George Vilches a écrit : > > Okay, I've updated my example to consider this, although the outcome is > the same. > > cat /etc/postfix/virtual.cf: > ---- > [EMAIL PROTECTED] [EMAIL PROTECTED] > [EMAIL PROTECTED] [EMAIL PROTECTED] > [EMAIL PROTECTED] [EMAIL PROTECTED] > [EMAIL PROTECTED] [EMAIL PROTECTED] > > cat transport.cf: > ---- > example.net relay:[www.xxx.yyy.23] > example.org relay:[www.xxx.yyy.23] > > cat relay_recipients.cf: > ---- > [EMAIL PROTECTED] ok > [EMAIL PROTECTED] ok > > And the relevant lines from main.cf: > ---- > relay_domains = example.org, example.net, example.info > relay_recipient_maps = hash:/etc/postfix/hashmaps/relay_recipients.cf > transport_maps = hash:/etc/postfix/hashmaps/transport.cf > virtual_alias_maps = hash:/etc/postfix/hashmaps/virtual.cf > > So the example has been clarified to indicate users that are > "legitimate". This means that messages to them should be forwarded on > to the spam gateway. Everyone else should be bounced. There is *no* > local delivery on this box. > > The legitimate users are [EMAIL PROTECTED] and [EMAIL PROTECTED] > [EMAIL PROTECTED] is a forward to an address that is in the list of valid > virtual users on our local servers, and [EMAIL PROTECTED] is a forward to > an address that is not in the list of valid virtual users on our local > servers. > >> Sounds as if you need to decide what address class your domain belongs >> to. Please see: >> http://www.postfix.org/ADDRESS_CLASS_README.html > > I reviewed all the entries from both your e-mail and Victor Duchovni's, > and I haven't found any description that quite covers my case entirely. > I can't find an explanation of what happens to a message that gets > virtual aliased and *then* relayed.
virtual aliases are expanded. routing happens later. > > [EMAIL PROTECTED] = relays internally, fine > [EMAIL PROTECTED] = relays internally, fine > [EMAIL PROTECTED] = relays internally, fine (to [EMAIL PROTECTED], as > expected) > [EMAIL PROTECTED] = Fails, and does so right in the SMTP session: 550 > 5.1.1 <[EMAIL PROTECTED]>: Recipient address rejected: User unknown in > relay recipient table > > So far, so good. Now, we try: > > [EMAIL PROTECTED] = relays internally like the others above. > > How can I prevent this from happening? [EMAIL PROTECTED]/org does not > have a valid virtual resolution, and does not exist in > relay_recipient_maps, and yet it's still happily forwarding along > internally. but you have a mapping for joe in your virtual: [EMAIL PROTECTED] [EMAIL PROTECTED] so [EMAIL PROTECTED] is accepted. > > I only want legitimate users to forward, and the one place I thought I > might be able to filter the list down, relay_recipient_maps, isn't doing > anything to stop him, even though I have a user from each domain listed, > which from what I read in the Postfix docs means it's inclusive, and > only should allow those users to relay, and everyone else gets a bounce. addresses found in virtual_alias_maps are accepted during the smtp transaction. they may result in a later bounce if they cannot be delivered.
