On 8/05/2023 10:19 am, Wietse Venema via Postfix-users wrote:
Sean Gallagher via Postfix-users:
ADDRESS_CLASS_README:
The most misleading place for me was the ADDRESS_CLASS_README
For "The virtual alias domain class" it says:
"Valid recipient addresses are listed with the virtual_alias_maps
parameter"
which is of course true, but there is nothing special about the virtual
alias domain class in that respect. After reading that readme, one could
be forgiven for thinking that the virtual_alias_maps would not be
applied to the other domain classes.
The virtual_alias_maps parameter should at least be mentioned in the
recipient address text of the other domain class explanations.
Perhaps another less confusing way to document it would be to describe a
"class-less" mode of operation that uses just the virtual_alias_maps and
transport_maps, and go on to say that class-full and class-less routing
can co-exist.
sorry, that class-less idea ignores the REQUIREMENT for recipient
address validation. The Postfix SMTP server MUST accept only
recipient addresses match the recipient table for their address
class.
I'm not suggesting any new functionality. I'm only describing how Pf
currently works, to the best of my knowledge.
check_rcpt_maps() in smtpd_check.c first looks for the recipient in
rcpt_canon_mapsand virt_alias_maps, that's the class-less part. Then it
classifies the recipient domain and checks the relevant recipient table
- that's the class-full part.
You _could_ (not saying it's a good idea) configure Pf with
$mydestination, $virtual_alias_domains, $virtual_mailbox_domains and
$relay_domains all empty and rely only on $virtual_alias_maps and
$transport_maps and have a perfectly functional and secure system. i.e.
the fully class-less path.
Anyway, it was just an idea - not meant to be provocative.
Sean.
--
This email has been checked for viruses by AVG antivirus software.
www.avg.com
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
