Loading ...
Sorry, an error occurred while loading the content.

Re: Virtual mailboxes only

Expand Messages
  • Karol Babioch
    Hi, ... thanks for your reply. However I m not quite sure whether I ve understood your advice in the right way. What value would $myhostname have in the above
    Message 1 of 19 , Mar 2, 2012
    • 0 Attachment
      Hi,

      Am 02.03.2012 10:26, schrieb Ansgar Wiechers:
      > True, and the recommended way of handling things. However, the "main"
      > domain of the server can be the server itself, and you can restrict the
      > valid local mailboxes via $local_recipient_maps:
      >
      > ----8<----
      > mydestination = $myhostname
      > local_recipient_maps = $alias_maps
      > ---->8----

      thanks for your reply. However I'm not quite sure whether I've
      understood your advice in the right way. What value would $myhostname
      have in the above example? Because when I set $myhostname to
      "example.com" (in order to have the server consistently reporting itself
      as "example.com"), I then would have mentioned "example.com" both in the
      $mydestination parameter as well as a virtual domain.

      Am I missing here something?

      Best regards,
      Karol Babioch
    • Charles Marcus
      ... example.com is a FQDN, not a hostname. ... name it mail.example.com, or smtp.example.com, or something like that. Then local mail is the form
      Message 2 of 19 , Mar 2, 2012
      • 0 Attachment
        On 2012-03-02 12:46 PM, Karol Babioch <karol@...> wrote:
        > thanks for your reply. However I'm not quite sure whether I've
        > understood your advice in the right way. What value would $myhostname
        > have in the above example? Because when I set $myhostname to
        > "example.com"

        example.com is a FQDN, not a hostname.

        > (in order to have the server consistently reporting itself
        > as "example.com"),

        name it mail.example.com, or smtp.example.com, or something like that.
        Then local mail is the form user@..., instead of
        user@....

        --

        Best regards,

        Charles
      • Karol Babioch
        Hi, ... That s exactly what I m trying to prevent, because the PTR record for this IP points to example.com . I m guessing I m getting into trouble when there
        Message 3 of 19 , Mar 2, 2012
        • 0 Attachment
          Hi,

          Am 02.03.2012 18:51, schrieb Charles Marcus:
          > name it mail.example.com, or smtp.example.com, or something like that.
          > Then local mail is the form user@..., instead of
          > user@....

          That's exactly what I'm trying to prevent, because the PTR record for
          this IP points to "example.com". I'm guessing I'm getting into trouble
          when there is a mismatch, because its standard procedure when trying to
          block spam.

          Best regards,
          Karol Babioch
        • Charles Marcus
          ... You are mistaken. -- Best regards, Charles
          Message 4 of 19 , Mar 2, 2012
          • 0 Attachment
            On 2012-03-02 12:53 PM, Karol Babioch <karol@...> wrote:
            > That's exactly what I'm trying to prevent, because the PTR record for
            > this IP points to "example.com". I'm guessing I'm getting into trouble
            > when there is a mismatch, because its standard procedure when trying to
            > block spam.

            You are mistaken.

            --

            Best regards,

            Charles
          • Karol Babioch
            Hi, ... Could you elaborate on that please? Its definitely a common way of dealing with spam to check whether the PTR record points to the domain, which the
            Message 5 of 19 , Mar 2, 2012
            • 0 Attachment
              Hi,

              Am 02.03.2012 19:02, schrieb Charles Marcus:
              > You are mistaken.

              Could you elaborate on that please? Its definitely a common way of
              dealing with spam to check whether the PTR record points to the domain,
              which the mailserver claims to work for.

              When my PTR record points to "example.com", but my mailserver claims to
              be "mail.example.com", then I would expect to get some negative rating
              and/or blocking. What's wrong about my conception?

              Best regards,
              Karol Babioch
            • Charles Marcus
              ... Look at the pointers for my domain (media-brokers.com)... then look at the server that originated this email message. We use an outsourced antispam service
              Message 6 of 19 , Mar 2, 2012
              • 0 Attachment
                On 2012-03-02 3:56 PM, Karol Babioch <karol@...> wrote:
                > Am 02.03.2012 19:02, schrieb Charles Marcus:
                >> You are mistaken.

                > Could you elaborate on that please? Its definitely a common way of
                > dealing with spam to check whether the PTR record points to the domain,
                > which the mailserver claims to work for.
                >
                > When my PTR record points to "example.com", but my mailserver claims to
                > be "mail.example.com", then I would expect to get some negative rating
                > and/or blocking. What's wrong about my conception?

                Look at the pointers for my domain (media-brokers.com)... then look at
                the server that originated this email message.

                We use an outsourced antispam service (currently emailfilteirng.com, but
                soon to switch)...

                We do also happen to use them for outbound relay too, but even if we
                didn't, as long as the hostname for our server waqs resolvable,
                everything is still fine...

                All that matters is that whatever you have your mx records pointed to is
                authoritative for mail for your domain, and that your hostname resolves
                to a valid IP address...

                What is your concern?

                --

                Best regards,

                Charles
              • Karol Babioch
                Hi, ... to get flagged as spam without no other reason ;)? Best regards, Karol Babioch
                Message 7 of 19 , Mar 2, 2012
                • 0 Attachment
                  Hi,

                  Am 02.03.2012 22:02, schrieb Charles Marcus:
                  > What is your concern?

                  to get flagged as spam without no other reason ;)?

                  Best regards,
                  Karol Babioch
                • Noel Jones
                  ... Any anti-spam system that flags mail only because the sending hostname doesn t match the email sender domain name is *badly* broken. -- Noel Jones
                  Message 8 of 19 , Mar 2, 2012
                  • 0 Attachment
                    On 3/2/2012 3:08 PM, Karol Babioch wrote:
                    > Hi,
                    >
                    > Am 02.03.2012 22:02, schrieb Charles Marcus:
                    >> What is your concern?
                    >
                    > to get flagged as spam without no other reason ;)?
                    >
                    > Best regards,
                    > Karol Babioch
                    >

                    Any anti-spam system that flags mail only because the sending
                    hostname doesn't match the email sender domain name is *badly* broken.



                    -- Noel Jones
                  • Charles Marcus
                    ... Translation: you are worrying about a non-issue... -- Best regards, Charles
                    Message 9 of 19 , Mar 2, 2012
                    • 0 Attachment
                      On 2012-03-02 4:19 PM, Noel Jones <njones@...> wrote:
                      > On 3/2/2012 3:08 PM, Karol Babioch wrote:
                      >> Am 02.03.2012 22:02, schrieb Charles Marcus:
                      >>> What is your concern?
                      >>
                      >> to get flagged as spam without no other reason ;)?

                      > Any anti-spam system that flags mail only because the sending
                      > hostname doesn't match the email sender domain name is *badly* broken.

                      Translation: you are worrying about a non-issue...

                      --

                      Best regards,

                      Charles
                    • Reindl Harald
                      ... to make it clear: this is even not possible in the real world having a server with 500 domains how could the hostname match all this domains? theonly thing
                      Message 10 of 19 , Mar 2, 2012
                      • 0 Attachment
                        Am 02.03.2012 22:19, schrieb Noel Jones:
                        > On 3/2/2012 3:08 PM, Karol Babioch wrote:
                        >> Hi,
                        >>
                        >> Am 02.03.2012 22:02, schrieb Charles Marcus:
                        >>> What is your concern?
                        >>
                        >> to get flagged as spam without no other reason ;)?
                        >>
                        >> Best regards,
                        >> Karol Babioch
                        >>
                        >
                        > Any anti-spam system that flags mail only because the sending
                        > hostname doesn't match the email sender domain name is *badly* broken.

                        to make it clear:

                        this is even not possible in the real world

                        having a server with 500 domains
                        how could the hostname match all this domains?

                        theonly thing what is stronlgy recommended to match
                        is A-Record and PTR of the machine
                      • Karol Babioch
                        Hi, ... Ok, maybe I ve mixed something up here :). Thanks for your replies. I ve got it running now. However I ve now got the problem that my alias_maps
                        Message 11 of 19 , Mar 2, 2012
                        • 0 Attachment
                          Hi,

                          Am 02.03.2012 22:33, schrieb Reindl Harald:
                          > theonly thing what is stronlgy recommended to match
                          > is A-Record and PTR of the machine

                          Ok, maybe I've mixed something up here :). Thanks for your replies.

                          I've got it running now. However I've now got the problem that my
                          alias_maps doesn't get respected. My /etc/aliases looks something like this:

                          ==
                          postmaster: root
                          abuse: root
                          root: me@...
                          ==

                          My main.cf contains the following:

                          ==
                          local_recipient_maps = $alias_maps
                          ==

                          But sending a mail to postmaster@... fails with an unknown user
                          error. I can of course define such aliases within my
                          virtual_domains_maps, but somehow I would like to have some common
                          aliases automatically attached to each domain. Is this possible?

                          Best regards,
                          Karol Babioch
                        • Wietse Venema
                          ... It s respected only when Postfix is configured to look there. Report the output of: $ postconf mydestination Postfix will not look in alias_maps when the
                          Message 12 of 19 , Mar 2, 2012
                          • 0 Attachment
                            Karol Babioch:
                            > Hi,
                            >
                            > Am 02.03.2012 22:33, schrieb Reindl Harald:
                            > > theonly thing what is stronlgy recommended to match
                            > > is A-Record and PTR of the machine
                            >
                            > Ok, maybe I've mixed something up here :). Thanks for your replies.
                            >
                            > I've got it running now. However I've now got the problem that my
                            > alias_maps doesn't get respected. My /etc/aliases looks something like this:

                            It's respected only when Postfix is configured to look there.

                            Report the output of:

                            $ postconf mydestination

                            Postfix will not look in alias_maps when the domain is not listed
                            in mydestination.

                            $ postconf alias_maps

                            Postfix will not look in /etc/aliases when that pathname is not
                            listed in alias_maps.

                            $ postmap -q postmaster hash:/etc/aliases

                            (instead of "hash", use the file type as shown in "postconf alias_maps"
                            output).

                            Wietse
                          • Karol Babioch
                            Hi, ... So, when I understand this right, it is not possible to define common aliases for all virtual domains? Because virtual domains won t be listed within
                            Message 13 of 19 , Mar 2, 2012
                            • 0 Attachment
                              Hi,

                              Am 02.03.2012 23:32, schrieb Wietse Venema:
                              > Postfix will not look in alias_maps when the domain is not listed
                              > in mydestination.

                              So, when I understand this right, it is not possible to define common
                              aliases for all virtual domains? Because virtual domains won't be listed
                              within $mydestination?

                              Best regards,
                              Karol Babioch
                            • /dev/rob0
                              ... This feature is not advertised in the Postfix documentation, therefore it is not available. On the contrary, a point of virtual domains vs. local is this
                              Message 14 of 19 , Mar 2, 2012
                              • 0 Attachment
                                On Fri, Mar 02, 2012 at 11:48:09PM +0100, Karol Babioch wrote:
                                > Am 02.03.2012 23:32, schrieb Wietse Venema:
                                > > Postfix will not look in alias_maps when the domain is not
                                > > listed in mydestination.
                                >
                                > So, when I understand this right, it is not possible to
                                > define common aliases for all virtual domains? Because
                                > virtual domains won't be listed within $mydestination?

                                This feature is not advertised in the Postfix documentation,
                                therefore it is not available. On the contrary, a point of virtual
                                domains vs. local is this namespace separation.

                                Generally a solution is to list postmaster@... and
                                abuse@... in virtual_alias_maps pointing to your (the
                                postmaster's) address.

                                Lazy solutions are available to users of SQL map types:


                                main.cf :

                                [ ... ]
                                virtual_alias_maps = [ ... ]
                                sqlite:/etc/postfix/query/map-postmaster.query
                                virtual_mailbox_domains =
                                sqlite:/etc/postfix/query/dom-vmbox.query
                                [ ... ]

                                query/dom-vmbox.query :

                                dbpath = /path/to/your/database
                                query = SELECT name FROM Domain WHERE CLASS>800 AND name='%s'

                                query/map-postmaster.query :

                                dbpath = /path/to/your/database
                                query = SELECT name FROM Domain WHERE CLASS>800 AND name='%d'
                                AND ('abuse'='%u' OR 'postmaster'='%u')
                                result_format = you+%U_%D@...

                                So if
                                postmap -q example.net sqlite:/etc/postfix/query/dom-vmbox.query
                                returns "example.net", then:
                                postmap -q abuse@... sqlite:/etc/postfix/query/map-postmaster.query
                                will return "you+abuse_example.net@...".

                                The gist of this being that you do the same test as for your virtual
                                domain list, test two hardcoded localparts, and return a hardcoded
                                result which goes to your mailbox.

                                Note: I don't use this; I manually create postmaster and abuse
                                aliases. It's untested. Test it before you commit. :)
                                --
                                http://rob0.nodns4.us/ -- system administration and consulting
                                Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
                              • Wietse Venema
                                ... Only the local address class (defined by the list of domain names in mydestination) has a shared user name space, and that is only because of
                                Message 15 of 19 , Mar 2, 2012
                                • 0 Attachment
                                  Karol Babioch:
                                  > Hi,
                                  >
                                  > Am 02.03.2012 23:32, schrieb Wietse Venema:
                                  > > Postfix will not look in alias_maps when the domain is not listed
                                  > > in mydestination.
                                  >
                                  > So, when I understand this right, it is not possible to define common
                                  > aliases for all virtual domains? Because virtual domains won't be listed
                                  > within $mydestination?

                                  Only the local address class (defined by the list of domain names
                                  in mydestination) has a shared "user" name space, and that is only
                                  because of compatibility with historical UNIX mail implementations.

                                  There is nothing mysterical about Postfix; all this is documented.

                                  Wietse
                                • Nikolaos Milas
                                  ... You may also want to read this thread: http://tech.groups.yahoo.com/group/postfix-users/message/267828 Regards, Nick
                                  Message 16 of 19 , Mar 3, 2012
                                  • 0 Attachment
                                    On 3/3/2012 12:48 πμ, Karol Babioch wrote:

                                    > So, when I understand this right, it is not possible to define common
                                    > aliases for all virtual domains?

                                    You may also want to read this thread:
                                    http://tech.groups.yahoo.com/group/postfix-users/message/267828

                                    Regards,
                                    Nick
                                  • mouss
                                    ... no. you can use virtual mailbox domains for whatever domain you like. there s no concept of additional domains.
                                    Message 17 of 19 , Mar 4, 2012
                                    • 0 Attachment
                                      Le 02/03/2012 04:24, Karol Babioch a écrit :
                                      > Hi,
                                      >
                                      > I'm pretty sure that this was asked for already, but I couldn't
                                      > find anything useful with the keywords I was using. I've tried to
                                      > play with some configurations, but couldn't find a reliable
                                      > solution so far.
                                      >
                                      > I will explain what I'm trying to do with two example domains:
                                      >
                                      > I've got a server, which can be found at the domain "example.com"
                                      > (including a PTR record for reverse DNS lookups).
                                      >
                                      > Now I want to run a mailserver for "example.com", but I don't want
                                      > to create local users, but instead use virtual mailboxing.
                                      >
                                      > Furthermore I've got the domain "example.net" which I want to be a
                                      > mail host for - once again using virtual mailboxing.
                                      >
                                      > Emails to "info@..." should be stored (using dovecot) in
                                      > "/var/spool/mail/example.com/info". The emails for the
                                      > "example.net" domain should be treated the same way (e.g.
                                      > "/var/spool/mail/example.net/info").
                                      >
                                      > Now what would be the best way to deal with these kind of problem?
                                      > From my understanding the documentation seems to assume that
                                      > virtual mailboxing is only used for "additional" domains, but not
                                      > for the "main" one.

                                      no. you can use virtual mailbox domains for whatever domain you like.
                                      there's no concept of "additional" domains.

                                      http://www.postfix.org/STANDARD_CONFIGURATION_README.html#firewall
                                      shows an example with relay_domains. you can do the same with
                                      virtual_mailbox_domains. or you can do


                                      mydestination = localhost
                                      virtual_mailbox_domains = ...

                                      and use localhost (via virtual_alias_maps) when you need to execute
                                      scripts or use the "include" feature (because virtual does not allow
                                      you to do that).

                                      >
                                      > So my question, I guess, comes down to this: What would be the best
                                      > way to have a single "main" domain virtual mailboxed, so that I
                                      > don't have to create system users for each account? Is this even
                                      > possible in a clean way?
                                      >
                                      > Best regards, Karol Babioch
                                      >
                                    Your message has been successfully submitted and would be delivered to recipients shortly.