Ori Bani:
[ Charset ISO-8859-1 unsupported, converting... ]
> On Tue, Aug 14, 2012 at 12:33 PM, Wietse Venema <wie...@porcupine.org> wrote:
> > Ori Bani:
> >> On Tue, Aug 14, 2012 at 5:27 AM, Noel Jones <njo...@megan.vbhcs.org> wrote:
> >> > On 8/14/2012 5:14 AM, Ori Bani wrote:
> >> >> I'm curious, if you have a smtpd service in master.cf that listens on
> >> >> an IP address, if it would be possible to restrict the recipient maps
> >> >> just to the recipients in the domain associated with that IP address
> >> >> (there are other smtpd services/domains/IP addresses on the same
> >> >> postfix instance).
> >> >
> >> > An excellent application for multiple instances.
> >> >
> >> >> Or can I override in master.cf
> >> >> with the right combination of settings?
> >> >
> >> > Possible, but for multiple personalities it will become an
> >>
> >> If possible, would someone kindly explain what overrides are needed to
> >> achieve this so I can gague the complexity I am willing to handle? It
> >> would be greatly appreciated.
> >
> > The smtpd entry needs a rewrite_service_name override that directs
> > queries to its own trivial-rewrite daemon. These smtpd and
> > trivial-rewrite daemons need overrides for all the address class
> > parameters (see ADDRESS_CLASS_README.html). Depending on what you
> > do in the cleanup daemon, this smtpd entry may also need overrides
> > for cleanup_service to direct requests to its own cleanup daemon.
> > And depending on what you do in the queue manager, this cleanup
> > entry may need a queue_directory and queue_service_name overrides
> > to direct requests to its own queue manager with its own queue. If
> > you want to bounce mail with the "right" MTA personality, then
> > everything including delivery agents needs overrides for bounce_service,
> > defer_service, and trace_service, and those need overrides to present
> > the "right" MTA personality.
>
> In that case, it's clearly a win to go multi-instance. In this case,
> I'm only asking what overrides are necessary to make a smtpd service
> report "relay denied" for both external domains as usual as well as
> domains that are handled on the same machine by a different smtpd
> service. I don't think that task should require so much work?
For correct "user unknown" error messages both smtpd(8) and
trivial-rewrite(8) need to agree on the list of valid domains and
on the list of valid recipients.
For correct "relay access denied" error messages, both smtpd(8) and
trivial-rewrite(8) need to agree on the list of valid domains.
Therefore, the smtpd entry needs a rewrite_service override and
both smtpd and trivial-rewrite need overrides for all the address
class parameters (see ADDRESS_CLASS_README.html).
Wietse
