OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Postfix Archives: Re: questions regarding aliases database conf

Re: questions regarding aliases database configuration

Subject: Re: questions regarding aliases database configuration
From: Wietse Venema (wietseporcupine.org)
Date: Wed Jan 12 2000 - 20:00:48 CST

Christopher T. Beers:
> > This is a difference with sendmail.
> >
> > Postfix: user == usermyorigin, which resolves locally only
> > on very specific systems.
> >
> > Sendmail: user == userhost.bu.edu, which always resolves locally,
> > even when forwarded mail says that you are userbu.edu.
> >
> > Postfix canonicalizes the address upon receipt of mail, in order
> > to simplify the address rewriting mechanism.
>
> I think that this may be a bad programming decision. For large domains
> such as our(bu.edu) the aliases database can grow very rapidly. I
> understand that coding postfix in such a way would definately cut down on
> time, however if postfix is supposed to be a drop in replacement for
> sendmail then wouldn't you want this feature.

It's not a drop in replacement by any stretch of imagination. For
users I can maintain the illusion to large extent. But there's not
a fighting chance that I will be able to fool the sysadmin. That
trick I can pull off only for 90+ percent of the sites.

I have administered a mail domain with up to 100+ machines and with
up to 1000+ users (which is not much by todays standards, but large
enough to experience some real scaling problems), and found it
quite undesirable that mail sent to wietse would end up in any old
local mailbox, while recipients of my mail would see wietsedomain.name,
so their reply to mail would go somewhere completely different.

Oh, and with this number of machines, the last thing I wanted was
host-specific alias files. All aliasing was done at the domain-wide
level. But then, I was a bit of a fascist sysadmin.

> In the many years of System Administration I have never came across such
> an easy mailer to configure. However, I am afraid that if my aliases
> database which contains 50 or so aliases must contain aliases in the
> following format
> alias: real_namereal.domain.com
> it seems very unpractical.

Well, where *DO* you want the mail delivered for the user. If it
is to go to a *specific* machine, set up a site-wide alias like:

    user: userspecific.machine.name

If the mail is to go to the *local* machine, whatever machine that
may be, the alias should say so

    user: userlocalhost.domain.name

But I fail to see the point of delivering some users to the local
machine, whatever machine it may be.

> I would suggest that this decision be look at one more time and re-coded
> so that the database can contain realistic aliases
>
> abuse: root
> root: real_namereal.domain.com

With Postfix, if the machiene *sends* mail as userdomain, then
*every* unqualified address becomes userdomain. This is more
consistent.

Postfix rewrites addresses in one place. To get what you want, it
would have to rewrite addresses upon arrival AND in every delivery
agent. That is just too much unnecessary rewriting.

Personally, if I manage 100+ machines, I want all mail by default
to go to the domain rather than by default all mail being dropped
into hundreds of machine-local mailboxes. If specific accounts need
to deliver to specific machines, a domain-wide alias table can take
care of the exception.

        Wietse

This archive was generated by hypermail 2b27 : Wed Jan 12 2000 - 20:02:28 CST