Hi Viktor,
On Sun, 5 May 2019, Viktor Dukhovni wrote:
On Mon, May 06, 2019 at 02:38:15AM +0200, Andreas Thienemann wrote:
I currently have a mailserver that serves as final destination for a
domain, say example.com which is configured as mydestination.
This works, but I generally prefer to not put any "real" domains
in mydestination, with addresses only getting resolved to local(8)
delivery via virtual(5) aliases to a domain like "localhost", which
would then be the only one listed in mydestination. The "real"
domains are then always virtual alias, virtual mailbox or relay
domains.
Hmm. As I wrote, that option occured to me too. I'd need to have a look to
ensure that I am not missing some users somewhere but that should be the
case already.
After all, I already have an entry for local_recipient_maps and I do have
an reject_unlisted_recipient entry in smtpd_recipient_restrictions item...
I have users on that domain (u...@example.com) which are getting mail
delivered via lmtp configured under mailbox_transport to a dovecot server.
If you're not using /etc/aliases or .forward files in any substantive
way, you could switch to a virtual mailbox domain.
No .forward files at all. Users do not have local accounts on the machine
anymore, except uucp users of course...
I do use /etc/aliases (and another alias list) for a few mailman redirects
plus a handful of pipe deliveries and some minor redirects...
On reading the documentation and observing the logs I am not sure if the
virtual_alias_domains entry is actually needed
It is needed, in order to authorize incoming mail to that domain
from strangers.
To paraphrase my understanding than:
If a domain is not listed in any other class, it needs to be listed in
virtual_alias_domains. virtual_alias_maps rewrites are being applied to
incoming mail regardless of the class however.
Would that be an accurate description?
Now I am trying to set up postfix but there are two warnings which give me
pause:
NEVER list a virtual MAILBOX domain name as a mydestination domain!
NEVER list a virtual MAILBOX domain name as a virtual ALIAS domain!
For each domain, choose just one address class.
Understood.
The way I seem to understand the setup, in order for the
virtual_mailbox_maps to be consulted, the domain needs to be marked as a
virtual_mailbox_domain first.
My virtual mailbox domain is "virtual.invalid", users are rewitten
into that domain as needed. My "real" domains are all "virtual alias"
domains.
main.cf:
append_dot_mydomain = yes
mydestination = localhost.$mydomain
virtual_mailbox_domains = virtual.invalid
virtual_alias_domains = example.com, example.net, example.org
indexed = ${default_database_type}:${config_directory}/
virtual_alias_maps = ${indexed}virtual
virtual:
u...@example.com user@localhost
u...@example.net user@virtual.invalid
u...@example.org ... take your pick ...
Hmm. I see. Interesting use of the indexed parameter. Saves you some
typing I guess. :-)
I was hoping to get away from the rewrites. Especially as I'd like people
to be able to login to the imap server with their email-address, e.g.
u...@example.org. That prevents a lot of confusion on the user side...
.invalid would probably make things weird...
Would the following logic work?
If a domain has at least one virtual_mailbox user, add it to the
virtual_mailbox_domains list and remove it from virtual_alias_domains or
relay_domains.
Add all virtual_mailbox users under the mydestinations domain to the
local_recipient_maps for now.
In that setup transport_maps would still be consulted, right?
Long-term, I would probably look into moving from local to virtual_mailbox
for the main domain currently listed in mydestinations.
Thanks for the pointers. They are very useful, but I am not sure about
the... final path yet. :D
cheers,
Andreas
