On Sun, Mar 17, 2024 at 3:40 PM Viktor Dukhovni via Postfix-users <postfix-users@postfix.org> wrote:
> > Question 1: Am I correct that all (or most) of this be done with a > > virtual_alias_maps table (i.e. hash:/usr/local/etc/postfix/virtual)? > > If not, then: HOW? > > Most of what? You need to be specific, it's been some decades since > many of us have looked at Sendmail. Much depends on what sort of > mappings you're looking to emulate. "most of what" is in the text I included below my questions. I thought that would have been very clear. That's why I included both comments/queries and examples. > For 1-to-many recipient rewrites, the best vehicle is indeed virtual(5), > but if you also use local aliases(5), and $myorigin is listed in > $mydestination, then you need to be sure that any RHS recipients in > in aliases(5) that require virtual(5) rewriting are qualified with > a domain that is not listed in $mydestination. Otherwise, local(8) > will deliver these directly, despite any virtual(5) overrides. > > My general advice is to use aliases(5) very sparingly, just for lists > that require an "owner-" or ":include:" lists. All other rewrites > should be via virtual(5), and perhaps even keep $mydestination empty! It'll take several re-readings to fully understand your above two paragraphs. After only 3-5 re-readings, the first paragraph is just opaque to me. Are you saying that if I want "username1" at my local domain to be delivered to "user2" at my local domain, that that should be in the virtual table and not in aliases? That's a 1-to-1 rewrite, not a 1-to-many. I had thought that 1-to-many (e.g. email address "adiscussion" to be send to user a, user b, & user c) would be done in alises. But you're saying that 1-to-many should be done in virtual, but that "lists" would be in aliases. That's very very confusing to me as simple lists (without a listserver) would've seemed to be done via aliases. > Add "local.invalid local" to the transport(5) table, and rewrite > anything that needs local(8) delivery to mailbox@local.invalid. I honestly re-read the above sentence several times and have no clue what it means nor why to do it. "local.invalid" is not something I've come across. In my reading previously, I had not come across "the transport(5) table" so, again, that'll take a while to understand. > > Question set 2: Here's an excerpt (sanitized) of my "virtusertable". > > Does this just go into my hash:/usr/local/etc/postfix/virtual as-is? > > or what? > > The syntax of virtual(5) is documented in that manpage. There is NOTHING in there that I could find about how to say "user@somehosted.domain is to be rejected". Since that's what I've got in my sample "virtusertable" and in my comments, that is a specific need that I could not locate in postfix documentation of how to do it. e.g. searching for the word "reject" or "error" is postfix.org is not helpful. Hence this query email. Once again, I thought that my situation and query was quite clear. > > > Am I correct that this table needs to have all specific user > > entries for a domain appear before the "@domain" entry for all other > > users at that domain? > > Entry order does not matter for source files of indexed tables (hash, > btree, cdb). > > > # should this be an alias? (I don't recall how/why/when it ended up in > > my virtusertable) > > auser@mylocal.domain anotheruser@mylocal.domain > > This is a fine entry for virtual(5) aliases. > > > # do all of the other entries just go into > > hash:/usr/local/etc/postfix/virtual ??? > > Well, they go into the source file, the "postmap" command then > builds the hash table. See postmap(1) for details yes, of course! I was listing it as "hash:/usr/local/etc/postfix/virtual" to try to indicate (a) I understood I have to postmap it after changing the file and (b) which file I need to edit. > > # just wanting to block email to a local user > > user1@mylocal.domain error:nouser 550 No such user here now or > > ever > > This is not a rewrite, and so goes into the transport(5) table (also > see error(8)). It was not at all clear that "virtual" is used to rewrite only. And as I said, there wasn't any clear "pointer" (i.e. no clue) of how in postfix to designate some email address to be rejected. > user1@mylocal.domain error:5.1.1 No such user here now or ever > > and/or an acess(5) table referenced in your recipient restrictions: > > user1@mylocal.domain REJECT 5.1.1 ... > > > # send all other email of mylocal.domain to a specific user here > > @mylocal.domain another2user@mylocal.domain > > Wildcard rewrites are supported, but strongly discouraged. I definitely need to use wildcards for some domains so that email addresses can be created at will without prior knowledge / editing of postfix files. > > # block all email to a specific user at a hosted domain > > user2@hosted1.domain error:nouser 550 Getting too much spam > > See above. > > > # send all email to a specific user at a hosted domain to a user at > > the local domain > > user3@hosted1.domain someuser@mylocal.domain > > Fine, the domin is irrelevant. Ahhhhh. finally, a single very clear and definitive answer. Thank you! > > # block all other email of a hosted domain > > @hosted1.domain error:nouser 550 Getting too much > > spam userid changed > > See above, but transport and access(5) table entries don't use a leading > "@". My "comment" above from my virtusertable is: block all other email of a hosted domain, so again I thought that my query of what I wanted to do but did not know how to do it was clear... If I have many lines in virtual mapping several email addresses for a hosted domain, then is it automatic that every other email address (not listed there) will be rejected? I thought that my comment above made it clear that that was what I was wanting to do and thus asking "how do I do it". > > # send all email for a hosted domain to some other email somewhere > > @somehosted3.domain someuser@someother.domain > > See above. Overall, read (and if unclear ask) about the functionality > and syntax of various Postfix features, rather than whether some random > Sendmail syntax does or does not translate directly to virtual(5). Honestly, when I wrote "send all email for a hosted domain to some other email somewhere", isn't that a clear question of "how do I do this"? I started this email with "I don't know how to do these things, but I've looked and looked and couldn't find how to do them". > Once you what virtual(5) does (rewrite an input envelope recipient > address to one or more recipient addresses), your questions are > answered. Similar advice for transport(5), (various) access(5), ... > tables. Is it roughly accurate to say that the LHS of a virtual entry will be rewritten to be the RHS of that virtual entry, AND THEN transport or access will process the rewritten recipient? Glenn _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org
