On Tue, Aug 14, 2012 at 1:22 PM, Ori Bani <orib...@gmail.com> wrote: > On Tue, Aug 14, 2012 at 12:33 PM, Wietse Venema <wie...@porcupine.org> wrote: >> Ori Bani: >>> On Tue, Aug 14, 2012 at 5:27 AM, Noel Jones <njo...@megan.vbhcs.org> wrote: >>> > On 8/14/2012 5:14 AM, Ori Bani wrote: >>> >> I'm curious, if you have a smtpd service in master.cf that listens on >>> >> an IP address, if it would be possible to restrict the recipient maps >>> >> just to the recipients in the domain associated with that IP address >>> >> (there are other smtpd services/domains/IP addresses on the same >>> >> postfix instance). >>> > >>> > An excellent application for multiple instances. >>> > >>> >> Or can I override in master.cf >>> >> with the right combination of settings? >>> > >>> > Possible, but for multiple personalities it will become an >>> >>> If possible, would someone kindly explain what overrides are needed to >>> achieve this so I can gague the complexity I am willing to handle? It >>> would be greatly appreciated. >> >> The smtpd entry needs a rewrite_service_name override that directs >> queries to its own trivial-rewrite daemon. These smtpd and >> trivial-rewrite daemons need overrides for all the address class >> parameters (see ADDRESS_CLASS_README.html). Depending on what you >> do in the cleanup daemon, this smtpd entry may also need overrides >> for cleanup_service to direct requests to its own cleanup daemon. >> And depending on what you do in the queue manager, this cleanup >> entry may need a queue_directory and queue_service_name overrides >> to direct requests to its own queue manager with its own queue. If >> you want to bounce mail with the "right" MTA personality, then >> everything including delivery agents needs overrides for bounce_service, >> defer_service, and trace_service, and those need overrides to present >> the "right" MTA personality. > > In that case, it's clearly a win to go multi-instance. In this case, > I'm only asking what overrides are necessary to make a smtpd service > report "relay denied" for both external domains as usual as well as > domains that are handled on the same machine by a different smtpd > service. I don't think that task should require so much work?
(My) Intuition says -o mydestination=... should be sufficient, but I'm not seeing this alone work.