On 17-Apr-2009, at 05:00, Barney Desmond wrote:
2009/4/17 LuKreme <krem...@kreme.com>:
What I want to do is to have users
on the LAN send emails to other users on the LAN (u...@example.local) and have those email addresses mapped to specific addresses on the remote server
(f...@example.com, served by mail.example.com).

I do not want the users to be able to send mail via example.local to any other users but those that I have mapped, and I do not want to accept any mail from outside the LAN for u...@example.local, but might want accept mail for local users if they are sent to the outward facing rdns for the machine
(say u...@subdomain.example.com).

Would hosting example.local as a virtual alias domain do the job?

Probably. At least insofar as mapping the local recipients to remote addresses, but that is only part of the setup.

Assuming no other configuration, postfix will accept mail locally for
$mydestination, and for virtual_alias_domains. Then just list the
acceptable recipients in virtual_alias_maps.

These requirements of "may/may-not send to arbitrary-domain.com
depending on the connecting interface" sound troublesome, but I'm sure
someone here has a solution.

Well, that's not quite it. The issue is not simply that I don't want SMTP connections out of this LAN to servers other than the mail.example.com server (that is dealt with with relayhost, iirc) but that no outbound mail should be accepted unless it's in the map for delivery at mail.example.com. That is, mail originating inside the LAN to arbitrary-domain.tld would always be rejected. Of course, this only applies for messages that are sent via the example.local postfix instance. Messages sent directly to mail.example.com would not be affected. All I am concerned with here is making sure that the example.local server will never connect to any other mailserver but mail.example.com and that it will only do so for the specific addresses in its map.

Mail from outside that is addressed to 'u...@example.local' should be rejected, but mail addressed to 'u...@subdomain.example.com' ... well, that one is not crucial at all, so let's ignore that for now.

Let's just say that this postfix should not accept any mail from remote servers or clients, only from connections that come from inside the LAN, and only if they are to AND FROM users in the maps.

{ From u...@example.local, RCPT-TO ot...@example.local } -> OSX w/ postfix -> mail.example.com

would be the ONLY acceptable path for a mail message and all messages FROM and TO @example.local would terminate at mail.example.com.

I fear that in explaining I'v over-explained and confused the issue.

--
Eyes the shady night has shut/Cannot see the record cut And silence
        sounds no worse than cheers/After earth has stopped the ears.

Reply via email to