On Sun, Dec 05, 2021 at 12:38:00PM +1100, raf <post...@raf.org> wrote:
> On Fri, Dec 03, 2021 at 06:11:27PM -0500, bobby > <architectofthefut...@gmail.com> wrote: > > > I stood up my server using these instructions from this website, which have > > gotten me VERY far. However, I'm at a deviation point. I'd like to have > > virtual users (and not require local unix accounts for those "users"), and > > then possibly even forward those emails to a real user, effectively > > masking/masquerading. > > https://www.linuxbabe.com/mail-server/setup-basic-postfix-mail-sever-ubuntu > > I noticed on her site, she has a section for: > > Create Virtual Mailboxes with PostfixAdmin (Ubuntu 18.04, Ubuntu 20.04) > > Trying to avoid a gui when/where possible, for security reasons. I am > > running 20.04 by the way. Just noticed the following bullet point actually > > on her site: > > "command-line client postfixadmin-cli for those who don’t want to click > > around in a web interface", which is probably what I'd do, or would like to > > do. But this is what caught my attention: " > > Note: Once you finish part 3, you can no longer use local Unix accounts as > > email addresses. You must create email addresses from the PostfixAdmin web > > interface." So I'm sure completing these instructions, would break my > > current setup. > > What is the best way to accomplish this? I've been playing around with the > > mysql path - thoughts on this approach? Any good tutorials that anyone can > > recommend, that use dovecot, postfix, and imap? > > I should note, I'd be the only user of this mail server. > > I think that using additional software for managing > virtual domains/users is unnecessary unless you have > large numbers of either, or if they change frequently. > > I have a small number of virtual domains and users and > manage it manually just with Postfix's configuration > files. It looks roughly like this: > > /etc/postfix/main.cf: > virtual_alias_domains = a.org b.org c.org > virtual_alias_maps = hash:/etc/postfix/virtual > virtual_mailbox_domains = virt.a.org > virtual_mailbox_maps = hash:/etc/postfix/vmailbox > virtual_mailbox_base = /var/vmailboxes > # uid 109 = user dovecot > virtual_minimum_uid = 109 > virtual_uid_maps = static:109 > # gid 115 = group dovecot > virtual_gid_maps = static:115 > > /etc/postfix/virtual: > a.org anything > d...@a.org localuser > k...@a.org k...@remote.org > a...@a.org alex.a....@virt.a.org > b.org anything > hostmas...@b.org root > postmas...@b.org root > s...@b.org sam.b....@virt.a.org > c.org anything > hostmas...@c.org root > postmas...@c.org root > j...@c.org jude.c....@virt.a.org > > /etc/postfix/vmailbox: > alex.a.org a...@a.org/Maildir/ > sam.b.org s...@b.org/Maildir/ > jude.c.org j...@c.org/Maildir/ Oops. The /etc/vmailbox contents above should be: alex.a....@virt.a.org a...@a.org/Maildir/ sam.b....@virt.a.org s...@b.org/Maildir/ jude.c....@virt.a.org j...@c.org/Maildir/ > The example above includes delivery to local users, > forwarding to remote users, and to local dovecot > accounts. My setup is a bit different because one of > the virtual domains has lots of addresses, and it is > added to frequently, so it has its own separate virtual > database that I manage with my own scripts. Doing > things manually will give you the flexibility you are > after. And once you are comfortable doing it manually, > you can probably write your own scripts to automate > parts that would benefit from automation, without > having to completely adopt someone else's model. > > The lines containing "anything" aren't necessary. If > they are there, then you don't need to set > virtual_alias_domains in main.cf (by default, Postfix > will find them in the virtual database). If they aren't > there, then you do need to set virtual_alias_domains in > main.cf to tell Postfix what the virtual domains are. > > Be warned that, if you forward to remote users, you > will run into bounces when the sending domain uses > strict SPF (-all). In that case, you will want to setup > SRS-enabled forwarding with postsrsd and postforward. > > That involves aliasing forwarded addresses to a local > entry in /etc/aliases that invokes postforward to > re-submit the mail using SRS addresses obtained from > postsrsd. For example, to change the k...@a.org address > to do this, its line in /etc/postfix/virtual would > change to: > > k...@a.org kim > > And /etc/aliases would contain something like this: > > kim: "/usr/local/bin/postforward k...@remote.org" > > Using postsrsd on its own without postforward rewrites > all envelope sender addresses whether they are > forwarded or not which seems wrong. > > And of course, don't forget to: > > postmap hash:/etc/postfix/virtual > postmap hash:/etc/postfix/vmailbox > > whenever those files are modified. > > cheers, > raf >
