Wednesday, January 12, 2022, 11:53:39 AM, Viktor Dukhovni wrote: > On Wed, Jan 12, 2022 at 11:09:02AM +1100, Phil Biggs wrote:
>> Here's what I have so far. >> >> main.cf includes: >> >> # Route inbound for valid recipients to dovecot >> virtual_transport = lmtp:unix:/var/spool/postfix/private/dovecot-lmtp >> virtual_mailbox_maps = hash:/usr/local/etc/postfix/vmailbox > Note that with delivery via LMTP, virtual_mailbox_maps (vmailbox) is > used only for recipient validation, and has no effect on delivery. Yes, I did have the content of two files mixed up. Apologies for that. So, this should have read: main.cf includes: # Route inbound for valid recipients to dovecot virtual_transport = lmtp:unix:/var/spool/postfix/private/dovecot-lmtp virtual_mailbox_domains = pjb.cc virtual_mailbox_maps = hash:/usr/local/etc/postfix/vmailbox virtual_alias_maps = hash:/usr/local/etc/postfix/virtual lmtp_use_tls = no vmailbox contains: @pjb.cc all virtual contains: mb170...@pjb.cc ml-postfix-users # +LOTS of others The Dovecot users file includes: ml-postfix-us...@pjb.cc:,<passwordstuff>:10043:10000: >> virtual_mailbox_domains = pjb.cc >> virtual_alias_maps = hash:/usr/local/etc/postfix/virtual >> >> virtual contains: >> @pjb.cc all > This is a wildcard mapping (not recommended, an explicit list of > individual addresses would be far better). It rewrites every input > address to <all@$myorigin>. Not clear whether that's what you want. No, not what I'm looking for. What I am aiming for is to have the input address rewritten from mb170...@pjb.cc to ml-postfix-us...@pjb.cc before being passed to Dovecot, which would store it in a mailbox matching that rewritten name and which, in turn, matches the MUA's user login. > This suffices for recipient validation which accepts mail for addresses > that either match virtual_alias_maps or virtual_mailbox_maps. So you > don't need virtual_mailbox_maps at all: Ah, I didn't get that from the readme. So, I should get rid of: virtual_mailbox_maps = hash:/usr/local/etc/postfix/vmailbox and let virtual_alias_maps take care of the recipient verification and rewriting. >> vmailbox contains: >> mb170...@pjb.cc ml-postfix-users >> # +LOTS of others > This should probably have been in "virtual" instead, and vice versa. >> The Dovecot users file includes: >> ml-postfix-us...@pjb.cc:,<passwordstuff>:10043:10000: > Which isn't "all". Seems you got the virtual mailbox and virtual alias > files confused, or are misreporting their contents. In some ways I regret going down this path originally but it has helped me identify leaky/compromised sites on at least three occasions over the years. -- Thanks, Phil
