On 24/01/2021 16:08, Wietse Venema wrote:
> Jeff Abrahamson:
>> I've a domain (mobilitains.fr) with mail mostly configured.? I've also
>> registered mobilitain.fr (without the "s") to catch misspellings.? This
>> is easy for https, but I don't see how to get it working with postfix
>> (aside from manually mapping each user in /etc/postfix/virtual).
> If the users are in /etc/passwd, it is sufficient to add the domain
> to main.cf:mydestination. If your users are defined in a different
> way, some Postfix details are needed.
Virtual users, not system. Sorry, forgot to paste config:
[T] jeff@nantes-m1:log $ postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
compatibility_level = 2
default_destination_concurrency_limit = 5
disable_vrfy_command = yes
dovecot_destination_recipient_limit = 1
home_mailbox = Maildir/
inet_interfaces = all
inet_protocols = all
mailbox_command = /usr/lib/dovecot/deliver -c
/etc/dovecot/dovecot.conf -m "${EXTENSION}"
mailbox_size_limit = 0
message_size_limit = 52428800
milter_default_action = accept
milter_mail_macros = "i {mail_addr} {client_addr} {client_name}
{auth_type} {auth_authen}"
milter_protocol = 6
mydestination = $myhostname, localhost.localdomain, localhost
mydomain = p27.eu
myhostname = nantes-m1.p27.eu
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
non_smtpd_milters = $smtpd_milters
readme_directory = no
recipient_delimiter = +
relay_destination_concurrency_limit = 1
relayhost =
smtp_tls_CApath = /etc/ssl/certs
smtp_tls_exclude_ciphers = RC4, aNULL
smtp_tls_note_starttls_offer = yes
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_helo_required = yes
smtpd_helo_restrictions = reject_non_fqdn_helo_hostname,
reject_invalid_helo_hostname, reject_unknown_helo_hostname, permit
smtpd_milters = inet:127.0.0.1:8891
smtpd_recipient_restrictions =
reject_unknown_client_hostname,reject_unknown_sender_domain,reject_unknown_recipient_domain,permit_mynetworks,permit_sasl_authenticated,reject_unauth_destination,reject_invalid_hostname,reject_non_fqdn_sender
smtpd_relay_restrictions = permit_mynetworks
permit_sasl_authenticated defer_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain =
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = reject_unknown_sender_domain,
reject_sender_login_mismatch
smtpd_tls_CAfile = /etc/ssl/certs/ca-certificates.crt
smtpd_tls_ask_ccert = yes
smtpd_tls_auth_only = yes
smtpd_tls_cert_file =
/etc/letsencrypt/live/nantes-m1.p27.eu/fullchain.pem
smtpd_tls_ciphers = high
smtpd_tls_exclude_ciphers = RC4, aNULL
smtpd_tls_key_file = /etc/letsencrypt/live/nantes-m1.p27.eu/privkey.pem
smtpd_tls_loglevel = 1
smtpd_tls_mandatory_ciphers = high
smtpd_tls_mandatory_protocols = SSLv3, TLSv1
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
virtual_alias_domains =
virtual_alias_maps = hash:/etc/postfix/virtual
virtual_mailbox_domains = hash:/etc/postfix/virtual-mailbox-domains
virtual_mailbox_maps = hash:/etc/postfix/virtual-mailbox-users
virtual_transport = dovecot
[T] jeff@nantes-m1:log $
--
Jeff Abrahamson
+33 6 24 40 01 57
+44 7920 594 255
http://p27.eu/jeff/
http://transport-nantes.com/
