Possible to override recipient maps for a service in master.cf?
I'm curious, if you have a smtpd service in master.cf that listens on an IP address, if it would be possible to restrict the recipient maps just to the recipients in the domain associated with that IP address (there are other smtpd services/domains/IP addresses on the same postfix instance). I tried a simple test, adding -o options to override virtual_mailbox/alias_maps, but it seemed like I also had to override transport_maps/mydestination (not sure which) and I could make it work, but it seems clunky. The rejection is not a no relaying error, instead it complains about unknown domain. So I think there is probably a better way to do this, no? Is the only right way to run multiple instances? Or can I override in master.cf with the right combination of settings? Thanks
Re: Possible to override recipient maps for a service in master.cf?
On Tue, Aug 14, 2012 at 5:27 AM, Noel Jones njo...@megan.vbhcs.org wrote: On 8/14/2012 5:14 AM, Ori Bani wrote: I'm curious, if you have a smtpd service in master.cf that listens on an IP address, if it would be possible to restrict the recipient maps just to the recipients in the domain associated with that IP address (there are other smtpd services/domains/IP addresses on the same postfix instance). An excellent application for multiple instances. Or can I override in master.cf with the right combination of settings? Possible, but for multiple personalities it will become an If possible, would someone kindly explain what overrides are needed to achieve this so I can gague the complexity I am willing to handle? It would be greatly appreciated. unmaintainable mess. Multiple instances are fairly painless with recent postfix versions, and you will get a system far easier to use and maintain going forward. http://www.postfix.org/MULTI_INSTANCE_README.html -- Noel Jones
Re: Possible to override recipient maps for a service in master.cf?
Ori Bani: On Tue, Aug 14, 2012 at 5:27 AM, Noel Jones njo...@megan.vbhcs.org wrote: On 8/14/2012 5:14 AM, Ori Bani wrote: I'm curious, if you have a smtpd service in master.cf that listens on an IP address, if it would be possible to restrict the recipient maps just to the recipients in the domain associated with that IP address (there are other smtpd services/domains/IP addresses on the same postfix instance). An excellent application for multiple instances. Or can I override in master.cf with the right combination of settings? Possible, but for multiple personalities it will become an If possible, would someone kindly explain what overrides are needed to achieve this so I can gague the complexity I am willing to handle? It would be greatly appreciated. The smtpd entry needs a rewrite_service_name override that directs queries to its own trivial-rewrite daemon. These smtpd and trivial-rewrite daemons need overrides for all the address class parameters (see ADDRESS_CLASS_README.html). Depending on what you do in the cleanup daemon, this smtpd entry may also need overrides for cleanup_service to direct requests to its own cleanup daemon. And depending on what you do in the queue manager, this cleanup entry may need a queue_directory and queue_service_name overrides to direct requests to its own queue manager with its own queue. If you want to bounce mail with the right MTA personality, then everything including delivery agents needs overrides for bounce_service, defer_service, and trace_service, and those need overrides to present the right MTA personality. unmaintainable mess. Multiple instances are fairly painless with recent postfix versions, and you will get a system far easier to use and maintain going forward. http://www.postfix.org/MULTI_INSTANCE_README.html What the man says. Wietse
Re: Possible to override recipient maps for a service in master.cf?
On Tue, Aug 14, 2012 at 12:33 PM, Wietse Venema wie...@porcupine.org wrote: Ori Bani: On Tue, Aug 14, 2012 at 5:27 AM, Noel Jones njo...@megan.vbhcs.org wrote: On 8/14/2012 5:14 AM, Ori Bani wrote: I'm curious, if you have a smtpd service in master.cf that listens on an IP address, if it would be possible to restrict the recipient maps just to the recipients in the domain associated with that IP address (there are other smtpd services/domains/IP addresses on the same postfix instance). An excellent application for multiple instances. Or can I override in master.cf with the right combination of settings? Possible, but for multiple personalities it will become an If possible, would someone kindly explain what overrides are needed to achieve this so I can gague the complexity I am willing to handle? It would be greatly appreciated. The smtpd entry needs a rewrite_service_name override that directs queries to its own trivial-rewrite daemon. These smtpd and trivial-rewrite daemons need overrides for all the address class parameters (see ADDRESS_CLASS_README.html). Depending on what you do in the cleanup daemon, this smtpd entry may also need overrides for cleanup_service to direct requests to its own cleanup daemon. And depending on what you do in the queue manager, this cleanup entry may need a queue_directory and queue_service_name overrides to direct requests to its own queue manager with its own queue. If you want to bounce mail with the right MTA personality, then everything including delivery agents needs overrides for bounce_service, defer_service, and trace_service, and those need overrides to present the right MTA personality. In that case, it's clearly a win to go multi-instance. In this case, I'm only asking what overrides are necessary to make a smtpd service report relay denied for both external domains as usual as well as domains that are handled on the same machine by a different smtpd service. I don't think that task should require so much work?
Re: Possible to override recipient maps for a service in master.cf?
On Tue, Aug 14, 2012 at 1:22 PM, Ori Bani orib...@gmail.com wrote: On Tue, Aug 14, 2012 at 12:33 PM, Wietse Venema wie...@porcupine.org wrote: Ori Bani: On Tue, Aug 14, 2012 at 5:27 AM, Noel Jones njo...@megan.vbhcs.org wrote: On 8/14/2012 5:14 AM, Ori Bani wrote: I'm curious, if you have a smtpd service in master.cf that listens on an IP address, if it would be possible to restrict the recipient maps just to the recipients in the domain associated with that IP address (there are other smtpd services/domains/IP addresses on the same postfix instance). An excellent application for multiple instances. Or can I override in master.cf with the right combination of settings? Possible, but for multiple personalities it will become an If possible, would someone kindly explain what overrides are needed to achieve this so I can gague the complexity I am willing to handle? It would be greatly appreciated. The smtpd entry needs a rewrite_service_name override that directs queries to its own trivial-rewrite daemon. These smtpd and trivial-rewrite daemons need overrides for all the address class parameters (see ADDRESS_CLASS_README.html). Depending on what you do in the cleanup daemon, this smtpd entry may also need overrides for cleanup_service to direct requests to its own cleanup daemon. And depending on what you do in the queue manager, this cleanup entry may need a queue_directory and queue_service_name overrides to direct requests to its own queue manager with its own queue. If you want to bounce mail with the right MTA personality, then everything including delivery agents needs overrides for bounce_service, defer_service, and trace_service, and those need overrides to present the right MTA personality. In that case, it's clearly a win to go multi-instance. In this case, I'm only asking what overrides are necessary to make a smtpd service report relay denied for both external domains as usual as well as domains that are handled on the same machine by a different smtpd service. I don't think that task should require so much work? (My) Intuition says -o mydestination=... should be sufficient, but I'm not seeing this alone work.
Re: Possible to override recipient maps for a service in master.cf?
Ori Bani: [ Charset ISO-8859-1 unsupported, converting... ] On Tue, Aug 14, 2012 at 12:33 PM, Wietse Venema wie...@porcupine.org wrote: Ori Bani: On Tue, Aug 14, 2012 at 5:27 AM, Noel Jones njo...@megan.vbhcs.org wrote: On 8/14/2012 5:14 AM, Ori Bani wrote: I'm curious, if you have a smtpd service in master.cf that listens on an IP address, if it would be possible to restrict the recipient maps just to the recipients in the domain associated with that IP address (there are other smtpd services/domains/IP addresses on the same postfix instance). An excellent application for multiple instances. Or can I override in master.cf with the right combination of settings? Possible, but for multiple personalities it will become an If possible, would someone kindly explain what overrides are needed to achieve this so I can gague the complexity I am willing to handle? It would be greatly appreciated. The smtpd entry needs a rewrite_service_name override that directs queries to its own trivial-rewrite daemon. These smtpd and trivial-rewrite daemons need overrides for all the address class parameters (see ADDRESS_CLASS_README.html). Depending on what you do in the cleanup daemon, this smtpd entry may also need overrides for cleanup_service to direct requests to its own cleanup daemon. And depending on what you do in the queue manager, this cleanup entry may need a queue_directory and queue_service_name overrides to direct requests to its own queue manager with its own queue. If you want to bounce mail with the right MTA personality, then everything including delivery agents needs overrides for bounce_service, defer_service, and trace_service, and those need overrides to present the right MTA personality. In that case, it's clearly a win to go multi-instance. In this case, I'm only asking what overrides are necessary to make a smtpd service report relay denied for both external domains as usual as well as domains that are handled on the same machine by a different smtpd service. I don't think that task should require so much work? For correct user unknown error messages both smtpd(8) and trivial-rewrite(8) need to agree on the list of valid domains and on the list of valid recipients. For correct relay access denied error messages, both smtpd(8) and trivial-rewrite(8) need to agree on the list of valid domains. Therefore, the smtpd entry needs a rewrite_service override and both smtpd and trivial-rewrite need overrides for all the address class parameters (see ADDRESS_CLASS_README.html). Wietse
Re: Possible to override recipient maps for a service in master.cf?
On Tue, Aug 14, 2012 at 1:43 PM, Wietse Venema wie...@porcupine.org wrote: Ori Bani: [ Charset ISO-8859-1 unsupported, converting... ] On Tue, Aug 14, 2012 at 12:33 PM, Wietse Venema wie...@porcupine.org wrote: Ori Bani: On Tue, Aug 14, 2012 at 5:27 AM, Noel Jones njo...@megan.vbhcs.org wrote: On 8/14/2012 5:14 AM, Ori Bani wrote: I'm curious, if you have a smtpd service in master.cf that listens on an IP address, if it would be possible to restrict the recipient maps just to the recipients in the domain associated with that IP address (there are other smtpd services/domains/IP addresses on the same postfix instance). An excellent application for multiple instances. Or can I override in master.cf with the right combination of settings? Possible, but for multiple personalities it will become an If possible, would someone kindly explain what overrides are needed to achieve this so I can gague the complexity I am willing to handle? It would be greatly appreciated. The smtpd entry needs a rewrite_service_name override that directs queries to its own trivial-rewrite daemon. These smtpd and trivial-rewrite daemons need overrides for all the address class parameters (see ADDRESS_CLASS_README.html). Depending on what you do in the cleanup daemon, this smtpd entry may also need overrides for cleanup_service to direct requests to its own cleanup daemon. And depending on what you do in the queue manager, this cleanup entry may need a queue_directory and queue_service_name overrides to direct requests to its own queue manager with its own queue. If you want to bounce mail with the right MTA personality, then everything including delivery agents needs overrides for bounce_service, defer_service, and trace_service, and those need overrides to present the right MTA personality. In that case, it's clearly a win to go multi-instance. In this case, I'm only asking what overrides are necessary to make a smtpd service report relay denied for both external domains as usual as well as domains that are handled on the same machine by a different smtpd service. I don't think that task should require so much work? For correct user unknown error messages both smtpd(8) and trivial-rewrite(8) need to agree on the list of valid domains and on the list of valid recipients. For correct relay access denied error messages, both smtpd(8) and trivial-rewrite(8) need to agree on the list of valid domains. Therefore, the smtpd entry needs a rewrite_service override and both smtpd and trivial-rewrite need overrides for all the address class parameters (see ADDRESS_CLASS_README.html). I see. Now it's clear. I appreciate the support.