Nikita Kipriyanov wrote: > We run a mail server with virtual domains (mainly there are mailbox > domains). > > For a certain things same aliases needed in the each and every virtual > domain in the system. For example, all these domains maintained by same > people, so it is good thing to have each domain's postmaster mapped to > the same internal distribution list. There are also other common aliases. > > To simplify things, I added a regexp table > (/etc/postfix/virtual_alias_maps-special): > > /^postmaster@/ postmaster > > This table is referenced in the main.cf this way: > virtual_alias_maps = regexp:/etc/postfix/virtual_alias_maps-special > mysql:/etc/postfix/virtual_alias_maps.cf > > There is no address rewriting, masqerading and other things that change > destination or source address. We're using only local aliases and > virtual aliases. There is also no per-recipient transports and > relayhost, any mail is delivered directly to recipient's MX servers. > > The local alias table redirects postmaster's mail further. > > Of course, this catches all mail for each domain's postmaster. But, now > I'm not able to send any mail to any external postmaster > (postmas...@some.domain, some.domain isn't a virtual, relay or canonical > domain) with this server. If I try to send mail, for example, to > postmas...@postfix.org, it's getting catched and delivered to my > postmaster list. > Still, if I try to deliver mail to postmas...@postfix.org through this > server from external systems without SMTP authentication, it rejects > with "Relay access denied".
Good, this means your server is not an open relay. > Why Postfix behaves like this? How to catch only 'incoming' mail, and to > send it away it if recipiend domain isn't listed in the virtual, local, > and relay domain tables? Because, as documented, virtual(5) mapping can be applied to non-local addresses. Your problem is somewhat of a FAQ; search the archives for proposed workarounds. -- Sahil Tandon <sa...@tandon.net>
