On 6/10/2010 12:06 PM, Chad Morland wrote:
On Thu, Jun 10, 2010 at 11:53 AM, Noel Jones <njo...@megan.vbhcs.org <mailto:njo...@megan.vbhcs.org>> wrote: On 6/10/2010 10:20 AM, Chad Morland wrote: I am trying to setup a server that will be only used for mail forwarding and will not have any local mailboxes on it. I am trying to have virtual_alias_maps as the sole lookup and any other mail is rejected during the SMTP session after the RCPT TO command if the address is not found in virtual_alias_maps. I have the following in my configuration which works: smtpd_reject_unlisted_recipient = yes virtual_alias_maps = proxy:mysql:/etc/postfix/mysql_virtual_alias_maps.cf <http://mysql_virtual_alias_maps.cf> <http://mysql_virtual_alias_maps.cf> virtual_alias_domains = proxy:mysql:/etc/postfix/mysql_virtual_domains_maps.cf <http://mysql_virtual_domains_maps.cf> <http://mysql_virtual_domains_maps.cf> I'd like to do away with virtual_alias_domains but when I disable this I get "relay denied". Is there a way to configure postfix so that it is the final destination only for addresses defined in virtual_alias_maps and not the entire domain as implied by virtual_alias_domains? You can use the "old" method of defining virtual_alias_domains by defining them directly in virtual_alias_maps. key value example.com <http://example.com> anything If your domain list doesn't change often, just list the domains in main.cf <http://main.cf>. If there are more than a handful of domains, use a static hash: table. http://www.postfix.org/postconf.5.html#virtual_alias_domains Thanks for the idea but it doesn't address my issue. I don't want to accept mail for the entire domain, just for specific addresses that are defined. Also, this system has thousands of domains and aliases which are updated frequently so I'm going to be sticking with the MySQL backend. My application is a DNS management system and my current DB schema has a table that lists all domains in the system (virtual_alias_domains) regardless if they have mail forwarding setup and another table that lists the alias info (virtual_alias_maps). I only want postfix to accept mail for addresses defined in virtual_alias_maps. My current setup (using virtual_alias_domains) will accept mail for the entire domain and generate a bounce message if the user does not exist. I want to stop that at the SMTP session level. Example: virtual_alias_maps = f...@abc.com <mailto:f...@abc.com> -> f...@xyz.com <mailto:f...@xyz.com> Accept mail for f...@abc.com <mailto:f...@abc.com> but reject mail at the SMTP level for b...@abc.com <mailto:b...@abc.com> (550 relay denied).
That is the default behavior; only mail for users listed in virtual_alias_maps is accepted.
You can defeat address validation with "@domain1 @domain2" wildcard rewriting in virtual or canonical maps, or by listing a domain in additional address classes.
Now would be a good time to show your "postconf -n" and logging demonstrating the problem.
-- Noel Jones
