Loading ...
Sorry, an error occurred while loading the content.

Re: Aliases on local submissions only

Expand Messages
  • Lorens Kockum
    ... Wouldn t the easiest way be to configure the box with a specific local domain? If its local domain is antivirus.example.com , then it won t do alias
    Message 1 of 7 , Jan 2, 2012
    • 0 Attachment
      On Sun, Jan 01, 2012 at 06:00:46PM -0700, Philip Prindeville wrote:
      > I have a 'border' postfix MTA that doesn't host any mailboxes, indeed it doesn't even know what the valid usernames are for the domain.
      >
      > It merely serves to check messages for viruses, and block DoS attacks.
      >
      > As such, I need it to perform aliasing *only* on messages generated locally by system services, such as 'cron'.

      Wouldn't the easiest way be to configure the box with a specific
      local domain? If its local domain is "antivirus.example.com",
      then it won't do alias expansion for anything else. Should the
      box have your main domain as a local domain it it doesn't even
      know the valid usernames for the domain?

      HTH
    • Philip Prindeville
      ... Creating extra domains would involve a lot of paperwork and retooling. Plus it seems like it would be fixing the symptoms but not the cause.
      Message 2 of 7 , Jan 3, 2012
      • 0 Attachment
        On 1/3/12 12:36 AM, Lorens Kockum wrote:
        > On Sun, Jan 01, 2012 at 06:00:46PM -0700, Philip Prindeville wrote:
        >> I have a 'border' postfix MTA that doesn't host any mailboxes, indeed it doesn't even know what the valid usernames are for the domain.
        >>
        >> It merely serves to check messages for viruses, and block DoS attacks.
        >>
        >> As such, I need it to perform aliasing *only* on messages generated locally by system services, such as 'cron'.
        > Wouldn't the easiest way be to configure the box with a specific
        > local domain? If its local domain is "antivirus.example.com",
        > then it won't do alias expansion for anything else. Should the
        > box have your main domain as a local domain it it doesn't even
        > know the valid usernames for the domain?
        >
        > HTH

        Creating extra domains would involve a lot of paperwork and retooling.

        Plus it seems like it would be fixing the symptoms but not the cause.
      • Jeroen Geilman
        ... God no, why would you do that ? man postconf, postconf -e option = value ... If both behave as documented, that would give you the desired result, yes.
        Message 3 of 7 , Jan 3, 2012
        • 0 Attachment
          On 2012-01-03 04:33, Philip Prindeville wrote:
          > On 1/2/12 7:08 AM, Jeroen Geilman wrote:
          >> On 01/02/2012 02:00 AM, Philip Prindeville wrote:
          >>> I have a 'border' postfix MTA that doesn't host any mailboxes, indeed it doesn't even know what the valid usernames are for the domain.
          >>>
          >>> It merely serves to check messages for viruses, and block DoS attacks.
          >>>
          >>> As such, I need it to perform aliasing *only* on messages generated locally by system services, such as 'cron'.
          >>>
          >>> How do I configure that? I.e. that if a message is submitted locally by a service such as 'cron' or 'logwatch', it should be aliased to an internal mailbox name on an Intranet server...
          >>>
          >>> Thanks,
          >>>
          >>> -Philip
          >> There are several approaches.
          >>
          >> Local processes use sendmail(1) to submit mail.
          >> This is partly outside the normal flow of SMTP mail, as diagrammed here:
          >> http://www.postfix.org/OVERVIEW.html#receiving
          >>
          >> The pickup(8) service allows you to specify a content_filter, which you
          >> could use to inject this mail into a separate smtpd(8) listener with
          >> different restrictions than the main port 25 listener, one of those
          >> being to allow aliasing to external recipients.
          >>
          >> You could also set receive_override_options on the pickup(8) service
          >> directly, and disable them on the normal smtpd(8) listener.
          >>
          >> http://www.postfix.org/pickup.8.html
          >> http://www.postfix.org/postconf.5.html#content_filter
          >> http://www.postfix.org/FILTER_README.html
          >> http://www.postfix.org/postconf.5.html#receive_override_options
          >>
          > So I can have:
          >
          > echo "receive_override_options = no_address_mappings">> /etc/postfix/main.cf

          God no, why would you do that ?

          man postconf, postconf -e "option = value"

          >
          > but then in master.cf have:
          >
          > pickup ...
          > -o receive_override_options=
          >
          > is that correct?

          If both behave as documented, that would give you the desired result, yes.


          --
          J.
        Your message has been successfully submitted and would be delivered to recipients shortly.