Loading ...
Sorry, an error occurred while loading the content.

Postfix/Cyrus Forwarding Question

Expand Messages
  • Dennis Putnam
    I m not sure if this is the right forum for this question but I don t know where else to start. I am running Postfix/Cyrus on the same server that contains
    Message 1 of 11 , Nov 25, 2009
    • 0 Attachment
      I'm not sure if this is the right forum for this question but I don't know where else to start.

      I am running Postfix/Cyrus on the same server that contains user home directories. The forwarding mechanism (.forward) is, of course, working and I understand it. What I don't understand is how this mechanism works, or even if it does, when a user's home directory is on a different server than Postfix/Cyrus. In other words when Postfix/Cyrus does not have access to the user's home directory. Or is there some other delivery mechanism involved that I am missing? Thanks.

      Can someone explain if this can work and if, so how. If not, what do users do in that case?

      Thanks.

      Dennis Putnam
      Sr. IT Systems Administrator
      AIM Systems, Inc.
      11675 Rainwater Dr., Suite 200
      Alpharetta, GA 30009
      Phone: 678-240-4112
      Main Phone: 678-297-0700
      FAX: 678-297-2666 or 770-576-1000
      The information contained in this e-mail and any attachments is strictly confidential. If you are not the intended recipient, any use, dissemination, distribution, or duplication of any part of this e-mail or any attachment is prohibited. If you are not the intended recipient, please notify the sender by return e-mail and delete all copies, including the attachments.
    • Wietse Venema
      ... With Postfix, these files don t have to live in the user s home directory. You can specify an alternate location with the forward_path configuration
      Message 2 of 11 , Nov 25, 2009
      • 0 Attachment
        Dennis Putnam:
        > I'm not sure if this is the right forum for this question but I don't know where else to start.
        >
        > I am running Postfix/Cyrus on the same server that contains user
        > home directories. The forwarding mechanism (.forward) is, of
        > course, working and I understand it. What I don't understand is
        > how this mechanism works, or even if it does, when a user's home
        > directory is on a different server than Postfix/Cyrus. In other
        > words when Postfix/Cyrus does not have access to the user's home
        > directory. Or is there some other delivery mechanism involved that
        > I am missing? Thanks.
        >
        > Can someone explain if this can work and if, so how. If not, what
        > do users do in that case?

        With Postfix, these files don't have to live in the user's home
        directory. You can specify an alternate location with the forward_path
        configuration parameter.

        Wietse
      • Terry Carmen
        ... Postfix s local delivery agent (local) http://www.postfix.org/local.8.html handles the .forward file. If local is delivering the mail to the user s
        Message 3 of 11 , Nov 25, 2009
        • 0 Attachment
          Dennis Putnam wrote:
          > I'm not sure if this is the right forum for this question but I don't know where else to start.
          >
          > I am running Postfix/Cyrus on the same server that contains user home directories. The forwarding mechanism (.forward) is, of course, working and I understand it. What I don't understand is how this mechanism works, or even if it does, when a user's home directory is on a different server than Postfix/Cyrus. In other words when Postfix/Cyrus does not have access to the user's home directory. Or is there some other delivery mechanism involved that I am missing? Thanks.
          >
          > Can someone explain if this can work and if, so how. If not, what do users do in that case?
          >
          Postfix's local delivery agent (local)
          http://www.postfix.org/local.8.html handles the .forward file.

          If local is delivering the mail to the user's directory, it can see the
          .forward file and should handle it properly. If it can't see the user's
          home directories, it can't deliver the mail or read the forward file.

          However, delivery can be delegated to an alternate transport method or
          application, in which case local does nothing with the .forward file.

          If you're not sure how the mail is being delivered, it would be useful
          to follow a single message id in the maillog file and watch exactly what
          happens to it.

          Terry
        • Victor Duchovni
          ... I assume you mean Cyrus IMAP... ... With the local(8) transport delegating delivery via mailbox_transport. ... This assumes system users who have passwd
          Message 4 of 11 , Nov 25, 2009
          • 0 Attachment
            On Wed, Nov 25, 2009 at 11:27:18AM -0500, Dennis Putnam wrote:

            > I am running Postfix/Cyrus

            I assume you mean Cyrus IMAP...

            > on the same server that contains user home directories.

            With the local(8) transport delegating delivery via mailbox_transport.

            > The forwarding mechanism (.forward) is, of course, working
            > and I understand it.

            This assumes "system users" who have passwd file entries, and so by
            definition have home directories.

            > What I don't understand is how this mechanism works, or even if it does,
            > when a user's home directory is on a different server than Postfix/Cyrus.

            A system user's home directory is never "on a different server", NFS, AFS
            and the like don't matter in this context, the home directory is still
            locally accessible.

            Perhaps you are looking to integrate Cyrus IMAP with virtual users.

            > In other words when Postfix/Cyrus does not have access to the user's
            > home directory. Or is there some other delivery mechanism involved that
            > I am missing?

            You can change the forward_path setting to create .forward files for users
            (each owned by the user in question, or local(8) will not trust it), in
            a location different from the user's home directory.

            http://www.postfix.org/postconf.5.html#forward_path

            If the users don't have passwd file entries, then forwarding needs to be
            managed via aliases(5) or better yet virtual(5).

            http://www.postfix.org/postconf.5.html#alias_maps
            http://www.postfix.org/postconf.5.html#virtual_alias_maps
            http://www.postfix.org/ADDRESS_REWRITING_README.html
            http://www.postfix.org/VIRTUAL_README.html

            You can deliver to Cyrus IMAP via LMTP, after rewriting recipient
            addresses in virtual(5) into a domain that is routed to a suitable
            transport(5).

            --
            Viktor.

            Disclaimer: off-list followups get on-list replies or get ignored.
            Please do not ignore the "Reply-To" header.

            To unsubscribe from the postfix-users list, visit
            http://www.postfix.org/lists.html or click the link below:
            <mailto:majordomo@...?body=unsubscribe%20postfix-users>

            If my response solves your problem, the best way to thank me is to not
            send an "it worked, thanks" follow-up. If you must respond, please put
            "It worked, thanks" in the "Subject" so I can delete these quickly.
          • Dennis Putnam
            Hi Wietse, Thanks for the reply. I m not sure I completely understand. Is the forward_path a directory on the mail server or a path to the remote users home?
            Message 5 of 11 , Nov 25, 2009
            • 0 Attachment
              Hi Wietse,

              Thanks for the reply.

              I'm not sure I completely understand. Is the forward_path a directory on the mail server or a path to the remote users' home? Is that a per user or system setting (e.g. users' home directories may be on different servers)?

              I'm guessing that the forward_path is on the mail server. If that is the case, from the users' perspective, how do they handle forwarding?

              On Nov 25, 2009, at 11:37 AM, Wietse Venema wrote:

              > Dennis Putnam:
              >> I'm not sure if this is the right forum for this question but I don't know where else to start.
              >>
              >> I am running Postfix/Cyrus on the same server that contains user
              >> home directories. The forwarding mechanism (.forward) is, of
              >> course, working and I understand it. What I don't understand is
              >> how this mechanism works, or even if it does, when a user's home
              >> directory is on a different server than Postfix/Cyrus. In other
              >> words when Postfix/Cyrus does not have access to the user's home
              >> directory. Or is there some other delivery mechanism involved that
              >> I am missing? Thanks.
              >>
              >> Can someone explain if this can work and if, so how. If not, what
              >> do users do in that case?
              >
              > With Postfix, these files don't have to live in the user's home
              > directory. You can specify an alternate location with the forward_path
              > configuration parameter.
              >
              > Wietse
              >



              Dennis Putnam
              Sr. IT Systems Administrator
              AIM Systems, Inc.
              11675 Rainwater Dr., Suite 200
              Alpharetta, GA 30009
              Phone: 678-240-4112
              Main Phone: 678-297-0700
              FAX: 678-297-2666 or 770-576-1000
              The information contained in this e-mail and any attachments is strictly confidential. If you are not the intended recipient, any use, dissemination, distribution, or duplication of any part of this e-mail or any attachment is prohibited. If you are not the intended recipient, please notify the sender by return e-mail and delete all copies, including the attachments.
            • Dennis Putnam
              Hi Viktor, Thanks, that clears up a few things. It appears that this applies to individual users via the $name parameter. It is not clear how to handle many
              Message 6 of 11 , Nov 25, 2009
              • 0 Attachment
                Hi Viktor,

                Thanks, that clears up a few things. It appears that this applies to individual users via the $name parameter. It is not clear how to handle many users (surely I can't list everyone) which may be on different servers. Is there a wild card format and/or a default?

                Can the path be set to a mounted filesystem that contains the user home directories? If no mount, how does the user create/maintain the .forward file in that alternate location?

                On Nov 25, 2009, at 11:42 AM, Victor Duchovni wrote:

                > On Wed, Nov 25, 2009 at 11:27:18AM -0500, Dennis Putnam wrote:
                >
                >> I am running Postfix/Cyrus
                >
                > I assume you mean Cyrus IMAP...
                >
                >> on the same server that contains user home directories.
                >
                > With the local(8) transport delegating delivery via mailbox_transport.
                >
                >> The forwarding mechanism (.forward) is, of course, working
                >> and I understand it.
                >
                > This assumes "system users" who have passwd file entries, and so by
                > definition have home directories.
                >
                >> What I don't understand is how this mechanism works, or even if it does,
                >> when a user's home directory is on a different server than Postfix/Cyrus.
                >
                > A system user's home directory is never "on a different server", NFS, AFS
                > and the like don't matter in this context, the home directory is still
                > locally accessible.
                >
                > Perhaps you are looking to integrate Cyrus IMAP with virtual users.
                >
                >> In other words when Postfix/Cyrus does not have access to the user's
                >> home directory. Or is there some other delivery mechanism involved that
                >> I am missing?
                >
                > You can change the forward_path setting to create .forward files for users
                > (each owned by the user in question, or local(8) will not trust it), in
                > a location different from the user's home directory.
                >
                > http://www.postfix.org/postconf.5.html#forward_path
                >
                > If the users don't have passwd file entries, then forwarding needs to be
                > managed via aliases(5) or better yet virtual(5).
                >
                > http://www.postfix.org/postconf.5.html#alias_maps
                > http://www.postfix.org/postconf.5.html#virtual_alias_maps
                > http://www.postfix.org/ADDRESS_REWRITING_README.html
                > http://www.postfix.org/VIRTUAL_README.html
                >
                > You can deliver to Cyrus IMAP via LMTP, after rewriting recipient
                > addresses in virtual(5) into a domain that is routed to a suitable
                > transport(5).
                >
                > --
                > Viktor.
                >
                > Disclaimer: off-list followups get on-list replies or get ignored.
                > Please do not ignore the "Reply-To" header.
                >
                > To unsubscribe from the postfix-users list, visit
                > http://www.postfix.org/lists.html or click the link below:
                > <mailto:majordomo@...?body=unsubscribe%20postfix-users>
                >
                > If my response solves your problem, the best way to thank me is to not
                > send an "it worked, thanks" follow-up. If you must respond, please put
                > "It worked, thanks" in the "Subject" so I can delete these quickly.
                >



                Dennis Putnam
                Sr. IT Systems Administrator
                AIM Systems, Inc.
                11675 Rainwater Dr., Suite 200
                Alpharetta, GA 30009
                Phone: 678-240-4112
                Main Phone: 678-297-0700
                FAX: 678-297-2666 or 770-576-1000
                The information contained in this e-mail and any attachments is strictly confidential. If you are not the intended recipient, any use, dissemination, distribution, or duplication of any part of this e-mail or any attachment is prohibited. If you are not the intended recipient, please notify the sender by return e-mail and delete all copies, including the attachments.
              • Victor Duchovni
                ... There is no $name parameter. That is a generic place-holder for any of the parameters above it, to explain that you can use ${extension?foo} or
                Message 7 of 11 , Nov 25, 2009
                • 0 Attachment
                  On Wed, Nov 25, 2009 at 11:56:41AM -0500, Dennis Putnam wrote:

                  > Thanks, that clears up a few things. It appears that this applies to
                  > individual users via the $name parameter.

                  There is no "$name" parameter. That is a generic place-holder for any of
                  the parameters above it, to explain that you can use ${extension?foo}
                  or ${extension:bar} (for example) to handle the case when there is
                  (or is not) an address extension.

                  > It is not clear how to handle
                  > many users (surely I can't list everyone) which may be on different
                  > servers. Is there a wild card format and/or a default?

                  What do you mean "on different servers"? The forward_path specifies
                  a local file on the Postfix server's filesystem which contains
                  the ".forward" content for each user. Various ${parameters}, as part
                  of this setting, make the path user-dependent.

                  > Can the path be set to a mounted filesystem that contains the user
                  > home directories? If no mount, how does the user create/maintain the
                  > .forward file in that alternate location?

                  If you want users to edit their own .forward files with "vi", "emacs",
                  "ed", ... Give them home directories on the mail server, use NFS if
                  that's sufficiently reliable, and the security risk is acceptable.

                  [ Please don't top-post, and reply to each paragraph in-line with the
                  original text "quoted" with "> ", as above ].

                  --
                  Viktor.

                  Disclaimer: off-list followups get on-list replies or get ignored.
                  Please do not ignore the "Reply-To" header.

                  To unsubscribe from the postfix-users list, visit
                  http://www.postfix.org/lists.html or click the link below:
                  <mailto:majordomo@...?body=unsubscribe%20postfix-users>

                  If my response solves your problem, the best way to thank me is to not
                  send an "it worked, thanks" follow-up. If you must respond, please put
                  "It worked, thanks" in the "Subject" so I can delete these quickly.
                • Dennis Putnam
                  Hi Viktor, My bad, I was referring to this line in the documentation when I used $name: $user The recipient s username. In any case I think the light is
                  Message 8 of 11 , Nov 25, 2009
                  • 0 Attachment
                    Hi Viktor,

                    My bad, I was referring to this line in the documentation when I used $name:

                    $user
                    The recipient's username.

                    In any case I think the light is starting to glow, albeit dimly.

                    The examples in the documentation are not very helpful. Is there someplace I can look for better ones?

                    When I say on different servers, perhaps I need to better explain the environment we plan. User home directories are on a SAN while the mail server is not. The home directories are served out by a pair of SAN file servers and users are distributed between them for some semblance of load balancing. While ultimately all the home directories are on the same SAN LUN, the logical path to them will be on different servers.

                    If I understand this correctly, I can set the forward_path to a directory on the mail server (not sure what the syntax would look like based on the examples). The hierarchy of that directory is not clear but one way or another each user has a unique .forward file of some form. In order to maintain it I can create scripts that access those files via 'ssh' or 'scp' or some such mechanism.

                    How far off am I?

                    On Nov 25, 2009, at 12:12 PM, Victor Duchovni wrote:

                    > On Wed, Nov 25, 2009 at 11:56:41AM -0500, Dennis Putnam wrote:
                    >
                    >> Thanks, that clears up a few things. It appears that this applies to
                    >> individual users via the $name parameter.
                    >
                    > There is no "$name" parameter. That is a generic place-holder for any of
                    > the parameters above it, to explain that you can use ${extension?foo}
                    > or ${extension:bar} (for example) to handle the case when there is
                    > (or is not) an address extension.
                    >
                    >> It is not clear how to handle
                    >> many users (surely I can't list everyone) which may be on different
                    >> servers. Is there a wild card format and/or a default?
                    >
                    > What do you mean "on different servers"? The forward_path specifies
                    > a local file on the Postfix server's filesystem which contains
                    > the ".forward" content for each user. Various ${parameters}, as part
                    > of this setting, make the path user-dependent.
                    >
                    >> Can the path be set to a mounted filesystem that contains the user
                    >> home directories? If no mount, how does the user create/maintain the
                    >> .forward file in that alternate location?
                    >
                    > If you want users to edit their own .forward files with "vi", "emacs",
                    > "ed", ... Give them home directories on the mail server, use NFS if
                    > that's sufficiently reliable, and the security risk is acceptable.
                    >
                    > [ Please don't top-post, and reply to each paragraph in-line with the
                    > original text "quoted" with "> ", as above ].
                    >
                    > --
                    > Viktor.
                    >
                    > Disclaimer: off-list followups get on-list replies or get ignored.
                    > Please do not ignore the "Reply-To" header.
                    >
                    > To unsubscribe from the postfix-users list, visit
                    > http://www.postfix.org/lists.html or click the link below:
                    > <mailto:majordomo@...?body=unsubscribe%20postfix-users>
                    >
                    > If my response solves your problem, the best way to thank me is to not
                    > send an "it worked, thanks" follow-up. If you must respond, please put
                    > "It worked, thanks" in the "Subject" so I can delete these quickly.
                    >



                    Dennis Putnam
                    Sr. IT Systems Administrator
                    AIM Systems, Inc.
                    11675 Rainwater Dr., Suite 200
                    Alpharetta, GA 30009
                    Phone: 678-240-4112
                    Main Phone: 678-297-0700
                    FAX: 678-297-2666 or 770-576-1000
                    The information contained in this e-mail and any attachments is strictly confidential. If you are not the intended recipient, any use, dissemination, distribution, or duplication of any part of this e-mail or any attachment is prohibited. If you are not the intended recipient, please notify the sender by return e-mail and delete all copies, including the attachments.
                  • Victor Duchovni
                    ... No, not a directory a file, and not a file, but a set of files, one for each user. ... The construction of the .forward path is entirely up to you. You
                    Message 9 of 11 , Nov 25, 2009
                    • 0 Attachment
                      On Wed, Nov 25, 2009 at 12:41:37PM -0500, Dennis Putnam wrote:

                      > If I understand this correctly, I can set the forward_path to a directory

                      No, not a directory a file, and not "a" file, but a set of files, one
                      for each user.

                      > The hierarchy of that directory is not clear

                      The construction of the .forward path is entirely up to you.

                      You can list multiple patterns, the first one found to exist will be used.
                      This allows extension-specific .forward files to be used when available.

                      --
                      Viktor.

                      Disclaimer: off-list followups get on-list replies or get ignored.
                      Please do not ignore the "Reply-To" header.

                      To unsubscribe from the postfix-users list, visit
                      http://www.postfix.org/lists.html or click the link below:
                      <mailto:majordomo@...?body=unsubscribe%20postfix-users>

                      If my response solves your problem, the best way to thank me is to not
                      send an "it worked, thanks" follow-up. If you must respond, please put
                      "It worked, thanks" in the "Subject" so I can delete these quickly.
                    • Wietse Venema
                      ... For example I remember from historic times something like: forward_path = /var/forward/$user With address extensions turned on, it would look like:
                      Message 10 of 11 , Nov 25, 2009
                      • 0 Attachment
                        Victor Duchovni:
                        > On Wed, Nov 25, 2009 at 12:41:37PM -0500, Dennis Putnam wrote:
                        >
                        > > If I understand this correctly, I can set the forward_path to a directory
                        >
                        > No, not a directory a file, and not "a" file, but a set of files, one
                        > for each user.

                        For example I remember from historic times something like:

                        forward_path = /var/forward/$user

                        With address extensions turned on, it would look like:

                        forward_path = /var/forward/${user}${recipient_delimiter}${extension},
                        /var/forward/${user}

                        But, the latter is untested.

                        Wietse
                      • Peter Koinange
                        I belive the best way to way to to this is to use sieve k
                        Message 11 of 11 , Nov 25, 2009
                        • 0 Attachment
                          I belive the best way to way to to this is to use sieve

                          k
                          ----- "Dennis Putnam" <Dennis.Putnam@...> wrote:

                          > I'm not sure if this is the right forum for this question but I don't
                          > know where else to start.
                          >
                          > I am running Postfix/Cyrus on the same server that contains user home
                          > directories. The forwarding mechanism (.forward) is, of course,
                          > working and I understand it. What I don't understand is how this
                          > mechanism works, or even if it does, when a user's home directory is
                          > on a different server than Postfix/Cyrus. In other words when
                          > Postfix/Cyrus does not have access to the user's home directory. Or is
                          > there some other delivery mechanism involved that I am missing?
                          > Thanks.
                          >
                          > Can someone explain if this can work and if, so how. If not, what do
                          > users do in that case?
                          >
                          > Thanks.
                          >
                          > Dennis Putnam
                          > Sr. IT Systems Administrator
                          > AIM Systems, Inc.
                          > 11675 Rainwater Dr., Suite 200
                          > Alpharetta, GA 30009
                          > Phone: 678-240-4112
                          > Main Phone: 678-297-0700
                          > FAX: 678-297-2666 or 770-576-1000
                          > The information contained in this e-mail and any attachments is
                          > strictly confidential. If you are not the intended recipient, any use,
                          > dissemination, distribution, or duplication of any part of this e-mail
                          > or any attachment is prohibited. If you are not the intended
                          > recipient, please notify the sender by return e-mail and delete all
                          > copies, including the attachments.
                        Your message has been successfully submitted and would be delivered to recipients shortly.