On Nov 9, 2023, at 4:25 PM, Viktor Dukhovni via Postfix-users
<postfix-users@postfix.org> wrote:
>
> On Thu, Nov 09, 2023 at 03:27:22PM -0500, Shaun Erickson via Postfix-users
> wrote:
>
>> mailserver.fd.com:
>> Accepts all mail from our servers (including itself). If the mail is
>> destined for fd.com, it is – with the exception of ab...@fd.com,
>> postmas...@fd.com, and r...@fd.com – sent straight to /dev/null.
>
> Use discard(8) after redirecting exceptions via virtual(5) aliases.
>
>> Anything for ab...@fd.com, postmas...@fd.com, and r...@fd.com are
>> seemingly delivered locally on mailserver.fd.com. However, abuse and
>> postmaster are aliased to root, and root is aliased to my real-world
>> corporate email address.
>
> Just virtual(5) alias these.
>
>> Anything not destined for fd.com, including email destined for my
>> corporate address, is sent upstream to a real, legitimate, internal
>> mail relay: mailserver.company.com.
>
> client-access.cidr:
> # Accept mail from all client IPs, use more specific CIDR blocks
> # if possible.
> ::/0 permit
> 0.0.0.0/0 permit
>
> main.cf:
> # Upstream smarthost for deliverable mail.
> #
> relayhost = [mailserver.acme.example]
>
> # No local(8) delivery
> #
> alias_database =
> alias_maps =
> mydestination =
> local_recipient_maps =
> local_transport = error:5.1.2 Mailbox unavailable
>
> # Explicit internal domains.
> #
> relay_domains = fake.example, acme.example
>
> # Clients allowed to reach external domains.
> #
> smtpd_relay_restrictions = check_client_access
> # Inline CIDR syntax requires Postfix 3.7 or later
> #
> # cidr:{
> # { ::/0 permit },
> # { 0.0.0.0/0 permit }
> # }
> #
> cidr:${config_directory}/client-access.cidr
>
> # No recipient validation for either relay domain
> #
> relay_recipient_maps =
> inline:{
> { @fake.example = wildcard },
> { @acme.example = wildcard }
> }
>
> # Discard unaliased recipients in fake domain.
> #
> transport_maps =
> inline:{
> { fake.example = discard:silently }
> }
>
> # After aliasing the exceptions
> #
> virtual_alias_maps =
> inline:{
> { root@fake.example = me@acme.example },
> { postmaster@fake.example = root@fake.example },
> { abuse@fake.example = root@fake.example }
> }
>
> --
> Viktor.
> _______________________________________________
> Postfix-users mailing list -- postfix-users@postfix.org
> To unsubscribe send an email to postfix-users-le...@postfix.org
Thank you, Viktor (and apologies for mis-spelling your name, when I replied to
Wietse). I think I actually understand this solution.
-ste
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
