Loading ...
Sorry, an error occurred while loading the content.

Re: Postfix on a small home network (without a domain name)

Expand Messages
  • Wietse Venema
    ... The documentation covers a mail system that does not have a real domain name, and that sends all email through a provider, replacing all email addresses
    Message 1 of 17 , Feb 28, 2012
    • 0 Attachment
      John Hudak:
      > Thank you. I did find/read that. In addition to not finding the pulling
      > down email, one of the pieces that was unclear/missing for me is how to map
      > a domain name that is acquired from, for example, DynDns, to a machine on
      > my home network. The mapping is not clear, as well as what should be done
      > with MX headers.

      The documentation covers a mail system that does not have a "real"
      domain name, and that sends all email through a provider, replacing
      all email addresses as they leave the machine, with addresses that
      are valid on the Internet.

      Wietse
    • Jef Driesen
      ... That shouldn t be a problem, because I m using the smtp server of my isp as relayhost. Jef
      Message 2 of 17 , Feb 28, 2012
      • 0 Attachment
        On 02/28/2012 04:37 PM, Janantha Marasinghe wrote:
        > You could use dyndns since your IP would be dynamic. However the issue
        > here is with the setup you are telling most of the mail servers out
        > there will drop you e-mail.

        That shouldn't be a problem, because I'm using the smtp server of my isp as
        relayhost.

        Jef
      • Jef Driesen
        ... Just to clarify, what is most important for me is the inbound smtp service. However I don t need the standard smtp service on port 25 (which is blocked by
        Message 3 of 17 , Feb 28, 2012
        • 0 Attachment
          On 02/28/2012 04:33 PM, Jef Driesen wrote:
          > Hi,
          >
          > I'm trying to setup a mailserver for a small home network. But before going into the problems, let's start with a description of the situation.
          >
          > My network is a typical home network with a cable modem and a dynamic ip. There is no domain name or mx records. All users on the network have existing mailboxes provided by my ISP. Those external mailboxes are downloaded with POP3 (fetchmail) and delivered to a local imap server (dovecot). The main purpose of the local imap server is to have a centralized mail store that can be accessed easily from any machine on my network.
          >
          > With some help from a dyndns account, I can even access my imap server from outside my network. This works great, except that I can't send mails from outside my network. Therefore, I would like to setup an smtp server that simply forwards all mail to my ISP.
          >
          > The first and main obstacle I encounter is the fact that I don't have a real domain name. I know I can configure some fantasy name:
          >
          > myhostname = barracuda.home.lan
          > mydomain = home.lan
          > myorigin = $mydomain
          > mynetworks = 127.0.0.0/8 192.168.0.0/24
          > mydestination = $myhostname localhost.$mydomain localhost $mydomain
          > relayhost = [smtp.isp.tld]
          >
          > But I wonder if it's possible to setup postfix without a domain name at all. For all other purposes (ssh, etc), I'm just using the non-fqdn hostnames (e.g. user@machine), and that works perfectly.
          >
          > According to the docs, I'll also need the smtp_generic_maps setting to map fantasy names to real addresses. But in my case, users should use the real adddress directly. Any outgoing mail with a fantasy name may simply be blocked. To my users, it should appear as if the local smtp server isn't even there. Is this possible, and how can I achieve this?
          >
          > All the other settings like SSL and SASL I can easily figure out, but this domain name stuff is causing me lots of trouble.
          >
          > Jef

          Just to clarify, what is most important for me is the inbound smtp service.
          However I don't need the standard smtp service on port 25 (which is blocked by
          the isp anyway). Receiving incoming mail is already covered with the isp
          mailboxes, and I don't intend to change that. What I'm after is more like a
          submission service.

          My isp doesn't provide a submission service and when not on their network the
          regular smtp server can't be used for outgoing mail (for good reasons of
          course). Thus when I'm traveling for example, I can read mails on my imap
          server, but I can't send mails because there is no usable smtp server. Running
          my own submission service would solve that.

          For outgoing email I can easily use the ISP smtp server directly from the client
          machines. But if I have a local postfix server, I can equally well use it for
          all outgoing mail of course.

          Jef
        • Jef Driesen
          ... I think you are referring to this document: http://www.postfix.org/SOHO_README.html#fantasy This is the smtp_generic_maps that I mentioned. But I think I m
          Message 4 of 17 , Feb 28, 2012
          • 0 Attachment
            On 02/28/2012 04:57 PM, Robert Schetterer wrote:
            > Am 28.02.2012 16:33, schrieb Jef Driesen:
            >>
            >> Hi,
            >>
            >> I'm trying to setup a mailserver for a small home network. But before going into the problems, let's start with a description of the situation.
            >>
            >> My network is a typical home network with a cable modem and a dynamic ip. There is no domain name or mx records. All users on the network have existing mailboxes provided by my ISP. Those external mailboxes are downloaded with POP3 (fetchmail) and delivered to a local imap server (dovecot). The main purpose of the local imap server is to have a centralized mail store that can be accessed easily from any machine on my network.
            >>
            >> With some help from a dyndns account, I can even access my imap server from outside my network. This works great, except that I can't send mails from outside my network. Therefore, I would like to setup an smtp server that simply forwards all mail to my ISP.
            >>
            >> The first and main obstacle I encounter is the fact that I don't have a real domain name. I know I can configure some fantasy name:
            >>
            >> myhostname = barracuda.home.lan
            >> mydomain = home.lan
            >> myorigin = $mydomain
            >> mynetworks = 127.0.0.0/8 192.168.0.0/24
            >> mydestination = $myhostname localhost.$mydomain localhost $mydomain
            >> relayhost = [smtp.isp.tld]
            >>
            >> But I wonder if it's possible to setup postfix without a domain name at all. For all other purposes (ssh, etc), I'm just using the non-fqdn hostnames (e.g. user@machine), and that works perfectly.
            >>
            >> According to the docs, I'll also need the smtp_generic_maps setting to map fantasy names to real addresses. But in my case, users should use the real adddress directly. Any outgoing mail with a fantasy name may simply be blocked. To my users, it should appear as if the local smtp server isn't even there. Is this possible, and how can I achieve this?
            >>
            >> All the other settings like SSL and SASL I can easily figure out, but this domain name stuff is causing me lots of trouble.
            >
            > thats not a question of domain/hostnaame etc
            >
            > you need the right mapping tables
            > i think i did it with virtual and sender_canonical_maps
            >
            > but i lost exact how to, its too long passed last i did it

            I think you are referring to this document:

            http://www.postfix.org/SOHO_README.html#fantasy

            This is the smtp_generic_maps that I mentioned. But I think I'm not really
            looking for mappings. If I can send mail locally using the user@... fantasy
            domain that's fine, but I expect my users to use their isp email address (e.g.
            username@...). Exactly like they are doing now. In that case no mapping is
            necessary.

            And if someone tries to send a mail using the fantasy domain name to the outside
            (e.g. through the isp relayhost), I want to have it refused by my local postfix
            server rather than having some mapping to a real address.

            Jef
          • Stan Hoeppner
            ... Worth reading: http://www.hardwarefreak.com/postfix-adsl-relay-config.txt That covers the Postfix outbound setup so your mail isn t blocked by everyone due
            Message 5 of 17 , Feb 28, 2012
            • 0 Attachment
              On 2/28/2012 11:08 AM, John Hudak wrote:
              > I can sympathise as I looked into doing this first with sendmail and more
              > recently with postfix. Unfortunately after spending lots of time reading,
              > I could not put the pieces together the right way to run a home server. My
              > circumstances were similar to yours - multiple machines on a 198.162.x.x
              > network, trying DynDns, etc. Some things I did along the way that helped:
              > Installed DD-wrt on my wireless router that gave me better control over
              > network operation, such as assigning static addresses to all my machines,
              > allowed automatic updates of my DynDns IP address, etc.
              >
              > My most pressing need was to have outbound service, the capability to send
              > updates from some of my servers to my gmail and work accounts, as well as
              > send received faxes from my fax server. I found a nice program called
              > Simple SMTP (ssmtp) that did exactly what I wanted and took all of 10 min
              > to install, configure, and test. It may be of some value to you.
              >
              > While I would dearly love the inbound mail service capability (very helpful
              > for me to use my email to fax gateway), the outbound only service suffices
              > for the time being.
              >
              > I looked high and low for some sort of help/how-to and did not find one.
              > If you succeed, I'd be very interested in how you set up postfix.

              Worth reading:
              http://www.hardwarefreak.com/postfix-adsl-relay-config.txt
              That covers the Postfix outbound setup so your mail isn't blocked by
              everyone due to dynamic IP status. This relays mail through your ISP,
              just as you would with Thunderbird, Outlook, etc.

              The inbound setup simply requires something like TZO dynamic DNS
              service, which I used for many years and it worked flawlessly. Any
              dyndns service that allows using a real domain.tld will work. Make sure
              your consumer router is doing dynamic IP updates to the dyndns provider.
              Create an MX record with the FQDN of your mail host. Since dyndns
              services provide wildard resolution, you do not create an A record for
              the MX host, just the MX record. Make sure your router is port
              forwarding TCP 25 from the WAN interface to the RFC1918 address of your
              Postfix server, and that's about it.

              --
              Stan
            • Stan Hoeppner
              ... TZO dynamic DNS service is $60 USD/year. A domain registration for one year can be had for $10 USD or less. $70/365 = $0.19 Is a (nearly) fully functional
              Message 6 of 17 , Feb 28, 2012
              • 0 Attachment
                On 2/28/2012 11:51 AM, John Hudak wrote:
                > Thank you. I did find/read that. In addition to not finding the pulling
                > down email, one of the pieces that was unclear/missing for me is how to map
                > a domain name that is acquired from, for example, DynDns, to a machine on
                > my home network. The mapping is not clear, as well as what should be done
                > with MX headers.
                >
                > For my config, my domain names were obtained from DynDns and my outgoing
                > mail was relayed via gmail.
                >
                > If you have a pointer that explains how to set up something like DynDns and
                > how to accomplish the name mapping in the 'correct' way, it would be
                > appreciated.
                > Sorry, I don't want to hijack the OP thread....apologies..

                TZO dynamic DNS service is $60 USD/year. A domain registration for one
                year can be had for $10 USD or less.

                $70/365 = $0.19

                Is a (nearly) fully functional email server with your own domain worth
                19 cents a day? You're likely spending more than this each day on soda
                or coffee. If you're a cigarette smoker you're spending more than 20
                cents *per cigarette*.

                If your ISP offers a residential static IP address, or a "business
                broadband" connection with static IP, for an extra $5-10/month do that,
                ditch dyndns service, and get static DNS service from your domain
                registrar for very little more $$. Then you have a fully functional
                email server, and you don't have to screw around with the elaborate
                outbound relay setup. You simply send directly. For about the same
                cost per day.

                The last setup is what I currently have for my SOHO Postfix server. I
                used the previous dyndns setup for about 4 years, and was static before
                that.

                --
                Stan
              • John Hudak
                Ahhh, the crux of my cluelessness: Stan Hoeppner wrote: Any dyndns service that allows using a real domain.tld will work. Make sure
                Message 7 of 17 , Feb 28, 2012
                • 0 Attachment
                   Ahhh, the crux of my cluelessness:
                  Stan Hoeppner <stan@...> wrote:
                  "Any dyndns service that allows using a real domain.tld will work.  Make sure
                  your consumer router is doing dynamic IP updates to the dyndns provider.
                   Create an MX record with the FQDN of your mail host.  Since dyndns
                  services provide wildard resolution, you do not create an A record for
                  the MX host, just the MX record. "

                  So, I dont understand...some specifics:  I have a server:
                  machine 1 is named by me: m1.homeunix.org (192.168.1.10)
                  user on machine 1 is: stan, so email to stan is stan@...

                  DynDns (the service) offers managed DNS service and lets you pick from a list of domain names.  I chose  server1.homeunix.org   (I gave my machines names with .homeunix.org..don't know if this was wrong or right???)

                  I want to map the outside name, server1.homeunix.org  (whatever IP address DynDNS assigned to it) to my 'inside name' m1.homeunix.org (my assignment is 192.168.1.10)
                  Someone in the outside world wants to send an email: stan@...) and I want to make sure it is routed to: (effectively, stan@...).
                  What do I put in the MX record?  What do I put in main.cf?

                  Thanks for the pointer to TZO.
                  -John



                  On Tue, Feb 28, 2012 at 6:55 PM, Stan Hoeppner <stan@...> wrote:
                  On 2/28/2012 11:08 AM, John Hudak wrote:
                  > I can sympathise as I looked into doing this first with sendmail and more
                  > recently with postfix.  Unfortunately after spending lots of time reading,
                  > I could not put the pieces together the right way to run a home server.  My
                  > circumstances were similar to yours - multiple machines on a 198.162.x.x
                  > network, trying DynDns, etc.  Some things I did along the way that helped:
                  > Installed DD-wrt on my wireless router that gave me better control over
                  > network operation, such as assigning static addresses to all my machines,
                  > allowed automatic updates of my DynDns IP address, etc.
                  >
                  > My most pressing need was to have outbound service,  the capability to send
                  > updates from some of my servers to my gmail and work accounts, as well as
                  > send received faxes from my fax server. I found a nice program called
                  > Simple SMTP (ssmtp) that did exactly what I wanted and took all of 10 min
                  > to install, configure, and test.  It may be of some value to you.
                  >
                  > While I would dearly love the inbound mail service capability (very helpful
                  > for me to use my email to fax gateway), the outbound only service suffices
                  > for the time being.
                  >
                  > I looked high and low for some sort of help/how-to and did not find one.
                  > If you succeed, I'd be very interested in how you set up postfix.

                  Worth reading:
                  http://www.hardwarefreak.com/postfix-adsl-relay-config.txt
                  That covers the Postfix outbound setup so your mail isn't blocked by
                  everyone due to dynamic IP status.  This relays mail through your ISP,
                  just as you would with Thunderbird, Outlook, etc.

                  The inbound setup simply requires something like TZO dynamic DNS
                  service, which I used for many years and it worked flawlessly.  Any
                  dyndns service that allows using a real domain.tld will work.  Make sure
                  your consumer router is doing dynamic IP updates to the dyndns provider.
                   Create an MX record with the FQDN of your mail host.  Since dyndns
                  services provide wildard resolution, you do not create an A record for
                  the MX host, just the MX record.  Make sure your router is port
                  forwarding TCP 25 from the WAN interface to the RFC1918 address of your
                  Postfix server, and that's about it.

                  --
                  Stan



                • Viktor Dukhovni
                  ... Indeed a submission server as you confirmed in a later message. ... You don t need a domain name , specifically you don t need a domain with MX records,
                  Message 8 of 17 , Feb 28, 2012
                  • 0 Attachment
                    On Tue, Feb 28, 2012 at 04:33:45PM +0100, Jef Driesen wrote:

                    > With some help from a dyndns account, I can even access my imap
                    > server from outside my network. This works great, except that I
                    > can't send mails from outside my network. Therefore, I would like
                    > to setup an smtp server that simply forwards all mail to my ISP.

                    Indeed a submission server as you confirmed in a later message.

                    > The first and main obstacle I encounter is the fact that I don't
                    > have a real domain name. I know I can configure some fantasy name:

                    You don't need a "domain name", specifically you don't need a domain
                    with MX records, ... You clearly need a DNS entry for your server,
                    which you in any case already have for IMAP so you're done.

                    > myhostname = barracuda.home.lan
                    > mydomain = home.lan
                    > myorigin = $mydomain
                    > mynetworks = 127.0.0.0/8 192.168.0.0/24
                    > mydestination = $myhostname localhost.$mydomain localhost $mydomain
                    > relayhost = [smtp.isp.tld]

                    Fine. Your users should never see any addresses in in the "home.lan"
                    domain, they will continue to configure their mail clients to use
                    only the public external addresses even for mail sent locally between
                    them. All you need is a virtual_alias_maps (virtual(5)) table that
                    maps these addresses (envelope recipient only) to the corresponding
                    local mailboxes. No smtp_generic_maps, ... required.

                    virtual:
                    user@... user@localhost
                    ...

                    This way mail from your users needs no rewriting, but mail to your
                    users is delivered locally (if delivery is via local(8), otherwise
                    change the address class of the rewrite domain to virtual mailbox
                    if that's better).

                    > But I wonder if it's possible to setup postfix without a domain
                    > name at all. For all other purposes (ssh, etc), I'm just using the
                    > non-fqdn hostnames (e.g. user@machine), and that works perfectly.

                    You must specify "mydomain" and more importantly "myorigin", but
                    this need not belong to any of the address classes that imply any
                    special handling.

                    You need only worry about "myorigin" to the extent that you mail
                    submitted locally via sendmail(1) to (often from cron(8)) to be
                    delivered somewhere, this too can be accomplished with suitable
                    lookup keys (bare users if you wish) in virtual(5), provided
                    such mail is never sent out.

                    You can use canonical_maps to fix sender addresses in any mail that
                    is sent via sendmail and is destined outside your domain, so for
                    such users you'll have:

                    canonical:
                    bare-user external-address@...

                    virtual:
                    external-address@... bare-user

                    --
                    Viktor.
                  • Stan Hoeppner
                    ... You need to unthink the DynDNS.org way of doing things. And you re probably not really wanting to route mail to individual machines with local mailboxes,
                    Message 9 of 17 , Feb 28, 2012
                    • 0 Attachment
                      On 2/28/2012 9:18 PM, John Hudak wrote:
                      > Ahhh, the crux of my cluelessness:
                      > Stan Hoeppner <stan@...> wrote:
                      > "Any dyndns service that allows using a real domain.tld will work. Make
                      > sure
                      > your consumer router is doing dynamic IP updates to the dyndns provider.
                      > Create an MX record with the FQDN of your mail host. Since dyndns
                      > services provide wildard resolution, you do not create an A record for
                      > the MX host, just the MX record. "
                      >
                      > So, I dont understand...some specifics: I have a server:
                      > machine 1 is named by me: m1.homeunix.org (192.168.1.10)
                      > user on machine 1 is: stan, so email to stan is stan@...

                      You need to "unthink" the DynDNS.org way of doing things.

                      And you're probably not really wanting to route mail to individual
                      machines with local mailboxes, as you state above. Nobody has done that
                      for a decade or so.

                      > DynDns (the service) offers managed DNS service and lets you pick from a
                      > list of domain names. I chose server1.homeunix.org (I gave my machines
                      > names with .homeunix.org..don't know if this was wrong or right???)

                      Again, get DynDNS out of your mind.

                      > I want to map the outside name, server1.homeunix.org (whatever IP address
                      > DynDNS assigned to it) to my 'inside name' m1.homeunix.org (my assignment
                      > is 192.168.1.10)
                      > Someone in the outside world wants to send an email:
                      > stan@...) and I want to make sure it is routed to:
                      > (effectively, stan@...).
                      > What do I put in the MX record? What do I put in main.cf?

                      Using TZO as an example, simply because I'm familiar with it, you'd do
                      the following:

                      1. Sign up for an account
                      2. Configure your broadband router to send dyndns updates to TZO
                      (instructions on their site). If your current router can't do it,
                      $20 buys you one that can.
                      3. Register your domain, e.g. johnhudak.com, at a cheap registrar
                      such as godaddy.com.
                      4. Create an MX record in your TZO control panel: mail.johnhudak.com
                      It will automatically associate the IP address
                      5. Configure your router to port forward WAN TCP 25 to the IP of
                      your Postfix box.
                      6. Configure the Linux hostname as mail in /etc/hostname.
                      7. Configure Postfix with:

                      myhostname = mail.johnhudak.com
                      myorigin = johnhudak.com
                      mydestination = johnhudak.com
                      (all 3 aren't required, read the Postfix docs)

                      Follow the previous instructions I posted for outbound relaying through
                      your ISP submission servers.

                      > Thanks for the pointer to TZO.

                      IIRC, dyndns.org offers similar capability with one of their paid
                      services, but for less money than TZO. However, I've found that users
                      trying to switch from dyndns free service to the pay service, and who
                      have no knowledge/education WRT "normal" DNS and SMTP, etc, have a
                      really hard time migrating, as the free dyndns.org concept of domains
                      clouds their minds. Switching from free dyndns.org to TZO tends to help
                      folks clear the free "dyndns way" and digest other concepts on how
                      things are done.

                      The best solution by far is to get a static IP from your ISP so you can
                      avoid most of the nonsense above. I pay an extra $120/year for the
                      static IP and it's worth every penny, 33 cents/day actually. So to host
                      my own SOHO mail server 'correctly' including my domain registration and
                      DNS service, I'm paying an extra 53 cents/day above and beyond the cost
                      of the standard 10Mb/s DSL package, which is 99 cents/day.

                      --
                      Stan



                      > On Tue, Feb 28, 2012 at 6:55 PM, Stan Hoeppner <stan@...>wrote:
                      >
                      >> On 2/28/2012 11:08 AM, John Hudak wrote:
                      >>> I can sympathise as I looked into doing this first with sendmail and more
                      >>> recently with postfix. Unfortunately after spending lots of time
                      >> reading,
                      >>> I could not put the pieces together the right way to run a home server.
                      >> My
                      >>> circumstances were similar to yours - multiple machines on a 198.162.x.x
                      >>> network, trying DynDns, etc. Some things I did along the way that
                      >> helped:
                      >>> Installed DD-wrt on my wireless router that gave me better control over
                      >>> network operation, such as assigning static addresses to all my machines,
                      >>> allowed automatic updates of my DynDns IP address, etc.
                      >>>
                      >>> My most pressing need was to have outbound service, the capability to
                      >> send
                      >>> updates from some of my servers to my gmail and work accounts, as well as
                      >>> send received faxes from my fax server. I found a nice program called
                      >>> Simple SMTP (ssmtp) that did exactly what I wanted and took all of 10 min
                      >>> to install, configure, and test. It may be of some value to you.
                      >>>
                      >>> While I would dearly love the inbound mail service capability (very
                      >> helpful
                      >>> for me to use my email to fax gateway), the outbound only service
                      >> suffices
                      >>> for the time being.
                      >>>
                      >>> I looked high and low for some sort of help/how-to and did not find one.
                      >>> If you succeed, I'd be very interested in how you set up postfix.
                      >>
                      >> Worth reading:
                      >> http://www.hardwarefreak.com/postfix-adsl-relay-config.txt
                      >> That covers the Postfix outbound setup so your mail isn't blocked by
                      >> everyone due to dynamic IP status. This relays mail through your ISP,
                      >> just as you would with Thunderbird, Outlook, etc.
                      >>
                      >> The inbound setup simply requires something like TZO dynamic DNS
                      >> service, which I used for many years and it worked flawlessly. Any
                      >> dyndns service that allows using a real domain.tld will work. Make sure
                      >> your consumer router is doing dynamic IP updates to the dyndns provider.
                      >> Create an MX record with the FQDN of your mail host. Since dyndns
                      >> services provide wildard resolution, you do not create an A record for
                      >> the MX host, just the MX record. Make sure your router is port
                      >> forwarding TCP 25 from the WAN interface to the RFC1918 address of your
                      >> Postfix server, and that's about it.
                      >>
                      >> --
                      >> Stan
                      >>
                      >>
                      >>
                      >
                    • Jef Driesen
                      ... I should have mentioned that in my original post. ... Thus the only purpose of this virtual table is to make sure that mail for local users is delivered
                      Message 10 of 17 , Feb 29, 2012
                      • 0 Attachment
                        On 02/29/2012 04:38 AM, Viktor Dukhovni wrote:
                        > On Tue, Feb 28, 2012 at 04:33:45PM +0100, Jef Driesen wrote:
                        >
                        >> With some help from a dyndns account, I can even access my imap
                        >> server from outside my network. This works great, except that I
                        >> can't send mails from outside my network. Therefore, I would like
                        >> to setup an smtp server that simply forwards all mail to my ISP.
                        >
                        > Indeed a submission server as you confirmed in a later message.

                        I should have mentioned that in my original post.

                        >> The first and main obstacle I encounter is the fact that I don't
                        >> have a real domain name. I know I can configure some fantasy name:
                        >
                        > You don't need a "domain name", specifically you don't need a domain
                        > with MX records, ... You clearly need a DNS entry for your server,
                        > which you in any case already have for IMAP so you're done.
                        >
                        >> myhostname = barracuda.home.lan
                        >> mydomain = home.lan
                        >> myorigin = $mydomain
                        >> mynetworks = 127.0.0.0/8 192.168.0.0/24
                        >> mydestination = $myhostname localhost.$mydomain localhost $mydomain
                        >> relayhost = [smtp.isp.tld]
                        >
                        > Fine. Your users should never see any addresses in in the "home.lan"
                        > domain, they will continue to configure their mail clients to use
                        > only the public external addresses even for mail sent locally between
                        > them. All you need is a virtual_alias_maps (virtual(5)) table that
                        > maps these addresses (envelope recipient only) to the corresponding
                        > local mailboxes. No smtp_generic_maps, ... required.
                        >
                        > virtual:
                        > user@... user@localhost
                        > ...
                        >
                        > This way mail from your users needs no rewriting, but mail to your
                        > users is delivered locally (if delivery is via local(8), otherwise
                        > change the address class of the rewrite domain to virtual mailbox
                        > if that's better).

                        Thus the only purpose of this virtual table is to make sure that mail for local
                        users is delivered straight to the local mailbox, without having to go through
                        the relayhost and the isp mailbox. So it's basically taking a shortcut, right?
                        Even without this table everything should work fine.

                        >> But I wonder if it's possible to setup postfix without a domain
                        >> name at all. For all other purposes (ssh, etc), I'm just using the
                        >> non-fqdn hostnames (e.g. user@machine), and that works perfectly.
                        >
                        > You must specify "mydomain" and more importantly "myorigin", but
                        > this need not belong to any of the address classes that imply any
                        > special handling.
                        >
                        > You need only worry about "myorigin" to the extent that you mail
                        > submitted locally via sendmail(1) to (often from cron(8)) to be
                        > delivered somewhere, this too can be accomplished with suitable
                        > lookup keys (bare users if you wish) in virtual(5), provided
                        > such mail is never sent out.

                        With my settings listed above, or even by just setting "myorigin=localhost",
                        such mail should already be handled fine, isn't it?

                        > You can use canonical_maps to fix sender addresses in any mail that
                        > is sent via sendmail and is destined outside your domain, so for
                        > such users you'll have:
                        >
                        > canonical:
                        > bare-user external-address@...
                        >
                        > virtual:
                        > external-address@... bare-user

                        Is it possible to just refuse to relay outgoing mail with a bogus sender
                        address, rather than trying to map it to a valid address?

                        The reason why I'm asking is very simple. If possible, I want to avoid having to
                        maintain the canonical and virtual maps. Right now my users only need a valid
                        account (e.g. username and password) on my mailserver. That's all that is
                        required to access their mailbox over imap, and deliver mail retrieved from the
                        isp mailboxes with fetchmail. Their real email address is entirely their own
                        responsability. They can easily change it, use more than one, etc without having
                        to adjust any server configuration file at all.

                        Jef
                      Your message has been successfully submitted and would be delivered to recipients shortly.