Deliver to non-local users from domain.
Hello list, I have one domain , with several users in it. Most of them , will be migrated to a exchange server, which will later be the mx record for that domain. The exchange server will redirect emails for users not in his database to the postfix/cyrus server i run. The problem is, when someone tries to send an email from postfix/cyrus user to a user on the same domain that is hosted on the exchange. I know i can create local boxes, and setup up transport maps for each of those boxes. What i am wondering is - is there any way that i can tell postfix to relay mail for a domain he owns if no local user exists ? Thanks. -- Nikolai K. Bochev System Administrator
Aliases LDAP maps from the MX ?
Hello I would like to use LDAP ( OpenLDAP ) aliases from our MX server in order to forward emails to the internal mailhub. The MX use the transport utility to forward emails to the mailhub and does not perform local deliveries. Thanks for any infos <>
Re: Aliases LDAP maps from the MX ?
On Oct 8, 2010, at 8:11 AM, Frank Bonnet wrote: > Hello > > I would like to use LDAP ( OpenLDAP ) aliases from our MX server > in order to forward emails to the internal mailhub. > > The MX use the transport utility to forward emails to the mailhub > and does not perform local deliveries. > > Thanks for any infos use ldap lookup for local user local_recipient_maps = ldap:/etc/postfix/ldaplocal $alias_maps #etc/postfix/ldaplocal server_host = 127.0.0.1 search_base = dc=my,dc=ldap,dc=server,dc=com query_filter = (mail=%s) result_attribute = mail #result_filter = uid bind = no
Re: Aliases LDAP maps from the MX ?
Frank Bonnet: > Hello > > I would like to use LDAP ( OpenLDAP ) aliases from our MX server > in order to forward emails to the internal mailhub. > > The MX use the transport utility to forward emails to the mailhub > and does not perform local deliveries. In that case you should be able to replace this: /etc/postfix/main.cf: transport_maps = mapping from example.com to smtp:mailhub.example.com relay_domains = example.com relay_recipient_maps = list of "good" recipie...@example.com with: /etc/postfix/main.cf: transport_maps = mapping from example.com to smtp:mailhub.example.com relay_domains = example.com virtual_alias_maps = mappings from external-u...@example.com to internal-user(s)@example.com Unless I am missing something obvious (in which case Victor will helpfully point out what's missing). Wietse
Re: Trouble With Transport
Thank you for the reply. I'm debugging information to see what might be happening, the problem is that it takes to happen, and I look in the logs of the destination transport by ID EF7011757C3 and nothing is found. I will increase the debug on destination server to see what might be happening. Best Regards Em 07/10/2010 10:54, Wietse Venema escreveu: Rafael Andrade: Oct 6 10:33:48 mta01 postfix/smtp[2182]: CD4BD249BA: to=, relay=189.85.66.6[189.85.66.6]:25, delay=0.41, delays=0.15/0/0/0.25, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as EF7011757C3) The message was queued on the server at 189.85.66.6, with queue ID EF7011757C3. As i can debug this errors? Im searching message id ( queued as EF7011757C3 ) in destination server and nothing show. That is a problem on the server at 189.85.66.6. See http://www.postfix.org/DEBUG_README.html for suggestions. Wietse
Re: Aliases LDAP maps from the MX ?
virtual_alias_maps = proxy:ldap:/etc/postfix/ldap-alias.cf virtual_mailbox_domains = proxy:ldap:/etc/postfix/ldap-domain.cf virtual_mailbox_maps = proxy:ldap:/etc/postfix/ldap-mailbox1.cf where /etc/postfix/ldap-alias.cf: server_host = ldaphost.mydomain.com server_port = 389 search_base = ou=postfix,dc=mydomain,dc=com query_filter = (&(mail=%s)(objectclass=qmailuser)) result_attribute = mailAlternateAddress bind = yes bind_dn = cn=postfix,ou=postfix,dc=mydomain,dc=com bind_pw = * scope = one version = 3 /etc/postfix/ldap-domain.cf server_host = ldaphost.mydomain.com server_port = 389 search_base = cn=mail.mydomain.com,ou=postfix,dc=mydomain,dc=com query_filter = (virtualDomains=%s) result_attribute = virtualDomains bind = yes bind_dn = cn=postfix,ou=postfix,dc=mydomain,dc=com bind_pw = * scope = base version = 3 /etc/postfix/ldap-mailbox1.cf server_host = ldaphost.mydomain.com server_port = 389 search_base = ou=postfix,dc=mydomain,dc=com query_filter = (&(mail=%s)(objectclass=qmailuser)) result_attribute = mailMessageStore bind = yes bind_dn = cn=postfix,ou=postfix,dc=mydomain,dc=com bind_pw = * scope = one version = 3 For the ldap entries we use a somwhat extended qmail (for mail addresses) qmailControl (for domains) schema suomi On 2010-10-08 14:11, Frank Bonnet wrote: Hello I would like to use LDAP ( OpenLDAP ) aliases from our MX server in order to forward emails to the internal mailhub. The MX use the transport utility to forward emails to the mailhub and does not perform local deliveries. Thanks for any infos
Re: Trouble With Transport
Rafael Andrade: > Oct 6 10:33:48 mta01 postfix/smtp[2182]: CD4BD249BA: > to=, relay=189.85.66.6[189.85.66.6]:25, > delay=0.41, delays=0.15/0/0/0.25, dsn=2.0.0, status=sent (250 2.0.0 Ok: > queued as EF7011757C3) ... > As i can debug this errors? Im searching message id ( queued as > EF7011757C3 ) in destination server and nothing show. Wietse: > > That is a problem on the server at 189.85.66.6. See > > http://www.postfix.org/DEBUG_README.html for suggestions. Rafael Andrade: > I'm debugging information to see what might be happening, the problem is > that it takes to happen, and I look in the logs of the destination > transport by ID EF7011757C3 and nothing is found. Then you have a problem with your syslog configuration. When Postfix receives mail it logs the queue ID (in this case EF7011757C3) in multiple logfile records. For example: Mmm dd hh:mm:ss hostname postfix/smtpd[pid]: EF7011757C3: client=hostname[ipaddr] Mmm dd hh:mm:ss hostname postfix/cleanup[pid]: EF7011757C3: message-id=some-long-string Mmm dd hh:mm:ss hostname postfix/qmgr[pid]: EF7011757C3: from=sender, size=nnn, nrcpt=n (queue active) Followed by a record with mail delivery to content filter, mailbox or some other destination. Wietse
Re: Aliases LDAP maps from the MX ?
Thank you ! On 10/08/2010 03:00 PM, Wietse Venema wrote: Frank Bonnet: Hello I would like to use LDAP ( OpenLDAP ) aliases from our MX server in order to forward emails to the internal mailhub. The MX use the transport utility to forward emails to the mailhub and does not perform local deliveries. In that case you should be able to replace this: /etc/postfix/main.cf: transport_maps = mapping from example.com to smtp:mailhub.example.com relay_domains = example.com relay_recipient_maps = list of "good" recipie...@example.com with: /etc/postfix/main.cf: transport_maps = mapping from example.com to smtp:mailhub.example.com relay_domains = example.com virtual_alias_maps = mappings from external-u...@example.com to internal-user(s)@example.com Unless I am missing something obvious (in which case Victor will helpfully point out what's missing). Wietse <>
Re: Aliases LDAP maps from the MX ?
Frank Bonnet: > I would like to use LDAP ( OpenLDAP ) aliases from our MX server > in order to forward emails to the internal mailhub. > > The MX use the transport utility to forward emails to the mailhub > and does not perform local deliveries. Wietse: > > In that case you should be able to replace this: > > > > /etc/postfix/main.cf: > > transport_maps = mapping from example.com to smtp:mailhub.example.com > > relay_domains = example.com > > relay_recipient_maps = list of "good" recipie...@example.com > > > > with: > > > > /etc/postfix/main.cf: > > transport_maps = mapping from example.com to smtp:mailhub.example.com > > relay_domains = example.com > > virtual_alias_maps = > > mappings from external-u...@example.com to internal-user(s)@example.com > > > > Unless I am missing something obvious (in which case Victor will > > helpfully point out what's missing). Frank Bonnet: > Thank you ! The only problem I see is that this would accept mail for non-existent recipients, so you still need to specify relay_recipient_maps but the table can be empty. The recipient address validation is then done by virtual_alias_maps. /etc/postfix/main.cf: transport_maps = mapping from example.com to smtp:mailhub.example.com relay_domains = example.com relay_recipient_maps = some table that can be empty. virtual_alias_maps = mappings from external-u...@example.com to internal-user(s)@example.com That should do the job. Be sure to test this with a separate Postfix instance first. Wietse
Customize / configure postfix with multiple recipients
Hello, I am interested to know if it is possible to configure postfix such that, if a message is sent to multiple recipients. Out of which, if one is an invalid address and other is a valid address. Then, right now the postfix rejects the mail with a 550 error (Recipient address rejected: User unknown in virtual mailbox table) and mail is not delivered to the valid address recipient. Can I customize / configure postfix to deliver the mail to the valid address recipient ? Thank You. Sincerely, Manjiri -- View this message in context: http://old.nabble.com/Customize---configure-postfix-with-multiple-recipients-tp29915481p29915481.html Sent from the Postfix mailing list archive at Nabble.com.
Transport maps for a specfic user attached to a virtual domain
Hello everybody, I am writing here because I have an issue trying to use transport_maps with a domain which is declared as VIRTUAL. My architecture is the following : I have a Postfix instance which acts as MDA for several domains so I use the Postfix Virtual Domain feature. Everything works perfect. No problem with that. Now i would want this step : Redirect a specific account f...@domain.com from the MDA to another SMTP server but this account is not declared on the MDA. I wonder if it was possible to do this with the transport maps feature or not. I tried to declare a transport_maps with "f...@domain.com smtp:" but postfix rejected me the mail telling me this account is not a virtual mailbox (which seems to be logical). The main objective is to redirect a specific address which is a mailing list addres to the mailing list server without using a subdomain. Thanks for your answers. Regards, Olivier BONHOMME
Re: Aliases LDAP maps from the MX ?
On Fri, Oct 08, 2010 at 11:15:46AM -0400, Wietse Venema wrote:
> > > /etc/postfix/main.cf:
> > > transport_maps = mapping from example.com to smtp:mailhub.example.com
> > > relay_domains = example.com
> > > virtual_alias_maps =
> > > mappings from external-u...@example.com to internal-user(s)@example.com
> > >
> > > Unless I am missing something obvious (in which case Victor will
> > > helpfully point out what's missing).
>
> The only problem I see is that this would accept mail for non-existent
> recipients, so you still need to specify relay_recipient_maps but the
> table can be empty. The recipient address validation is then done by
> virtual_alias_maps.
>
> /etc/postfix/main.cf:
> transport_maps = mapping from example.com to smtp:mailhub.example.com
> relay_domains = example.com
> relay_recipient_maps =
> some table that can be empty.
> virtual_alias_maps =
> mappings from external-u...@example.com to internal-user(s)@example.com
I avoid the need for such empty relay tables, by making all my
externally-facing domains (the domains in which users get their
primary email addresses) be virtual alias domains. All internal
delivery is to "mailbox" domains that are the result of virtual
alias rewrites:
main.cf:
virtual_alias_domains = example.com
indexed = ${default_database_type}:${config_directory}/
virtual_alias_maps = ${indexed}virtual
transport_maps = ${indexed}transport
virtual:
u...@example.comu...@mbox-domain.example.com
transport:
# Mbox domain has MX hosts:
mbox-domain.example.com mbox-domain.example.com
# Mbox domain has a gateway:
# mbox-domain.example.com [mbox-domain.example.com]
--
Viktor.
Re: Customize / configure postfix with multiple recipients
On 10/8/2010 10:34 AM, Manjiri wrote: Hello, I am interested to know if it is possible to configure postfix such that, if a message is sent to multiple recipients. Out of which, if one is an invalid address and other is a valid address. Then, right now the postfix rejects the mail with a 550 error (Recipient address rejected: User unknown in virtual mailbox table) and mail is not delivered to the valid address recipient. Can I customize / configure postfix to deliver the mail to the valid address recipient ? Postfix normally acts as you request -- within a single message, valid users are accepted and delivered, invalid users are rejected. Please show full (non-verbose) logs of a transaction with both valid and invalid recipients, and your "postconf -n" output. -- Noel Jones
Re: Customize / configure postfix with multiple recipients
On 10/8/2010 11:34 AM, Manjiri wrote: Hello, I am interested to know if it is possible to configure postfix such that, if a message is sent to multiple recipients. Out of which, if one is an invalid address and other is a valid address. Then, right now the postfix rejects the mail with a 550 error (Recipient address rejected: User unknown in virtual mailbox table) and mail is not delivered to the valid address recipient. Can I customize / configure postfix to deliver the mail to the valid address recipient ? This is partially a mail CLIENT issue. Postfix will accept unknown recipients up to $smtpd_hard_error_limit (default: normal: 20, overload: 1) and still deliver a mail.
Re: Customize / configure postfix with multiple recipients
I am sending a message to "newu...@messaging.cerner.com"(valid) and "manji...@messaging.cerner.com" (invalid) maillog: Oct 8 11:12:51 goonie postfix/smtpd[19685]: warning: dict_nis_init: NIS domain name not set - NIS lookups disabled Oct 8 11:12:51 goonie postfix/smtpd[19685]: warning: 10.184.60.37: address not listed for hostname cern-nm019057.northamerica\ .cerner.net Oct 8 11:12:51 goonie postfix/smtpd[19685]: connect from unknown[10.184.60.37] Oct 8 11:12:51 goonie postfix/smtpd[19685]: 6E5CFF00A5: client=unknown[10.184.60.37] Oct 8 11:12:51 goonie postfix/smtpd[19685]: 6E5CFF00A5: reject: RCPT from unknown[10.184.60.37]: 550 5.1.1 : Recipient address rejected: User unknown in virtual mailbox table; from= to= proto=ESMTP helo= Oct 8 11:12:51 goonie postfix/smtpd[19689]: warning: dict_nis_init: NIS domain name not set - NIS lookups disabled Oct 8 11:12:51 goonie postfix/smtpd[19689]: warning: 10.184.60.37: address not listed for hostname cern-nm019057.northamerica\ .cerner.net Oct 8 11:12:51 goonie postfix/smtpd[19689]: connect from unknown[10.184.60.37] Oct 8 11:12:51 goonie postfix/smtpd[19689]: 7B0C1F00A5: client=unknown[10.184.60.37] Oct 8 11:12:51 goonie postfix/smtpd[19689]: 7B0C1F00A5: reject: RCPT from unknown[10.184.60.37]: 550 5.1.1 : Recipient address rejected: User unknown in virtual mailbox table; from= to= proto=ESMTP helo= Oct 8 11:12:51 goonie postfix/smtpd[19685]: lost connection after RSET from unknown[10.184.60.37] Oct 8 11:12:51 goonie postfix/smtpd[19685]: disconnect from unknown[10.184.60.37] Oct 8 11:12:51 goonie postfix/smtpd[19689]: lost connection after RSET from unknown[10.184.60.37] Oct 8 11:12:51 goonie postfix/smtpd[19689]: disconnect from unknown[10.184.60.37] postconf -n: alternate_config_directories = /etc/postfixNotifications command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix data_directory = /var/lib/postfix debug_peer_level = 2 home_mailbox = Maildir/ html_directory = no mail_owner = postfix mail_spool_directory = /var/mail mailq_path = /usr/bin/mailq manpage_directory = /usr/local/man message_size_limit = 3072 mynetworks_style = class newaliases_path = /usr/bin/newaliases queue_directory = /var/spool/postfix readme_directory = no recipient_delimiter = + relayhost = [smtp1.cerner.com] sample_directory = /etc/postfix sendmail_path = /usr/sbin/sendmail setgid_group = postdrop transport_maps = regexp:/etc/postfix/transport unknown_local_recipient_reject_code = 550 virtual_alias_maps = ldap:virtual_alias_maps virtual_gid_maps = static:1004 virtual_mailbox_base = /var/mail/vhosts virtual_mailbox_domains = messaging.cerner.com virtual_mailbox_maps = ldap:virtual_mailbox_maps virtual_uid_maps = static:1004 Sorry I am very new to postfix. Thanks Noel Jones-2 wrote: > > On 10/8/2010 10:34 AM, Manjiri wrote: >> >> Hello, >> >> I am interested to know if it is possible to configure postfix such that, >> if >> a message is sent to multiple recipients. Out of which, if one is an >> invalid >> address and other is a valid address. Then, right now the postfix rejects >> the mail with a 550 error (Recipient address rejected: User unknown in >> virtual mailbox table) and mail is not delivered to the valid address >> recipient. Can I customize / configure postfix to deliver the mail to the >> valid address recipient ? > > Postfix normally acts as you request -- within a single > message, valid users are accepted and delivered, invalid users > are rejected. > > Please show full (non-verbose) logs of a transaction with both > valid and invalid recipients, and your "postconf -n" output. > > >-- Noel Jones > > -- View this message in context: http://old.nabble.com/Customize---configure-postfix-with-multiple-recipients-tp29915481p29916795.html Sent from the Postfix mailing list archive at Nabble.com.
Re: Aliases LDAP maps from the MX ?
Victor Duchovni:
> I avoid the need for such empty relay tables, by making all my
> externally-facing domains (the domains in which users get their
> primary email addresses) be virtual alias domains. All internal
> delivery is to "mailbox" domains that are the result of virtual
> alias rewrites:
>
> main.cf:
> virtual_alias_domains = example.com
>
> indexed = ${default_database_type}:${config_directory}/
> virtual_alias_maps = ${indexed}virtual
> transport_maps = ${indexed}transport
>
> virtual:
> u...@example.comu...@mbox-domain.example.com
...
That is simpler, but I tried to avoid this, because sometimes the
back-end MTA is configured to accept u...@example.com but not
u...@server.example.com.
Wietse
Re: Customize / configure postfix with multiple recipients
Is it that the entire message is getting rejected because for some reason the postfix is not splitting it up per recipient ? I have: default_destination_recipient_limit = 50 smtp_destination_recipient_limit = $default_destination_recipient_limit in the main.cf.default Manjiri wrote: > > I am sending a message to > "newu...@messaging.cerner.com"(valid) and "manji...@messaging.cerner.com" > (invalid) > > maillog: > Oct 8 11:12:51 goonie postfix/smtpd[19685]: warning: dict_nis_init: NIS > domain name not set - NIS lookups disabled > Oct 8 11:12:51 goonie postfix/smtpd[19685]: warning: 10.184.60.37: > address not listed for hostname cern-nm019057.northamerica\ > .cerner.net > Oct 8 11:12:51 goonie postfix/smtpd[19685]: connect from > unknown[10.184.60.37] > Oct 8 11:12:51 goonie postfix/smtpd[19685]: 6E5CFF00A5: > client=unknown[10.184.60.37] > Oct 8 11:12:51 goonie postfix/smtpd[19685]: 6E5CFF00A5: reject: RCPT from > unknown[10.184.60.37]: 550 5.1.1 g.cerner.com>: Recipient address rejected: User unknown in virtual mailbox > table; from= to= 2...@messaging.cerner.com> proto=ESMTP helo= > Oct 8 11:12:51 goonie postfix/smtpd[19689]: warning: dict_nis_init: NIS > domain name not set - NIS lookups disabled > Oct 8 11:12:51 goonie postfix/smtpd[19689]: warning: 10.184.60.37: > address not listed for hostname cern-nm019057.northamerica\ > .cerner.net > Oct 8 11:12:51 goonie postfix/smtpd[19689]: connect from > unknown[10.184.60.37] > Oct 8 11:12:51 goonie postfix/smtpd[19689]: 7B0C1F00A5: > client=unknown[10.184.60.37] > Oct 8 11:12:51 goonie postfix/smtpd[19689]: 7B0C1F00A5: reject: RCPT from > unknown[10.184.60.37]: 550 5.1.1 g.cerner.com>: Recipient address rejected: User unknown in virtual mailbox > table; from= to= 2...@messaging.cerner.com> proto=ESMTP helo= > Oct 8 11:12:51 goonie postfix/smtpd[19685]: lost connection after RSET > from unknown[10.184.60.37] > Oct 8 11:12:51 goonie postfix/smtpd[19685]: disconnect from > unknown[10.184.60.37] > Oct 8 11:12:51 goonie postfix/smtpd[19689]: lost connection after RSET > from unknown[10.184.60.37] > Oct 8 11:12:51 goonie postfix/smtpd[19689]: disconnect from > unknown[10.184.60.37] > > postconf -n: > alternate_config_directories = /etc/postfixNotifications > command_directory = /usr/sbin > config_directory = /etc/postfix > daemon_directory = /usr/libexec/postfix > data_directory = /var/lib/postfix > debug_peer_level = 2 > home_mailbox = Maildir/ > html_directory = no > mail_owner = postfix > mail_spool_directory = /var/mail > mailq_path = /usr/bin/mailq > manpage_directory = /usr/local/man > message_size_limit = 3072 > mynetworks_style = class > newaliases_path = /usr/bin/newaliases > queue_directory = /var/spool/postfix > readme_directory = no > recipient_delimiter = + > relayhost = [smtp1.cerner.com] > sample_directory = /etc/postfix > sendmail_path = /usr/sbin/sendmail > setgid_group = postdrop > transport_maps = regexp:/etc/postfix/transport > unknown_local_recipient_reject_code = 550 > virtual_alias_maps = ldap:virtual_alias_maps > virtual_gid_maps = static:1004 > virtual_mailbox_base = /var/mail/vhosts > virtual_mailbox_domains = messaging.cerner.com > virtual_mailbox_maps = ldap:virtual_mailbox_maps > virtual_uid_maps = static:1004 > > > Sorry I am very new to postfix. > > Thanks > > > Noel Jones-2 wrote: >> >> On 10/8/2010 10:34 AM, Manjiri wrote: >>> >>> Hello, >>> >>> I am interested to know if it is possible to configure postfix such >>> that, if >>> a message is sent to multiple recipients. Out of which, if one is an >>> invalid >>> address and other is a valid address. Then, right now the postfix >>> rejects >>> the mail with a 550 error (Recipient address rejected: User unknown in >>> virtual mailbox table) and mail is not delivered to the valid address >>> recipient. Can I customize / configure postfix to deliver the mail to >>> the >>> valid address recipient ? >> >> Postfix normally acts as you request -- within a single >> message, valid users are accepted and delivered, invalid users >> are rejected. >> >> Please show full (non-verbose) logs of a transaction with both >> valid and invalid recipients, and your "postconf -n" output. >> >> >>-- Noel Jones >> >> > > -- View this message in context: http://old.nabble.com/Customize---configure-postfix-with-multiple-recipients-tp29915481p29916830.html Sent from the Postfix mailing list archive at Nabble.com.
Re: Customize / configure postfix with multiple recipients
Manjiri: > > Hello, > > I am interested to know if it is possible to configure postfix such that, if > a message is sent to multiple recipients. Out of which, if one is an invalid > address and other is a valid address. Then, right now the postfix rejects > the mail with a 550 error (Recipient address rejected: User unknown in > virtual mailbox table) and mail is not delivered to the valid address > recipient. That is not how Postfix works. Show evidence (an actual SMTP session) if you believe otherwise. Wietse
Re: Aliases LDAP maps from the MX ?
On Fri, Oct 08, 2010 at 12:50:42PM -0400, Wietse Venema wrote:
> Victor Duchovni:
> > I avoid the need for such empty relay tables, by making all my
> > externally-facing domains (the domains in which users get their
> > primary email addresses) be virtual alias domains. All internal
> > delivery is to "mailbox" domains that are the result of virtual
> > alias rewrites:
> >
> > main.cf:
> > virtual_alias_domains = example.com
> >
> > indexed = ${default_database_type}:${config_directory}/
> > virtual_alias_maps = ${indexed}virtual
> > transport_maps = ${indexed}transport
> >
> > virtual:
> > u...@example.comu...@mbox-domain.example.com
> ...
>
> That is simpler, but I tried to avoid this, because sometimes the
> back-end MTA is configured to accept u...@example.com but not
> u...@server.example.com.
In many business email systems, the back-end store is MSFT Exchange,
in which case, support for non-primary addresses is not difficult,
one just populates the mailbox addresses into
proxyAddresses: SMTP:joe.u...@example.com
proxyAddresses: smtp:ju...@exchange.example.com
one also makes the Exchange servers authoritative for the
"exchange.example.com" domain, but forward anything unresolved int the
parent domain (example.com) to the cross-domain mail hub for routing.
This is most useful when multiple mail store environments are present.
(Multiple Exchange installations, and/or other non MSFT mailstores).
Some people find it easier to rewrite mailbox->primary mail in
smtp_generic_maps, so that the backend servers still see the primary
address, but the Postfix queue sees mailbox domains, and thereby avoid
per-user transport lookups, which typically involve much slower
(compared to indexed-file lookups) LDAP or SQL queries and can adversely
impact queue manager performance.
--
Viktor.
Re: Aliases LDAP maps from the MX ?
Victor Duchovni:
> On Fri, Oct 08, 2010 at 12:50:42PM -0400, Wietse Venema wrote:
>
> > Victor Duchovni:
> > > I avoid the need for such empty relay tables, by making all my
> > > externally-facing domains (the domains in which users get their
> > > primary email addresses) be virtual alias domains. All internal
> > > delivery is to "mailbox" domains that are the result of virtual
> > > alias rewrites:
> > >
> > > main.cf:
> > > virtual_alias_domains = example.com
> > >
> > > indexed = ${default_database_type}:${config_directory}/
> > > virtual_alias_maps = hash:/etc/postfix/virtual
> > > transport_maps = hash:/etc/postfix/transport
> > >
> > > virtual:
> > > u...@example.comu...@mbox-domain.example.com
> > ...
> >
> > That is simpler, but I tried to avoid this, because sometimes the
> > back-end MTA is configured to accept u...@example.com but not
> > u...@server.example.com.
>
> In many business email systems, the back-end store is MSFT Exchange,
> in which case, support for non-primary addresses is not difficult,
> one just populates the mailbox addresses into
>
> proxyAddresses: SMTP:joe.u...@example.com
> proxyAddresses: smtp:ju...@exchange.example.com
>
> one also makes the Exchange servers authoritative for the
> "exchange.example.com" domain, but forward anything unresolved int the
> parent domain (example.com) to the cross-domain mail hub for routing.
>
> This is most useful when multiple mail store environments are present.
> (Multiple Exchange installations, and/or other non MSFT mailstores).
>
> Some people find it easier to rewrite mailbox->primary mail in
> smtp_generic_maps, so that the backend servers still see the primary
> address, but the Postfix queue sees mailbox domains, and thereby avoid
> per-user transport lookups, which typically involve much slower
> (compared to indexed-file lookups) LDAP or SQL queries and can adversely
> impact queue manager performance.
Yes, I forgot about the smtp_generic_maps solution. That would
look like:
/etc/postfix/main.cf:
virtual_alias_domains = example.com
virtual_alias_maps = hash:/etc/postfix/virtual
transport_maps = hash:/etc/postfix/transport
smtp_generic_maps = hash:/etc/postfix/smtp_generic
/etc/postfix/virtual:
u...@example.comu...@mbox-domain.example.com
/etc/postfix/transport:
# Mbox domain has MX hosts:
mbox-domain.example.com mbox-domain.example.com
# Mbox domain has a gateway:
# mbox-domain.example.com [mbox-domain.example.com]
/etc/postfix/smtp_generic
@mbox-domain.example.com@example.com
Or their equivalents using CDB or LDAP (the hash: forms are
sufficient to get peolpe started).
And by now starts to look familiar from earlier posts on this list.
If you agree with the general form, we should add this to the
STANDARD_CONFIGURATION_README.
One glitch in the example is that it uses the default smtp transport,
and therefore applies smtp_generic_maps to outbound mail.
Wietse
Re: Deliver to non-local users from domain.
On Fri, Oct 8, 2010 at 5:06 AM, Nikolai K. Bochev wrote: > Hello list, > > I have one domain , with several users in it. Most of them , will be > migrated to a exchange server, which will later be the mx record for that > domain. The exchange server will redirect emails for users not in his > database to the postfix/cyrus server i run. > > The problem is, when someone tries to send an email from postfix/cyrus user > to a user on the same domain that is hosted on the exchange. I know i can > create local boxes, and setup up transport maps for each of those boxes. > What i am wondering is - is there any way that i can tell postfix to relay > mail for a domain he owns if no local user exists ? > http://www.postfix.org/VIRTUAL_README.html#virtual_alias We have a similar set-up. If you have an internal domain (Active Directory) that is different than your external domain, in the virtual file on your Postfix machine, on the left column put the user's external email address, and on the right put what Exchange recognizes as their FQDN internal address. For example: u...@example.comu...@exchange.example.local This assumes Exchange is part of the Active Directory domain example.local, and you have an MX and A record for it on your internal DNS server. -- Mike Saldivar Direct Financial Solutions Information Systems Manager Desk: 435-774-8252 Cell: 435-881-3778 Fax: 435-774-8244
Re: Customize / configure postfix with multiple recipients
Manjiri Namjoshi: > I dont know how to collect the smtp conversation .. or how to log the > smtp session. Can you give me some hints ? You could telnet to the SMTP port and type the commands to deliver one message to one good and one bad recipient. You will discover that Postfix rejects the bad user and accepts the good user, and that it will accept the message. > Also, Is it that the entire message is getting rejected because > for some reason the postfix is not splitting it up per recipient > ? You are mistaken. You have no evidence whatsoever that Postfix rejects the entire message. It is known that SOME SMTP CLIENT programs will give up delivering a message when one recipient is not accepted, even when the other recipients are good. Wietse
Re: Customize / configure postfix with multiple recipients
On 10/8/2010 11:16 AM, Manjiri wrote: I am sending a message to "newu...@messaging.cerner.com"(valid) and "manji...@messaging.cerner.com" (invalid) maillog: Oct 8 11:12:51 goonie postfix/smtpd[19689]: connect from unknown[10.184.60.37] The client connects. Oct 8 11:12:51 goonie postfix/smtpd[19689]: 7B0C1F00A5: client=unknown[10.184.60.37] Postfix assigns a QUEUEID of 7B0C1F00A5. This means one recipient has been accepted. Oct 8 11:12:51 goonie postfix/smtpd[19689]: 7B0C1F00A5: reject: RCPT from unknown[10.184.60.37]: 550 5.1.1: Recipient address rejected: User unknown in virtual mailbox table; from= to= proto=ESMTP helo= Postfix rejects the bad recipient. Oct 8 11:12:51 goonie postfix/smtpd[19689]: lost connection after RSET from unknown[10.184.60.37] Oct 8 11:12:51 goonie postfix/smtpd[19689]: disconnect from unknown[10.184.60.37] The **CLIENT** disconnects after the error. This is a client issue, not a postfix issue. postconf -n: ... Nothing remarkable in postconf output. -- Noel Jones
Re: Transport maps for a specfic user attached to a virtual domain
On Fri, Oct 08, 2010 at 05:38:21PM +0200, Olivier BONHOMME wrote: > I am writing here because I have an issue trying to use transport_maps with > a domain which is declared as VIRTUAL. You fail to distinguish between virtual_alias_domains and virtual_mailbox_domains. Which is it? > Now i would want this step : Redirect a specific account f...@domain.com > from the MDA to another SMTP server but this account is not declared on the > MDA. You can rewrite an account in a final (local, or virtual mailbox) domain to another domain via virtual_alias_maps. Postfix will then accept mail for the domain, and forward to the alternate mailbox. > I wonder if it was possible to do this with the transport maps feature or > not. I tried to declare a transport_maps with "f...@domain.com > smtp:" but postfix rejected me the mail telling me this > account is not a virtual mailbox (which seems to be logical). > > The main objective is to redirect a specific address which is a mailing > list addres to the mailing list server without using a subdomain. To retain the address of the mailbox use "smtp_generic_maps" to undo the rewrite, as described in an earlier thread today about LDAP on MX hosts. -- Viktor.
Postfix not create Maildir
I am configuring a server to read a basic ldap, everything is working wonders, but to deliver the e-mail, postfix is not creating the maildir of the user, delivering only a mailbox file, but note that the configuration that follows below, I have the directive home_mailbox = Maildir/. I'm using version 2.6 on FreeBSD 8.2 body_checks = pcre:/usr/local/etc/postfix/maps/body_checks body_checks_size_limit = 51200 broken_sasl_auth_clients = yes command_directory = /usr/local/sbin config_directory = /usr/local/etc/postfix content_filter = smtp-amavis:[127.0.0.1]:10024 daemon_directory = /usr/local/libexec/postfix data_directory = /var/db/postfix debug_peer_level = 2 default_destination_concurrency_limit = 20 default_process_limit = 100 header_checks = pcre:/usr/local/etc/postfix/maps/header_checks home_mailbox = Maildir/ html_directory = /usr/local/share/doc/postfix local_destination_concurrency_limit = 2 local_recipient_maps = $virtual_mailbox_maps local_transport = virtual mail_owner = postfix mailq_path = /usr/local/bin/mailq manpage_directory = /usr/local/man message_size_limit = 10485760 mydestination = $myhostname, localhost.$mydomain, mx.$mydomain, $mydomain mydomain = domain.com.br myhostname = bt.domain.com.br mynetworks = 127.0.0.0/8 myorigin = $mydomain newaliases_path = /usr/local/bin/newaliases queue_directory = /var/spool/postfix readme_directory = /usr/local/share/doc/postfix recipient_delimiter = + sample_directory = /usr/local/etc/postfix sendmail_path = /usr/local/sbin/sendmail smtp_tls_note_starttls_offer = yes smtp_use_tls = yes smtpd_banner = $myhostname ESMTP smtpd_data_restrictions = reject_unauth_pipelining smtpd_recipient_restrictions = reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unauth_destination, reject_invalid_hostname,permit_sasl_authenticated, permit_mynetworks, reject_rbl_client sbl-xbl.spamhaus.org, reject_rbl_client zen.spamhaus.org, reject_unauth_destination,permit smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = $myhostname smtpd_sasl_security_options = noanonymous smtpd_sender_restrictions = check_client_access hash:/usr/local/etc/postfix/maps/sender_access, check_sender_access hash:/usr/local/etc/postfix/monitoramento/acl_sender, permit_sasl_authenticated, check_sender_access hash:/usr/local/etc/postfix/maps/sender, reject_sender_login_mismatch, reject_unlisted_recipient, reject_non_fqdn_sender, reject_unknown_sender_domain, reject_unauth_destination,warn_if_reject, permit smtpd_tls_CAfile = /usr/local/etc/postfix/certificado/cacert.pem smtpd_tls_cert_file = /usr/local/etc/postfix/certificado/smtpd.crt smtpd_tls_key_file = /usr/local/etc/postfix/certificado/smtpd.key smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s smtpd_use_tls = yes soft_bounce = no tls_random_source = dev:/dev/urandom unknown_local_recipient_reject_code = 550 virtual_gid_maps = static:1002 virtual_mailbox_base = /home/vmail virtual_mailbox_limit = 1 virtual_mailbox_limit_inbox = yes virtual_mailbox_limit_maps = ldap:mailquota virtual_mailbox_limit_override = yes virtual_mailbox_maps = ldap:mailboxmaps virtual_maildir_extended = yes virtual_maildir_limit_message = Aviso de Quota Excedida! virtual_overquota_bounce = yes virtual_uid_maps = static:1002 -- Márcio Luciano Donada Aurora Alimentos - Cooperativa Central Oeste Catarinense Departamento de T.I.
Re: Postfix not create Maildir
you must create them by hand or you have to use plugins dovecot and sieve Le vendredi 08 octobre 2010 à 19:11 -0300, Márcio Luciano Donada a écrit : > I am configuring a server to read a basic ldap, everything is working > wonders, but to deliver the e-mail, postfix is not creating the maildir > of the user, delivering only a mailbox file, but note that the > configuration that follows below, I have the directive home_mailbox = > Maildir/. I'm using version 2.6 on FreeBSD 8.2 > > body_checks = pcre:/usr/local/etc/postfix/maps/body_checks > body_checks_size_limit = 51200 > broken_sasl_auth_clients = yes > command_directory = /usr/local/sbin > config_directory = /usr/local/etc/postfix > content_filter = smtp-amavis:[127.0.0.1]:10024 > daemon_directory = /usr/local/libexec/postfix > data_directory = /var/db/postfix > debug_peer_level = 2 > default_destination_concurrency_limit = 20 > default_process_limit = 100 > header_checks = pcre:/usr/local/etc/postfix/maps/header_checks > home_mailbox = Maildir/ > html_directory = /usr/local/share/doc/postfix > local_destination_concurrency_limit = 2 > local_recipient_maps = $virtual_mailbox_maps > local_transport = virtual > mail_owner = postfix > mailq_path = /usr/local/bin/mailq > manpage_directory = /usr/local/man > message_size_limit = 10485760 > mydestination = $myhostname, localhost.$mydomain, mx.$mydomain, $mydomain > mydomain = domain.com.br > myhostname = bt.domain.com.br > mynetworks = 127.0.0.0/8 > myorigin = $mydomain > newaliases_path = /usr/local/bin/newaliases > queue_directory = /var/spool/postfix > readme_directory = /usr/local/share/doc/postfix > recipient_delimiter = + > sample_directory = /usr/local/etc/postfix > sendmail_path = /usr/local/sbin/sendmail > smtp_tls_note_starttls_offer = yes > smtp_use_tls = yes > smtpd_banner = $myhostname ESMTP > smtpd_data_restrictions = reject_unauth_pipelining > smtpd_recipient_restrictions = reject_non_fqdn_recipient, > reject_unknown_recipient_domain, reject_unauth_destination, > reject_invalid_hostname,permit_sasl_authenticated, > permit_mynetworks, reject_rbl_client sbl-xbl.spamhaus.org, > reject_rbl_client zen.spamhaus.org, reject_unauth_destination,permit > smtpd_sasl_auth_enable = yes > smtpd_sasl_local_domain = $myhostname > smtpd_sasl_security_options = noanonymous > smtpd_sender_restrictions = check_client_access > hash:/usr/local/etc/postfix/maps/sender_access, >check_sender_access > hash:/usr/local/etc/postfix/monitoramento/acl_sender, > permit_sasl_authenticated, > check_sender_access hash:/usr/local/etc/postfix/maps/sender, > reject_sender_login_mismatch, > reject_unlisted_recipient, > reject_non_fqdn_sender, > reject_unknown_sender_domain, > reject_unauth_destination,warn_if_reject, > permit > smtpd_tls_CAfile = /usr/local/etc/postfix/certificado/cacert.pem > smtpd_tls_cert_file = /usr/local/etc/postfix/certificado/smtpd.crt > smtpd_tls_key_file = /usr/local/etc/postfix/certificado/smtpd.key > smtpd_tls_loglevel = 1 > smtpd_tls_received_header = yes > smtpd_tls_session_cache_timeout = 3600s > smtpd_use_tls = yes > soft_bounce = no > tls_random_source = dev:/dev/urandom > unknown_local_recipient_reject_code = 550 > virtual_gid_maps = static:1002 > virtual_mailbox_base = /home/vmail > virtual_mailbox_limit = 1 > virtual_mailbox_limit_inbox = yes > virtual_mailbox_limit_maps = ldap:mailquota > virtual_mailbox_limit_override = yes > virtual_mailbox_maps = ldap:mailboxmaps > virtual_maildir_extended = yes > virtual_maildir_limit_message = Aviso de Quota Excedida! > virtual_overquota_bounce = yes > virtual_uid_maps = static:1002 > -- http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x092164A7 gpg --keyserver pgp.mit.edu --recv-key 092164A7 signature.asc Description: Ceci est une partie de message numériquement signée
Re: Postfix not create Maildir
Márcio Luciano Donada put forth on 10/8/2010 5:11 PM: > > I am configuring a server to read a basic ldap, everything is working > wonders, but to deliver the e-mail, postfix is not creating the maildir > of the user, delivering only a mailbox file, but note that the > configuration that follows below, I have the directive home_mailbox = > Maildir/. I'm using version 2.6 on FreeBSD 8.2 The home directories must already exist for local to deliver the mail into them. Do the users' home directories already exist? Where is the mailbox (I assume you mean mbox) file currently being created? /var/spool/mail/user or /home/user/something ? -- Stan > body_checks = pcre:/usr/local/etc/postfix/maps/body_checks > body_checks_size_limit = 51200 > broken_sasl_auth_clients = yes > command_directory = /usr/local/sbin > config_directory = /usr/local/etc/postfix > content_filter = smtp-amavis:[127.0.0.1]:10024 > daemon_directory = /usr/local/libexec/postfix > data_directory = /var/db/postfix > debug_peer_level = 2 > default_destination_concurrency_limit = 20 > default_process_limit = 100 > header_checks = pcre:/usr/local/etc/postfix/maps/header_checks > home_mailbox = Maildir/ > html_directory = /usr/local/share/doc/postfix > local_destination_concurrency_limit = 2 > local_recipient_maps = $virtual_mailbox_maps > local_transport = virtual > mail_owner = postfix > mailq_path = /usr/local/bin/mailq > manpage_directory = /usr/local/man > message_size_limit = 10485760 > mydestination = $myhostname, localhost.$mydomain, mx.$mydomain, $mydomain > mydomain = domain.com.br > myhostname = bt.domain.com.br > mynetworks = 127.0.0.0/8 > myorigin = $mydomain > newaliases_path = /usr/local/bin/newaliases > queue_directory = /var/spool/postfix > readme_directory = /usr/local/share/doc/postfix > recipient_delimiter = + > sample_directory = /usr/local/etc/postfix > sendmail_path = /usr/local/sbin/sendmail > smtp_tls_note_starttls_offer = yes > smtp_use_tls = yes > smtpd_banner = $myhostname ESMTP > smtpd_data_restrictions = reject_unauth_pipelining > smtpd_recipient_restrictions = reject_non_fqdn_recipient, > reject_unknown_recipient_domain, reject_unauth_destination, > reject_invalid_hostname,permit_sasl_authenticated, > permit_mynetworks, reject_rbl_client sbl-xbl.spamhaus.org, > reject_rbl_client zen.spamhaus.org, reject_unauth_destination,permit > smtpd_sasl_auth_enable = yes > smtpd_sasl_local_domain = $myhostname > smtpd_sasl_security_options = noanonymous > smtpd_sender_restrictions = check_client_access > hash:/usr/local/etc/postfix/maps/sender_access, >check_sender_access > hash:/usr/local/etc/postfix/monitoramento/acl_sender, > permit_sasl_authenticated, > check_sender_access hash:/usr/local/etc/postfix/maps/sender, > reject_sender_login_mismatch, > reject_unlisted_recipient, > reject_non_fqdn_sender, > reject_unknown_sender_domain, > reject_unauth_destination,warn_if_reject, > permit > smtpd_tls_CAfile = /usr/local/etc/postfix/certificado/cacert.pem > smtpd_tls_cert_file = /usr/local/etc/postfix/certificado/smtpd.crt > smtpd_tls_key_file = /usr/local/etc/postfix/certificado/smtpd.key > smtpd_tls_loglevel = 1 > smtpd_tls_received_header = yes > smtpd_tls_session_cache_timeout = 3600s > smtpd_use_tls = yes > soft_bounce = no > tls_random_source = dev:/dev/urandom > unknown_local_recipient_reject_code = 550 > virtual_gid_maps = static:1002 > virtual_mailbox_base = /home/vmail > virtual_mailbox_limit = 1 > virtual_mailbox_limit_inbox = yes > virtual_mailbox_limit_maps = ldap:mailquota > virtual_mailbox_limit_override = yes > virtual_mailbox_maps = ldap:mailboxmaps > virtual_maildir_extended = yes > virtual_maildir_limit_message = Aviso de Quota Excedida! > virtual_overquota_bounce = yes > virtual_uid_maps = static:1002 >
Re: Aliases LDAP maps from the MX ?
OK understood ! Thanks for your help :-) Le 08/10/2010 17:15, Wietse Venema a écrit : Frank Bonnet: I would like to use LDAP ( OpenLDAP ) aliases from our MX server in order to forward emails to the internal mailhub. The MX use the transport utility to forward emails to the mailhub and does not perform local deliveries. Wietse: In that case you should be able to replace this: /etc/postfix/main.cf: transport_maps = mapping from example.com to smtp:mailhub.example.com relay_domains = example.com relay_recipient_maps = list of "good" recipie...@example.com with: /etc/postfix/main.cf: transport_maps = mapping from example.com to smtp:mailhub.example.com relay_domains = example.com virtual_alias_maps = mappings from external-u...@example.com to internal-user(s)@example.com Unless I am missing something obvious (in which case Victor will helpfully point out what's missing). Frank Bonnet: Thank you ! The only problem I see is that this would accept mail for non-existent recipients, so you still need to specify relay_recipient_maps but the table can be empty. The recipient address validation is then done by virtual_alias_maps. /etc/postfix/main.cf: transport_maps = mapping from example.com to smtp:mailhub.example.com relay_domains = example.com relay_recipient_maps = some table that can be empty. virtual_alias_maps = mappings from external-u...@example.com to internal-user(s)@example.com That should do the job. Be sure to test this with a separate Postfix instance first. Wietse
Re: Aliases LDAP maps from the MX ?
Thanks a lot for your help !
Le 08/10/2010 17:47, Victor Duchovni a écrit :
On Fri, Oct 08, 2010 at 11:15:46AM -0400, Wietse Venema wrote:
/etc/postfix/main.cf:
transport_maps = mapping from example.com to smtp:mailhub.example.com
relay_domains = example.com
virtual_alias_maps =
mappings from external-u...@example.com to internal-user(s)@example.com
Unless I am missing something obvious (in which case Victor will
helpfully point out what's missing).
The only problem I see is that this would accept mail for non-existent
recipients, so you still need to specify relay_recipient_maps but the
table can be empty. The recipient address validation is then done by
virtual_alias_maps.
/etc/postfix/main.cf:
transport_maps = mapping from example.com to smtp:mailhub.example.com
relay_domains = example.com
relay_recipient_maps =
some table that can be empty.
virtual_alias_maps =
mappings from external-u...@example.com to internal-user(s)@example.com
I avoid the need for such empty relay tables, by making all my
externally-facing domains (the domains in which users get their
primary email addresses) be virtual alias domains. All internal
delivery is to "mailbox" domains that are the result of virtual
alias rewrites:
main.cf:
virtual_alias_domains = example.com
indexed = ${default_database_type}:${config_directory}/
virtual_alias_maps = ${indexed}virtual
transport_maps = ${indexed}transport
virtual:
u...@example.comu...@mbox-domain.example.com
transport:
# Mbox domain has MX hosts:
mbox-domain.example.com mbox-domain.example.com
# Mbox domain has a gateway:
# mbox-domain.example.com [mbox-domain.example.com]
