On Thu, Jun 28, 2012 at 09:58:08AM -0500, /dev/rob0 wrote: > On Thu, Jun 28, 2012 at 07:00:18AM -0400, James B. Byrne wrote: > > On Thu, June 28, 2012 06:36, James B. Byrne wrote: > > > Perhaps this would be clearer to me if you would be so kind as > > > to give me the canonical use cases for virtual_aliases and for > > > virtual_domains > > > > This should read "virtual_mailbox_domains" > > Likewise there is no "virtual_aliases" setting. > > I don't think there is anything better than the Address Class README > to answer that question. You have, as admin, choices to make. Right > and wrong choices are not really possible, but there are better and > worse choices depending upon your situation. > > Virtual(5) aliasing of addresses to virtual(8) mailboxes introduces > another layer of complexity without benefit. Aforementioned README > recommends using virtual_alias_domains for final delivery to system > accounts, using local(8). > > What this does is to correct the shortcoming of $mydestination, > whereby all system users and aliases(5) exist in all $mydestination > domains. Sometimes (often) sites will want namespace separation, so > that b...@example.com is not necessarily the same as b...@example.net. > > The choice of local(8) vs. virtual(8) mailbox delivery is not as > simple as it may seem. Each choice tends to present different > security issues for a site. It might help to understand that the > virtual delivery agent began as a clone of local with some of the > features removed. > > Therefore, virtual(5) aliasing gives you the namespace separation > while retaining the features removed from the virtual(8) delivery > agent. Users can maintain .forward files, deliver mail to commands, > et c. > > > > insofar as Postfix considers them. Why is the latter superior > > > to the former in my situation? > > I can't speak for Noel and his reasoning in recommending it (but I > can echo his comments about peer review on the list.) In my view, > virtual mailboxes can be easier to implement in situations with > external delivery agents. > > Not having closely followed the whole thread, I hope I have not > confused matters further, but I thought I saw something about Cyrus > IMAP upthread? That's an external (non-Postfix) delivery agent.
One item to keep in mind is that if you use the local(8) for mailbox delivery, you cannot use the Cyrus single-instance store functionality where a message sent to multiple recipients is only stored once on the filesystem. The local agent has a maximum delivery concurrancy of 1. Regards, Ken
