Loading ...
Sorry, an error occurred while loading the content.

Re: FQDN Problem after Migrating to Virtual Domains

Expand Messages
  • Reindl Harald
    ... myorigin = dept.university.edu in general i would add reject_non_fqdn_recipient and reject_non_fqdn_sender to smtpd_recipient_restrictions BEFORE
    Message 1 of 3 , Jan 2, 2013
    • 0 Attachment
      Am 02.01.2013 23:40, schrieb Michael Sloan:
      > One of the users has sent mail with a return address using the FQDN of the mail server, namely
      > user@... and now Postfix is rejecting this as it believes the user does not exist.
      >
      > Currently I have the following defined:
      >
      > myhostname = mail.dept.university.edu
      > mydestination = $myhostname, localhost.$mydomain
      > virtual_mailbox_domains = mysql:/etc/postfix/virtual_mailbox_domains.cf
      >
      > Can I add a local alias for user which redirects to user@..., or is there a better way to solve
      > this issue?

      myorigin = dept.university.edu

      in general i would add "reject_non_fqdn_recipient" and "reject_non_fqdn_sender"
      to "smtpd_recipient_restrictions" BEFORE "permit_sasl_authenticated" because
      i see no single reason to allow any client to use non FQ sender / RCPT
    • Viktor Dukhovni
      ... If your domain is a virtual mailbox domain, you should probably not even list $myhostname in $mydestination. Rather: main.cf: # Convenience # indexed =
      Message 2 of 3 , Jan 2, 2013
      • 0 Attachment
        On Wed, Jan 02, 2013 at 05:40:41PM -0500, Michael Sloan wrote:

        > Currently I have the following defined:
        >
        > myhostname = mail.dept.university.edu
        > mydestination = $myhostname, localhost.$mydomain
        > virtual_mailbox_domains = mysql:/etc/postfix/virtual_mailbox_domains.cf

        If your domain is a virtual mailbox domain, you should probably
        not even list $myhostname in $mydestination.

        Rather:

        main.cf:
        # Convenience
        #
        indexed = ${default_database_type}:${config_directory}/

        # Envelope recipient 1-to-many rewriting
        #
        virtual_alias_maps = ${indexed}virtual

        # Empty, non-legacy setting.
        #
        parent_domain_matches_subdomains =

        # Mail is only processed via local(8) when explicitly aliased
        # there via virtual(5). Local system accounts are not externally
        # addressable:
        #
        mydestination = local.invalid

        # Sender addresses are @ the domain, not the mailhost.
        #
        myorigin = $mydomain

        # Reject external mail to/from the "invalid" TLD.
        # Add other rules as desired. Consider simplifying
        # via smtpd_relay_restrictions in 2.10.
        #
        smtpd_sender_restrictions =
        check_sender_access ${indexed}access-from,

        smtpd_recipient_restrictions =
        check_recipient_access ${indexed}access-to,
        permit_mynetworks,
        permit_sasl_authenticated,
        reject_unauth_destination
        # ... more rules

        #smtpd_relay_restrictions =
        # permit_mynetworks,
        # permit_sasl_authenticated,
        # reject_unauth_destination


        access-to:
        invalid REJECT 5.1.2 invalid recipient domain
        .invalid REJECT 5.1.2 invalid recipient domain

        access-from:
        invalid REJECT 5.1.2 invalid sender domain
        .invalid REJECT 5.1.2 invalid sender domain


        > Can I add a local alias for user which redirects to
        > user@..., or is there a better way to solve this
        > issue?

        To accept mail for legacy domains, it is best to implement them
        as virtual alias domains.

        main.cf:
        virtual_alias_domains = $myhostname

        virtual:
        # Legacy domain
        user1@... user

        # System account delivery
        user2@... user@...

        Finally browse the appropriate headinds undef BASIC_CONFIGURATION_README
        and STANDARD_CONFIGURATION_README.

        --
        Viktor.
      Your message has been successfully submitted and would be delivered to recipients shortly.