On Thu, Oct 27, 2022 at 09:24:09AM -0400, Wietse Venema wrote:
> > > Oct 27 10:58:55 backend1 postfix/local[3916674]: 9DE86186:
> > > to=<f...@ourdomain.com>, orig_to=<b...@gmail.com>, relay=local,
> > > delay=0.06, delays=0.01/0/0/0.05, dsn=2.0.0, status=sent
> > > (delivered to command: /usr/bin/procmail -a "$EXTENSION")
>
> Then you did not implement the virtual_alias_maps correctly. To
> repeat myself, this should return the external address or 'not
> found'.
In particular, the rewrite was backwards, from the external address to
the internal address, rather than the converse. The OP should also keep
in mind the virtual alias rewriting is recursive.
Examples of various LDAP rewriting scenarios can be found in:
https://www.postfix.org/LDAP_README.html
The technical details of all the available LDAP table features in:
https://www.postfix.org/ldap_table.5.html
Address rewriting in general is covered in:
https://www.postfix.org/ADDRESS_REWRITING_README.html
Finally, it is worth noting that with SPF, DMARC, ... it is increasingly
impractical to naively rewritie and forward inbound mail out to an
external recipient: the remote server will often reject the message as
unauthorised misuse of either the envelope sender or RFC2822.From
domain.
It the forwarding is not *essential*, it is best to simply not do it.
Otherwise, the OP will need to replace the envelope sender with a local
address, e.g. via an "owner-" alias:
https://www.postfix.org/aliases.5.html
which requires routing the original recipient to the local(8) delivery
agent, and doing the mapping in aliases(5) with a suitable "owner"
alias, just virtual(5) rewrites are no longer suitable for forwarding
incoming mail to external users.
--
Viktor.
