Thank you Noel for this clarification. I tested and you are right - I
had not realized it from the documentation: virtual_alias_maps are
always evaluated first, regardless what are the hosted domains on the
server! So, if we put userx in virtual_alias_maps, this will match to
us...@all.domains, even to domains not hosted in our server.
The solution, of course, in my case, is to use a fully qualified alias
(i.e. including the domain specification) in virtual_alias_maps: If we
use us...@domain.com, we will allow us...@a.domain.com to be forwarded
correctly, because it will not be matched by a virtual alias. (I tested
and it works.)
But, let me ask one more question: *Ιs there a way to define alias maps
(where we can define aliases without domain specification) which affect
ONLY virtual_mailbox_domains? **Alternatively, is it allowed to use an
entry like us...@$virtual_mailbox_domains (or similar) in
virtual_alias_maps?*
*
*This would allow easier configuration in cases where we host multiple
domains (on the Postfix server) and we would want one alias to catch
userx for all these hosted domains (and only these).
Thanks again,
Nick
On 29/7/2010 6:24 μμ, Noel Jones wrote:
On 7/29/2010 8:07 AM, Nikolaos Milas wrote:
Hello,
I have been setting up a new mail server for our organization
which has different mailservers, one for each subdomain. The
new server, will take over the whole organization using LDAP
and Postfix/Dovecot and things up to now are looking (almost)
nice.
However, I have this problem:
Currently, I have activated the new mailserver (by configuring
our incoming mail gateway which filters for spam/viruses) to
receive mail ONLY for the base domain: *domain.com* AND *NOT
*for the subdomains *a.domain.com, b.domain.com* (but we are
planning to gradually migrate all of the subdomains too, by
simply adding the subdomains to virtual_mailbox_domains
directive and configuring our mail gateway - which is our MX
for the mail domain and all subdomains - to deliver to the new
server rather that to the current mail servers of the
subdomains). But, although I have tried hard and read many
articles, _*I cannot stop Postfix in the new server from
receiving email for the subdomains*_ as well. Of course the
problem occurs *when the mail is leaving from the new
domain.com mail server * - otherwise, when email comes from
our only point of entrance (our antispam-antivirus gateway),
emails reach the correct subdomain servers without problems
(which is natural).
I have even set the "/parent_domain_matches_subdomains =/"
directive to an empty value to avoid receiving for subdomains,
but it didn't solve the issue.
I have come to the conclusion that the problem is caused by
aliases. So, for example, I have defined in LDAP alias tables
(ldap-aliases.cf), that userx (matched by %u) should be
translated to uid userx (found by ldap-users.cf) whose mail is
both: us...@domain.com AND us...@a.domain.com (this has been
done in anticipation of subdomain consolidation to the same
server, where both email addresses will work in parallel and
lead to the same mailbox). So, when I send mail to
us...@a.domain.com, this is matched in aliases tables with
userx which in turn is then matched to us...@domain.com (I can
see in the logs: "to=<us...@domain.com>,
*orig_to*=<us...@a.domain.com>, relay=virtual") and is
delivered locally. Instead, *Postfix Server should have
understood from the very beginning that it is not responsible
for a.domain.com* and should have relayed the email to the MX
of *a.subdomain.com* (whatever it is), *without any processing
whatsoever *(that is, before alias or other processing).
As documented, virtual_alias_maps applies to all mail. If you don't
want to process some virtual aliases, don't put them in your table.
-- Noel Jones
