----- Message from Simon Wilson <si...@simonandkate.net> ---------
Date: Tue, 23 Mar 2021 11:23:58 +1000
From: Simon Wilson <si...@simonandkate.net>
Reply-To: si...@simonandkate.net
Subject: Re: Rewrite user xxx in a specific local domain
To: postfix-users@postfix.org
----- Message from Viktor Dukhovni <postfix-us...@dukhovni.org> ---------
Date: Mon, 22 Mar 2021 20:25:01 -0400
From: Viktor Dukhovni <postfix-us...@dukhovni.org>
Reply-To: postfix-users@postfix.org
Subject: Re: Rewrite user xxx in a specific local domain
To: postfix-users@postfix.org
On Tue, Mar 23, 2021 at 10:16:31AM +1000, Simon Wilson wrote:
I run multiple local domains, and for the first time need to have the
same username in two of them go to different local accounts.
I.e. my son has a local (LDAP) account "dom". Mail sent to
dom@his-personal-domain reaches that mailbox fine. He now has a
business domain, and I have setup a LDAP account dom.w, so
dom.w@his-business-domain works fine. What I want to be able to do is
rewrite dom@his-business-domain when it is received so it delivers to
dom.w@his-business-domain.
From what I read at http://www.postfix.org/aliases.5.html I don't
think I can do this with aliases directly, as the "name" component of
the alias line is a local address with no domain part. What I need to
have happen (written in alias-style format) is this:
dom@his-personal-domain: dom # this works fine already
dom.w@his-business-domain: dom.w # this works fine already
dom@his-business-domain: dom.w # this is the bit I want to add
How do I achieve this with rewriting or aliasing, i.e. without having
to move to virtual domains?
You don't have to move to "virtual domains". The virtual(5) aliases
table applies to all recipient addresses, regardless of "address class".
In fact you should avoid local aliases(5) for address to address
rewriting, and do all such rewriting in virtual(5) instead, using
the aliases(5) file only for "|command", "/some/file" or ":include:"
aliases.
That said, I recommend making *all* you real domains be virtual alias
domains, and using only "localhost.localdomain" or similar as the only
domain in mydestination, with all addresses intended for local delivery
rewritten into that domain as appropriate.
In some cases I go further and add access(5) rules that block direct
remote addressing of that domain, so that all inbound mail has to
come through one of the virtual alias domains.
So you can certainly migrate to virtual alias domains, which is a
better model.
----- End message from Viktor Dukhovni <postfix-us...@dukhovni.org> -----
Thanks Viktor and Noel.
Reading http://www.postfix.org/VIRTUAL_README.html, what I currently
have is "As simple as can be: shared domains, UNIX system accounts":
/etc/postfix/main.cf:
mydestination = $myhostname, localhost.$mydomain ...
simonandkate.net,... etc
...with any required aliases in /etc/aliases, e.g.:
root: si...@simonandkate.net
si: si...@simonandkate.net
etc.
Noel's response is the 'quickest way to achieve what I want':
- insert "dom@business-domain dom.w@business-domain" into
/etc/postfix/virtual
- postmap /etc/postfix/virtual & postfix reload
- I assume this works because of:
[root@emp87 postfix]# postconf -n | grep virtual_transport
[root@emp87 postfix]# postconf -d | grep virtual_transport
...
virtual_transport = virtual
- This keeps me on "As simple as can be: shared domains, UNIX system
accounts", but uses the virtual transport to resolve my requirement
for this one address only.
I read Viktor's response as a step further, taking me to "Postfix
virtual ALIAS example: separate domains, UNIX system accounts"
(http://www.postfix.org/VIRTUAL_README.html):
- mydestination = $myhostname, localhost.$mydomain # no hosted
domains in here
- virtual_alias_domains = simonandkate.net, ... # all hosted domains here
- virtual_alias_maps = hash:/etc/postfix/virtual
- have all hosted email addresses mapped to locals in /etc/postfix/virtual:
si...@simonandkate.net simon
s...@simonandkate.net simon
dom@personal-domain dom
dom@business-domain dom.w
etc.
Questions on 'virtual':
1. leave local aliases in /etc/aliases? e.g. postmaster: root;
virusalert: root; root: si...@simonandkate.net, etc.?
2. looks like virtual multiple recipients works per aliases, e.g.
"voicem...@simonandkate.net si...@simonandkate.net,
us...@simonandkate.net"?
3. http://www.postfix.org/virtual.5.html says that each virtual
alias domain needs a line with no addresses:
/etc/postfix/virtual:
virtual-alias.domain anything (right-hand content does
not matter) <----- this line -----
postmaster@virtual-alias.domain postmaster
user1@virtual-alias.domain address1
user2@virtual-alias.domain address2, address3
The virtual-alias.domain anything entry is required for a
virtual alias domain. Without this entry, mail is rejected
with "relay access denied", or bounces with "mail loops back to
myself".
...yet this requirement for "virtual-alias.domain anything
(right-hand content does not matter)" is not stated in
http://www.postfix.org/VIRTUAL_README.html. If it is required,
should http://www.postfix.org/VIRTUAL_README.html not reflect that?
Or am I misreading one or the other?
Thanks Simon
OK I had about 5 longer re-reads of virtual... :-D and I think I got it...
When you leave the default of "virtual_alias_domains =
$virtual_alias_maps" and set "virtual_alias_maps[1] =
hash[2]:/etc/postfix/virtual" THAT is when it is compulsory to have
the "virtual-alias.domain anything (right-hand content does not
matter)" in /etc/postfix/virtual... but if I set virtual_alias_domains
to specifically contain the virtual domains, then the
virtual_alias_maps no longer needs those lines.
I.e. either:
1.
- mydestination = $myhostname, localhost.$mydomain # no hosted
domains in here
- virtual_alias_domains = $virtual_alias_maps (i.e. leave as default)
- virtual_alias_maps = hash:/etc/postfix/virtual
- have all hosted domains AND email addresses in /etc/postfix/virtual:
simonandkate.net
si...@simonandkate.net simon
s...@simonandkate.net simon
voicem...@simonandkate.net simon, user2
personal-domain
dom@personal-domain dom
dom@business-domain dom.w
etc.
OR
2.
- mydestination = $myhostname, localhost.$mydomain # no hosted
domains in here
- virtual_alias_domains = simonandkate.net, personal-domain...
- virtual_alias_maps = hash:/etc/postfix/virtual
- have all hosted email addresses in /etc/postfix/virtual:
si...@simonandkate.net simon
s...@simonandkate.net simon
voicem...@simonandkate.net simon, user2
dom@personal-domain dom
dom@business-domain dom.w
etc.
I think that is correct?
Simon
Links:
------
[1] http://www.postfix.org/postconf.5.html#virtual_alias_maps
[2] http://www.postfix.org/DATABASE_README.html#types
--
Simon Wilson
M: 0400 12 11 16
