Loading ...
Sorry, an error occurred while loading the content.

split domain, relay by default

Expand Messages
  • David Koski
    I need to relay for a domain by default but deliver for specific users locally (Dovecot). I have done this before by adding the domain to
    Message 1 of 5 , Mar 19, 2013
    • 0 Attachment
      I need to relay for a domain by default but deliver for specific users locally
      (Dovecot). I have done this before by adding the domain to
      virtual_mailbox_domains and adding to the transport map in the following
      manner:

      david@... :
      kosmosisland.com smtp:

      This relays by default but delivers to locally (Courier in this case) for
      david@.... The same does not work on another server, however.
      The config follows:

      # postconf -n
      alias_database = hash:/etc/aliases
      alias_maps =
      append_dot_mydomain = no
      biff = no
      broken_sasl_auth_clients = yes
      canonical_maps = hash:/etc/postfix/canonical
      config_directory = /etc/postfix
      content_filter = smtp-amavis:[127.0.0.1]:10024
      disable_vrfy_command = yes
      inet_interfaces = all
      inet_protocols = ipv4
      local_recipient_maps =
      mailbox_size_limit = 0
      mydestination =
      myhostname = vmail.sutinen.com
      mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 65.105.240.234 173.8.212.217 68.66.148.24
      myorigin = /etc/mailname
      readme_directory = no
      recipient_delimiter = +
      relay_domains = sutinen.com
      relayhost =
      smtp_tls_cert_file = /etc/ssl/certs/vmail_sutinen_com.crt
      smtp_tls_key_file = /etc/ssl/private/vmail_sutinen_com.key
      smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
      smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
      smtpd_helo_required = yes
      smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination
      smtpd_sasl_auth_enable = yes
      smtpd_sasl_path = private/auth
      smtpd_sasl_security_options = noanonymous
      smtpd_sasl_type = dovecot
      smtpd_sender_restrictions = permit_mynetworks permit_sasl_authenticated reject_non_fqdn_sender reject_unknown_sender_domain reject_rbl_client
      b.barracudacentral.org reject_rbl_client zen.spamhaus.org reject_rbl_client cbl.abuseat.org reject_rbl_client bl.spamcop.net
      smtpd_tls_cert_file = /etc/ssl/certs/vmail_sutinen_com.crt
      smtpd_tls_key_file = /etc/ssl/private/vmail_sutinen_com.key
      smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
      smtpd_use_tls = yes
      transport_maps = hash:/etc/postfix/transport
      virtual_alias_maps = proxy:mysql:/etc/postfix/mysql_virtual_alias_maps.cf proxy:mysql:/etc/postfix/mysql_virtual_user_singleton_maps.cf hash:/etc/postfix/virtual
      virtual_gid_maps = static:5000
      virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql_virtual_mailbox_domains.cf
      virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
      virtual_transport = dovecot
      virtual_uid_maps = static:5000

      Regards,
      David Koski
      david@...
    • Noel Jones
      ... Configure the domain as a normal relay_domain, define the users in relay_recipient_maps. List the specific users to be delivered by dovecot in transport
      Message 2 of 5 , Mar 19, 2013
      • 0 Attachment
        On 3/19/2013 7:24 PM, David Koski wrote:
        > I need to relay for a domain by default but deliver for specific users locally
        > (Dovecot).


        Configure the domain as a normal relay_domain, define the users in
        relay_recipient_maps.

        List the specific users to be delivered by dovecot in transport
        pointing to the dovecot transport (assuming the master.cf entry is
        named "dovecot").

        # transport file
        user1@... dovecot:
        user2@... dovecot:
        # and if the relay domain needs a helper transport entry:
        example.com relay:[somewhere.example.com]



        -- Noel Jones
      • Noel Jones
        ... Recipient validation at the internet gateway is required to prevent your queue from being clogged with undeliverable bounces, and to prevent you from
        Message 3 of 5 , Mar 20, 2013
        • 0 Attachment
          On 3/20/2013 11:59 AM, David Koski wrote:
          >> On 3/19/2013 7:24 PM, David Koski wrote:
          >>> I need to relay for a domain by default but deliver for specific users
          >>> locally (Dovecot).
          >>
          >> Configure the domain as a normal relay_domain, define the users in
          >> relay_recipient_maps.
          >>
          >> List the specific users to be delivered by dovecot in transport
          >> pointing to the dovecot transport (assuming the master.cf entry is
          >> named "dovecot").
          >>
          >> # transport file
          >> user1@... dovecot:
          >> user2@... dovecot:
          >> # and if the relay domain needs a helper transport entry:
          >> example.com relay:[somewhere.example.com]
          >
          > I am trying to avoid keeping a list of relay recipients separate so I don't
          > have to maintain two lists, one on the relay server and one on the default
          > destination server. I'm looking for a way to relay by default but deliver
          > locally for specific users using dovecot. I do this with another server using
          > Courier (maildrop for virtual transport).
          >
          > Regards,
          > David Koski
          > dkoski@...
          >


          Recipient validation at the internet gateway is required to prevent
          your queue from being clogged with undeliverable bounces, and to
          prevent you from getting blacklisted as a backscatter source.
          http://www.postfix.org/postconf.5.html#relay_recipient_maps

          If you control the destination, and have a list of recipients on the
          destination, it's silly to not use that list on the gateway. Use
          rsync or a version control system to sync the list between the two
          computers. Set it up once and let the computer do the work.

          If there's some reason you can't sync the list to the gateway, use
          verification probes to let postfix build the list for you.
          http://www.postfix.org/ADDRESS_VERIFICATION_README.html#recipient




          -- Noel Jones
        • David Koski
          ... Ultimately I must have a unified database (MySQL) for all servers but for now I just need to get this working if possible. As per the link above
          Message 4 of 5 , Mar 20, 2013
          • 0 Attachment
            > On 3/20/2013 11:59 AM, David Koski wrote:
            > >> On 3/19/2013 7:24 PM, David Koski wrote:
            > >>> I need to relay for a domain by default but deliver for specific users
            > >>> locally (Dovecot).
            > >>
            > >> Configure the domain as a normal relay_domain, define the users in
            > >> relay_recipient_maps.
            > >>
            > >> List the specific users to be delivered by dovecot in transport
            > >> pointing to the dovecot transport (assuming the master.cf entry is
            > >> named "dovecot").
            > >>
            > >> # transport file
            > >> user1@... dovecot:
            > >> user2@... dovecot:
            > >> # and if the relay domain needs a helper transport entry:
            > >> example.com relay:[somewhere.example.com]
            > >
            > > I am trying to avoid keeping a list of relay recipients separate so I
            > > don't have to maintain two lists, one on the relay server and one on the
            > > default destination server. I'm looking for a way to relay by default
            > > but deliver locally for specific users using dovecot. I do this with
            > > another server using Courier (maildrop for virtual transport).
            > >
            > > Regards,
            > > David Koski
            > > dkoski@...
            >
            > Recipient validation at the internet gateway is required to prevent
            > your queue from being clogged with undeliverable bounces, and to
            > prevent you from getting blacklisted as a backscatter source.
            > http://www.postfix.org/postconf.5.html#relay_recipient_maps
            >
            > If you control the destination, and have a list of recipients on the
            > destination, it's silly to not use that list on the gateway. Use
            > rsync or a version control system to sync the list between the two
            > computers. Set it up once and let the computer do the work.
            >
            > If there's some reason you can't sync the list to the gateway, use
            > verification probes to let postfix build the list for you.
            > http://www.postfix.org/ADDRESS_VERIFICATION_README.html#recipient
            >
            >
            > -- Noel Jones

            Ultimately I must have a unified database (MySQL) for all servers but for now
            I just need to get this working if possible. As per the link above
            (http://www.postfix.org/ADDRESS_VERIFICATION_README.html#recipient) I have
            made changes.

            I have in my main.cf:
            89 smtpd_recipient_restrictions =
            90 permit_mynetworks
            91 reject_unauth_destination
            92 reject_unknown_recipient_domain
            93 reject_unverified_recipient
            94 permit_sasl_authenticated

            Also have:

            116 relay_domains = sutinen.com

            Transport table:

            1 # The sutinen.com accounts must be listed here..
            2 # ..ahead of the domain name.
            3 test@... dovecot:
            4 sutinen.com smtp:

            I still get:

            " Recipient address rejected: User unknown in virtual mailbox table"

            David Koski
          • Noel Jones
            ... Order doesn t matter in hash tables. ... Don t list the domain in transport. ... Looks as if you ve listed the domain as a virtual_mailbox_domain. Don t do
            Message 5 of 5 , Mar 20, 2013
            • 0 Attachment
              On 3/20/2013 3:39 PM, David Koski wrote:
              > Ultimately I must have a unified database (MySQL) for all servers but for now
              > I just need to get this working if possible. As per the link above
              > (http://www.postfix.org/ADDRESS_VERIFICATION_README.html#recipient) I have
              > made changes.
              >
              > I have in my main.cf:
              > 89 smtpd_recipient_restrictions =
              > 90 permit_mynetworks
              > 91 reject_unauth_destination
              > 92 reject_unknown_recipient_domain
              > 93 reject_unverified_recipient
              > 94 permit_sasl_authenticated
              >
              > Also have:
              >
              > 116 relay_domains = sutinen.com
              >
              > Transport table:
              >
              > 1 # The sutinen.com accounts must be listed here..
              > 2 # ..ahead of the domain name.

              Order doesn't matter in hash tables.

              > 3 test@... dovecot:
              > 4 sutinen.com smtp:

              Don't list the domain in transport.

              >
              > I still get:
              >
              > " Recipient address rejected: User unknown in virtual mailbox table"

              Looks as if you've listed the domain as a virtual_mailbox_domain.
              Don't do that. Each domain should be listed in only one address class.
              http://www.postfix.org/ADDRESS_CLASS_README.html



              -- Noel Jones
            Your message has been successfully submitted and would be delivered to recipients shortly.