd its subfolders if we create any. Hence we tried with the mail_shared_explicit_inbox setting to make the other folders appear. We also tried to use '*' or '' in the doveadm command, it fails. With no luck.

Is there any way to show in shared/john the entire mailbox of james ?

2. setup in MUA someone else's mailbox. If we setup in any IMAP MUA the address of john, but with the login/passwd of james, the mailbox that will be shown will actually be james's. Suspect it comes from:

userdb {
  driver = passwd
  override_fields = home=/var/spool/mail/%d/%u uid=mail gid=mail
}

This was to enable running as mail:mail, which does not have access to the home folders.

and/or out of any namespace brackets:

mail_location = maildir:~/mail

But we cannot use %%u in here since it needs %u to access when the user himself is logged in.

Any way to perform that ? The purpose is to have a common mailbox that people can use indistinctively.

Thanks in advance !

Setup

• postfix forwards all mails to an archive@domain user via always_bcc,

• postfix saves all the RCPT TO in X-Envelope-To headers to perserve the bcc recipients,

• postfix deletes X-Envelope-To for smtp transfers out for privacy reasons,

• postfix delivers messages to dovecot via lmtp.

• dovecot uses a sieve script to flush the X-Envelope-To for all users except archive@domain.

Problem

There is one X-Envelope-To for each RCPT TO initially. So I would like the sieve script to add a single Bcc header concatenating several X-Envelope-To values.

require "fileinto";
require "imap4flags";
require ["editheader", "envelope"];
require "regex";
require ["variables","mime","foreverypart"];


if envelope :is "to" "archive@domain" {
   concat = """"";
   foreverypart {
        if header :regex "X-Envelope-To" "(.*)" {
        concat = ${concat}  "${1}";
        }
   }
   addheader "Bcc" "${1}";

} else {
   deleteheader "X-Envelope-To";
}

Which does not work...

Any easy way to do that in sieve ? Or no other way than an external script ? Or perhaps postfix could concatenate all that but that means a milter ?

Thanks in advance

Bcc'ing the [email protected] user, we do not want people to receive that Bcc list, apart from the [email protected] "user".

Goal

1. We want to archive all mails going through postfix, sent and received. The setup uses:

• postfix,
• dovecot authentication with Pam (pulling from Ldap) users,
• and delivery to the mailboxes via Dovecot's LMTP.

2. We want to include the Bcc recipients in the message archive.

3. We do not want people to receive that Bcc list, apart from the [email protected] "user".

Trial

1. Using always_bcc = [email protected] Works. But the Bcc recipiets (which as per rights are in the envelope as RCPT TO and not in a header) get lost.

2. Using: (as per What options are there to archive Postfix email and preserve any BCC information in the header)

main.cf
smtpd_recipient_restrictions =
  check_recipient_access pcre:/etc/postfix/prepend.pcre

while the pcre expression is:

prepend.pcre
/(.+)/          PREPEND X-Envelope-To: $1

which works like a charm: my message stored has the headers To:; Cc; X-Envelope-To. If any day we need to dig into it, we can know who received the message even in Bcc. (NB: the X-Envelope-To includes the To and Cc people, pas well as the external domains recipients).

3. To eliminate the X-Envelope-To: For sending out:

smtp_header_checks = pcre:/etc/postfix/smtp_header_checks.pcre

With the contents:

smtp_header_checks.pcre
/^X-Envelope-To:/               IGNORE

All ok until there.

Problem

To eliminate the X-Envelope-To for emails not leaving the server. I did:

lmtp_header_checks = pcre:/etc/postfix/lmtp_header_checks.pcre

lmtp_header_checks.pcre
/^X-Envelope-To:/               IGNORE

But this is not selective, even [email protected] looses the header that was "saved" the Bcc list.

I cannot find a way to the that header check selective since it only evaluates the line itself and cannot use the recipient to make a condition (even using the "if" of the pcre). (http://www.postfix.org/pcre_table.5.html)

Is there any variable that can be used ? A thought was to: include "[email protected]" in the X-Envelope-To header prepended, in the lmtp_header_checks.pcre, include something like: [email protected] not equal to $LMTP_DELIVERY_RECIPIENT Delivered-To or X-Delivered-To remain a separate header that the pcre cannot evaluate as a variable.

Otherwise is there a way to have lmtp trigger some milter ? And a simple lmtp_milter filter I can use for that ?

Been chasing for days in all docs possible, Thanks in advance