Loading ...
Sorry, an error occurred while loading the content.

292450Re: Setting up virtual domains correctly

Expand Messages
  • Quanah Gibson-Mount
    Apr 9 6:02 PM
      --On Tuesday, April 09, 2013 8:18 PM -0400 btb@... wrote:

      > On Apr 9, 2013, at 19.56, Quanah Gibson-Mount <quanah@...> wrote:
      >
      >> I'm trying to fix my virtual domain configuration with postfix, which as
      >> noted in a prior discussion was done incorrectly by some unknown to me
      >> person in the past.
      >>
      >> The main issue right now is that it has:
      >>
      >> virtual_transport = error
      >>
      >> which I was told makes little sense, so I'm trying to correct our
      >> configuration.
      >>
      >> First, all of our data is stored in LDAP (domains, users, etc). For my
      >> test setup, the "real" domain is zre-ldap002.eng.vmware.com. I've
      >> created a virtual (alias) domain "example.com".
      >>
      >> With my default configuration, if I send mail to user@... AND
      >> the user exists as user@..., mail delivery occurs.
      >
      > likely, the reason this "works" is because virtual_transport is never
      > being used, if actual delivery for every recipient is passed off
      > somewhere else via lmtp as you seem to perhaps indicate below.

      Yes, delivery is to the server that actually hosts the mailbox for the
      user, via LMTP.

      >> postmap on my base transport works for this:
      >> zimbra@zre-ldap002:~$ postmap -q user@...
      >> ldap:/opt/zimbra/conf/ldap-transport.cf
      >> lmtp:zre-ldap002.eng.vmware.com:7025
      >
      > please supply postconf -nf and postconf -Mf, or if an older version,
      > postconf -n and master.cf with comments removed.

      postconf -nf:
      alias_maps = hash:/etc/aliases
      always_add_missing_headers = yes
      bounce_notice_recipient = postmaster
      bounce_queue_lifetime = 5d
      broken_sasl_auth_clients = yes
      command_directory = /opt/zimbra/postfix/sbin
      config_directory = /opt/zimbra/postfix-2.10.0.2z/conf
      content_filter = smtp-amavis:[127.0.0.1]:10024
      daemon_directory = /opt/zimbra/postfix/libexec
      delay_warning_time = 0h
      disable_dns_lookups = no
      header_checks =
      import_environment =
      in_flow_delay = 1s
      inet_protocols = ipv4
      lmtp_connection_cache_destinations =
      lmtp_connection_cache_time_limit = 4s
      lmtp_host_lookup = dns
      local_header_rewrite_clients = permit_mynetworks,permit_sasl_authenticated
      mail_owner = postfix
      mailbox_size_limit = 0
      mailq_path = /opt/zimbra/postfix/sbin/mailq
      manpage_directory = /opt/zimbra/postfix/man
      maximal_backoff_time = 4000s
      message_size_limit = 10240000
      minimal_backoff_time = 300s
      mydestination = localhost
      myhostname = zre-ldap002.eng.vmware.com
      mynetworks = 127.0.0.0/8 10.137.242.0/24 [::1]/128 [fc00:10:137:242::]/64
      [fe80::]/64
      newaliases_path = /opt/zimbra/postfix/sbin/newaliases
      non_smtpd_milters =
      notify_classes = resource,software
      propagate_unmatched_extensions = canonical
      queue_directory = /opt/zimbra/data/postfix/spool
      queue_run_delay = 300s
      recipient_delimiter =
      relayhost =
      sender_canonical_maps = proxy:ldap:/opt/zimbra/conf/ldap-scm.cf
      sendmail_path = /opt/zimbra/postfix/sbin/sendmail
      setgid_group = postdrop
      smtp_cname_overrides_servername = no
      smtp_fallback_relay =
      smtp_helo_name = $myhostname
      smtp_sasl_auth_enable = no
      smtp_sasl_mechanism_filter =
      smtp_sasl_password_maps =
      smtp_sasl_security_options = noplaintext,noanonymous
      smtp_tls_security_level = may
      smtpd_banner = $myhostname ESMTP $mail_name
      smtpd_client_restrictions = reject_unauth_pipelining
      smtpd_data_restrictions = reject_unauth_pipelining
      smtpd_end_of_data_restrictions =
      smtpd_helo_required = yes
      smtpd_milters =
      smtpd_recipient_restrictions = reject_non_fqdn_recipient,
      reject_unlisted_recipient, reject_invalid_helo_hostname,
      reject_non_fqdn_sender, permit
      smtpd_reject_unlisted_recipient = no
      smtpd_relay_restrictions = permit_sasl_authenticated, permit_mynetworks,
      reject_unauth_destination
      smtpd_sasl_auth_enable = yes
      smtpd_sasl_authenticated_header = no
      smtpd_sasl_security_options = noanonymous
      smtpd_sasl_tls_security_options = $smtpd_sasl_security_options
      smtpd_sender_restrictions = check_sender_access
      regexp:/opt/zimbra/postfix/conf/tag_as_originating.re,
      permit_mynetworks,
      permit_sasl_authenticated, permit_tls_clientcerts, check_sender_access
      regexp:/opt/zimbra/postfix/conf/tag_as_foreign.re
      smtpd_tls_auth_only = yes
      smtpd_tls_cert_file = /opt/zimbra/conf/smtpd.crt
      smtpd_tls_key_file = /opt/zimbra/conf/smtpd.key
      smtpd_tls_loglevel = 1
      smtpd_tls_security_level = may
      transport_maps = proxy:ldap:/opt/zimbra/conf/ldap-transport.cf
      virtual_alias_domains = proxy:ldap:/opt/zimbra/conf/ldap-vad.cf
      virtual_alias_expansion_limit = 10000
      virtual_alias_maps = proxy:ldap:/opt/zimbra/conf/ldap-vam.cf
      virtual_mailbox_domains = proxy:ldap:/opt/zimbra/conf/ldap-vmd.cf
      virtual_mailbox_maps = proxy:ldap:/opt/zimbra/conf/ldap-vmm.cf
      virtual_transport = proxy:ldap:/opt/zimbra/conf/ldap-vtransport.cf



      postconf -Mf
      smtp inet n - n - - smtpd
      -o content_filter=scan:[127.0.0.1]:10030
      465 inet n - n - - smtpd
      -o content_filter=scan:[127.0.0.1]:10030 -o smtpd_tls_wrappermode=yes
      -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=
      -o smtpd_data_restrictions= -o smtpd_end_of_data_restrictions=
      -o smtpd_helo_restrictions= -o smtpd_recipient_restrictions=
      -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
      -o syslog_name=postfix/smtps -o milter_macro_daemon_name=ORIGINATING
      submission inet n - n - - smtpd
      -o content_filter=scan:[127.0.0.1]:10030 -o
      smtpd_etrn_restrictions=reject
      -o smtpd_sasl_auth_enable=yes -o smtpd_tls_security_level=may
      -o smtpd_client_restrictions=permit_sasl_authenticated,reject
      -o smtpd_data_restrictions= -o smtpd_end_of_data_restrictions=
      -o smtpd_helo_restrictions= -o smtpd_recipient_restrictions=
      -o smtpd_relay_restrictions=permit_sasl_authenticated,reject
      -o syslog_name=postfix/submission -o
      milter_macro_daemon_name=ORIGINATING
      scan unix - - n - 10 smtp
      -o smtp_send_xforward_command=yes -o disable_mime_output_conversion=yes
      -o smtp_generic_maps=
      pickup unix n - n 60 1 pickup
      cleanup unix n - n - 0 cleanup
      qmgr unix n - n 300 1 qmgr
      tlsmgr unix - - n 1000? 1 tlsmgr
      rewrite unix - - n - - trivial-rewrite
      bounce unix - - n - 0 bounce
      defer unix - - n - 0 bounce
      trace unix - - n - 0 bounce
      verify unix - - n - 1 verify
      flush unix n - n 1000? 0 flush
      proxymap unix - - n - - proxymap
      smtp unix - - n - - smtp
      relay unix - - n - - smtp
      showq unix n - n - - showq
      error unix - - n - - error
      retry unix - - n - - error
      discard unix - - n - - discard
      local unix - n n - - local
      virtual unix - n n - - virtual
      lmtp unix - - n - - lmtp
      anvil unix - - n - 1 anvil
      scache unix - - n - 1 scache
      maildrop unix - n n - - pipe
      flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
      old-cyrus unix - n n - - pipe
      flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}
      cyrus unix - n n - - pipe
      user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension}
      ${user}
      uucp unix - n n - - pipe
      flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
      ($recipient)
      ifmail unix - n n - - pipe
      flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
      bsmtp unix - n n - - pipe
      flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop
      $recipient
      smtp-amavis unix - - n - 10 smtp
      -o smtp_data_done_timeout=1200 -o smtp_send_xforward_command=yes
      -o disable_dns_lookups=yes -o max_use=20
      [127.0.0.1]:10025 inet n - n - - smtpd
      -o content_filter= -o local_recipient_maps= -o virtual_mailbox_maps=
      -o virtual_alias_maps= -o relay_recipient_maps=
      -o smtpd_restriction_classes= -o smtpd_delay_reject=no
      -o smtpd_client_restrictions=permit_mynetworks,reject
      -o smtpd_data_restrictions= -o smtpd_end_of_data_restrictions=
      -o smtpd_helo_restrictions= -o smtpd_milters= -o
      smtpd_sender_restrictions=
      -o smtpd_reject_unlisted_sender=no -o smtpd_relay_restrictions=
      -o smtpd_recipient_restrictions=permit_mynetworks,reject
      -o mynetworks_style=host -o mynetworks=127.0.0.0/8,[::1]/128
      -o strict_rfc821_envelopes=yes -o smtpd_error_sleep_time=0
      -o smtpd_soft_error_limit=1001 -o smtpd_hard_error_limit=1000
      -o smtpd_client_connection_count_limit=0
      -o smtpd_client_connection_rate_limit=0
      -o
      receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_address_mappings
      -o local_header_rewrite_clients= -o syslog_name=postfix/amavisd
      [127.0.0.1]:10030 inet n - n - - smtpd
      -o local_recipient_maps= -o virtual_mailbox_maps= -o virtual_alias_maps=
      -o relay_recipient_maps= -o smtpd_restriction_classes=
      -o smtpd_delay_reject=no -o smtpd_milters=inet:localhost:8465
      -o smtpd_client_restrictions=permit_mynetworks,reject
      -o smtpd_sender_restrictions= -o smtpd_helo_restrictions=
      -o smtpd_recipient_restrictions=permit_mynetworks,reject
      -o smtpd_reject_unlisted_sender=no -o smtpd_relay_restrictions=
      -o smtpd_data_restrictions= -o smtpd_end_of_data_restrictions=
      -o syslog_name=postfix/dkimmilter
      -o content_filter=smtp-amavis:[127.0.0.1]:10032

      --Quanah

      --

      Quanah Gibson-Mount
      Sr. Member of Technical Staff
      Zimbra, Inc
      A Division of VMware, Inc.
      --------------------
      Zimbra :: the leader in open source messaging and collaboration
    • Show all 8 messages in this topic