On 02/29/2012 04:38 AM, Viktor Dukhovni wrote:
On Tue, Feb 28, 2012 at 04:33:45PM +0100, Jef Driesen wrote:
With some help from a dyndns account, I can even access my imap
server from outside my network. This works great, except that I
can't send mails from outside my network. Therefore, I would like
to setup an smtp server that simply forwards all mail to my ISP.
Indeed a submission server as you confirmed in a later message.
I should have mentioned that in my original post.
The first and main obstacle I encounter is the fact that I don't
have a real domain name. I know I can configure some fantasy name:
You don't need a "domain name", specifically you don't need a domain
with MX records, ... You clearly need a DNS entry for your server,
which you in any case already have for IMAP so you're done.
myhostname = barracuda.home.lan
mydomain = home.lan
myorigin = $mydomain
mynetworks = 127.0.0.0/8 192.168.0.0/24
mydestination = $myhostname localhost.$mydomain localhost $mydomain
relayhost = [smtp.isp.tld]
Fine. Your users should never see any addresses in in the "home.lan"
domain, they will continue to configure their mail clients to use
only the public external addresses even for mail sent locally between
them. All you need is a virtual_alias_maps (virtual(5)) table that
maps these addresses (envelope recipient only) to the corresponding
local mailboxes. No smtp_generic_maps, ... required.
virtual:
u...@isp.example.net user@localhost
...
This way mail from your users needs no rewriting, but mail to your
users is delivered locally (if delivery is via local(8), otherwise
change the address class of the rewrite domain to virtual mailbox
if that's better).
Thus the only purpose of this virtual table is to make sure that mail for local
users is delivered straight to the local mailbox, without having to go through
the relayhost and the isp mailbox. So it's basically taking a shortcut, right?
Even without this table everything should work fine.
But I wonder if it's possible to setup postfix without a domain
name at all. For all other purposes (ssh, etc), I'm just using the
non-fqdn hostnames (e.g. user@machine), and that works perfectly.
You must specify "mydomain" and more importantly "myorigin", but
this need not belong to any of the address classes that imply any
special handling.
You need only worry about "myorigin" to the extent that you mail
submitted locally via sendmail(1) to (often from cron(8)) to be
delivered somewhere, this too can be accomplished with suitable
lookup keys (bare users if you wish) in virtual(5), provided
such mail is never sent out.
With my settings listed above, or even by just setting "myorigin=localhost",
such mail should already be handled fine, isn't it?
You can use canonical_maps to fix sender addresses in any mail that
is sent via sendmail and is destined outside your domain, so for
such users you'll have:
canonical:
bare-user external-addr...@isp.example.net
virtual:
external-addr...@isp.example.net bare-user
Is it possible to just refuse to relay outgoing mail with a bogus sender
address, rather than trying to map it to a valid address?
The reason why I'm asking is very simple. If possible, I want to avoid having to
maintain the canonical and virtual maps. Right now my users only need a valid
account (e.g. username and password) on my mailserver. That's all that is
required to access their mailbox over imap, and deliver mail retrieved from the
isp mailboxes with fetchmail. Their real email address is entirely their own
responsability. They can easily change it, use more than one, etc without having
to adjust any server configuration file at all.
Jef
