I'm sorry Viktor, but it seems I didn't make my goal clear. Here it is again restated.
Our canonical domain is example.com Two of our hosted domains are domainA.com, and domainB.com. These are not subdomains of example.com, but rather separate domains entirely that are delivered locally. The goal is that users in domainA.com will see their mail as being addressed to u...@domaina.com, but users in domainB.com will see their mail as being addressed to u...@example.com I have tested using canonical_maps where: u...@domainb.com u...@example.com <u...@myexample.com> This seems to do what I need it to do, though once I spend some time with it I may need to check out regexp_table. Thankfully I'm no stranger to regexes :) Thanks to all that responded! On Sun, Jan 15, 2017 at 1:31 PM, Viktor Dukhovni <postfix-us...@dukhovni.org > wrote: > > > On Jan 15, 2017, at 1:12 PM, Viktor Dukhovni <postfix-us...@dukhovni.org> > wrote: > > > > I recommend against masquerading, because it breaks recipient > > validation. Instead, construct a table of all the valid addresses > > for each user, and use canonical_maps. > > To be more precise, it is not that masquerading directly breaks > recipient validation, but rather that accepting mail for > an arbitrary sub-domain of a domain, as well as the domain itself, > means requires recipient validation to take place after rewriting, > but the Postfix smtpd(8) server performs validation on the original > input address prior to rewriting (which happens in cleanup(8)). > > If the goal is just to map user@a.example to user@b.example without > also accepting mail for user@foo.a.example, then masquerading is > entirely the wrong tool for the job (it is perhaps unfortunate > that Postfix and Sendmail use the same name for noticeably different > mechanisms). > > Mapping of secondary domains to primary domains is best accomplished > with canonical_maps, and wildcards need to be avoided in order to > retain recipient validation and not become a backscatter source. > > Therefore, build tables of explicit user@a.example -> user@b.example > canonical mappings. In Microsoft Exchange environments this is > accomplished by using LDAP to resolve "proxyAddresses = smtp:%s" > (each secondary address) to "mail" (the primary address). > > -- > Viktor. > >
