Loading ...
Sorry, an error occurred while loading the content.
 

virtual mailboxes BUT NOT virtual domain

Expand Messages
  • Michael Hellwig
    I ve been butting my head against this one for quite some time now. Given: a system that used to be running courier-mta which started getting on my nerves like
    Message 1 of 5 , May 2, 2012
      I've been butting my head against this one for quite some time now.

      Given:
      a system that used to be running courier-mta which started getting on my
      nerves like crazy, which is why I decided to switch to the
      postfix/dovecot combo that almost everyone seems to use nowadays.
      What I had on the courier-system was a combination of accounts. Some of
      them were system-accounts (i.e. users with shell login and a .maildir in
      their home) and virtual accounts (i.e. users with no shell login that
      were present as subfolders under /home/vmail, owned by vmail, and those
      subfolders had .maildirs in them). Those two types of accounts live on
      the same domain (which is just the hostname of the machine).

      Now I want that again. Dovecot is already up and running and works
      exactly as intended, i.e. system users can log in via some pam module,
      the virtual users with their passwords (encrypted) are defined in some
      config file under /etc/dovecot and both can log in and all is well.

      postfix is, for now, set up such that it allows the system-users to
      receive mail via smtp, but not the virtual users, because I've searched
      all howtos and docs and can't find out how to configure that. Every
      howto I've checked seems to assume that virtual users live under their
      own domain and never on the same domain as the system users.
      What works is that postfix checks against dovecot for login-credentials
      when mail-submission is used (port 587). So they do talk to each other.

      And whichever set of configs I tried (most of them via "just hand the
      mails to dovecot in some way or other") caused postfix to reject mails
      to either the system users, the virtual users or both with a "user
      unknown" error.

      So. Is this impossible? Or if it is possible, is there a howto that
      describes it? My google-fu on this one seems to be extremely weak as
      every query I try just gets me endless howtos for virtual domains.

      Thanks for any pointers.
    • Wietse Venema
      ... You might want to read this document: http://www.postfix.org/ADDRESS_CLASS_README.html This decribes what is needed to avoid user unknown and relay
      Message 2 of 5 , May 2, 2012
        Michael Hellwig:
        > I've been butting my head against this one for quite some time now.

        You might want to read this document:

        http://www.postfix.org/ADDRESS_CLASS_README.html

        This decribes what is needed to avoid "user unknown" and "relay access
        denied" errors.

        After this, setting up a suitable virtual_transport in main.cf
        becomes a minor detail.

        Wietse
      • The Eye
        ... Well maybe I m really dense now, but when I look at that document, I still see that virtual mailboxes are supposed to be on their own domain, NOT on the
        Message 3 of 5 , May 2, 2012
          On Wed, May 02, 2012 at 07:05:03AM -0400, Wietse Venema wrote:
          > Michael Hellwig:
          > > I've been butting my head against this one for quite some time now.
          >
          > You might want to read this document:
          >
          > http://www.postfix.org/ADDRESS_CLASS_README.html
          >
          > This decribes what is needed to avoid "user unknown" and "relay access
          > denied" errors.
          >
          > After this, setting up a suitable virtual_transport in main.cf
          > becomes a minor detail.
          >

          Well maybe I'm really dense now, but when I look at that document, I
          still see that virtual mailboxes are supposed to be on their own domain,
          NOT on the same domain as the local users, given that the distinction
          between the two types of mailboxes is made via the domain?

          Or do I misunderstand something?
        • lst_hoe02@kwsoft.de
          ... If you want to mix local and virtual delivery in the same external maildomain you have to split them and rewrite the mail routing information in the
          Message 4 of 5 , May 2, 2012
            Zitat von The Eye <mhellwig@...>:

            > On Wed, May 02, 2012 at 07:05:03AM -0400, Wietse Venema wrote:
            >> Michael Hellwig:
            >> > I've been butting my head against this one for quite some time now.
            >>
            >> You might want to read this document:
            >>
            >> http://www.postfix.org/ADDRESS_CLASS_README.html
            >>
            >> This decribes what is needed to avoid "user unknown" and "relay access
            >> denied" errors.
            >>
            >> After this, setting up a suitable virtual_transport in main.cf
            >> becomes a minor detail.
            >>
            >
            > Well maybe I'm really dense now, but when I look at that document, I
            > still see that virtual mailboxes are supposed to be on their own domain,
            > NOT on the same domain as the local users, given that the distinction
            > between the two types of mailboxes is made via the domain?
            >
            > Or do I misunderstand something?

            If you want to mix local and virtual delivery in the same "external"
            maildomain you have to split them and rewrite the mail routing
            information in the envelope. Something like this for example

            user1@domain -> virtual1@domain
            user2@domain -> local1@...

            and route the mail with transport maps as intended.

            Regards

            Andreas
          • Wietse Venema
            ... More complete: 1) To avoid relay access denied errors, decide if the domain is in the local class (mydestination) or in some other address class as
            Message 5 of 5 , May 2, 2012
              lst_hoe02@...:
              > > On Wed, May 02, 2012 at 07:05:03AM -0400, Wietse Venema wrote:
              > >> Michael Hellwig:
              > >> > I've been butting my head against this one for quite some time now.
              > >>
              > >> You might want to read this document:
              > >>
              > >> http://www.postfix.org/ADDRESS_CLASS_README.html
              > >>
              > >> This decribes what is needed to avoid "user unknown" and "relay access
              > >> denied" errors.
              > >>
              > >> After this, setting up a suitable virtual_transport in main.cf
              > >> becomes a minor detail.
              > >>
              > >
              > > Well maybe I'm really dense now, but when I look at that document, I
              > > still see that virtual mailboxes are supposed to be on their own domain,
              > > NOT on the same domain as the local users, given that the distinction
              > > between the two types of mailboxes is made via the domain?
              > >
              > > Or do I misunderstand something?
              >
              > If you want to mix local and virtual delivery in the same "external"
              > maildomain you have to split them and rewrite the mail routing
              > information in the envelope. Something like this for example
              >
              > user1@domain -> virtual1@domain
              > user2@domain -> local1@...
              >
              > and route the mail with transport maps as intended.

              More complete:

              1) To avoid "relay access denied" errors, decide if the domain is
              in the local class (mydestination) or in some other address class
              as defined in ADDRESS_CLASS_README.

              2) To avoid "user unknown" errors, provide the recipient address
              validation as required by ADDRESS_CLASS_README.

              3) Optionally, use transport_maps to redirect some recipients as
              in your example.

              Wietse
            Your message has been successfully submitted and would be delivered to recipients shortly.