Fabio Sangiovanni: > Hello list, > > I need to put a SMTP relay between Internet and my company's mx (which > stores inboxes), in order to do some processing. > Current situation is that the mx receives messages directly from the > Internet, without hops inbetween; on the mx, postfix is configured to > retrieve allowed recipients from a mysql database, in particular with > the following directives in main.cf: > > virtual_mailbox_domains = > proxy:mysql:/etc/postfix/mysql_virtual_domains_maps.cf > virtual_mailbox_maps = > proxy:mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf, > proxy:mysql:/etc/postfix/mysql_virtual_alias_domain_mailbox_maps.cf > > On the relay, I'm going to use a relay domain address class, with the > following directives: > > relay_domains = proxy:mysql:/etc/postfix/mysql_virtual_domains_maps.cf > relay_recipient_maps = > proxy:mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf, > proxy:mysql:/etc/postfix/mysql_virtual_alias_domain_mailbox_maps.cf > relay_transport = relay:[my.mx.ip]
One subtle difference is that for historical reasons relay_domains matches subdomains by default (i.e. example.com matches foo.example.com) while virtual_mailbox_domains does not. To avoid surprises you may want to set parent_domain_matches_subdomains explicitly, without "relay_domains". You could specify an empty value, or just "parent_domain_matches_subdomains = smtpd_access_maps". There are some tips in STANDARD_CONFIGURATION_README to ensure that Postfix does something reasonable with mail addressed to user@[gateway-ipaddress]. http://www.postfix.org/STANDARD_CONFIGURATION_README.html#firewall Wietse
