OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Victor.Duchovnimorganstanley.com
Date: Sat Jun 01 2002 - 22:51:54 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    >
    > Name Maps to:
    > sub.domain.com anything
    > sub.domain.com catchallsub.domain.com

    Lose the first key (domain anything). Your domain is not Postfix-style
    virtual (all addresses are valid due to the catchall, and you are not
    rewriting out of the domain). Whether your domain is Sendmail-style or not
    depends on how the mailboxes for the domain are set up. What delivery
    agent (transport) delivers mail to "catchall"?

    Postfix-style virtual domains have addresses that must rewrite to a real
    domain for delivery to succeed, the name-space is "virtual" in the sense
    that no real mailboxes exist in the domain.

    Sendmail-style virtual domains default to "local" delivery, are subject to
    "local_recipient_maps" and are presumed to include the namespace of local
    shell users.

    Domains that appear as "domain anything" keys in "virtual_mailbox_maps"
    are designed to support the "virtual" delivery agent (but can support any
    delivery agent of your choice via the transport map). These domains don't
    overlap with shell users, but do include real mailboxes (don't need to
    rewrite out of them). If you are using the "virtual" delivery agent, Add
    the "domain anything" key and data for all valid users to the appropriate
    tables in "virtual_mailbox_maps". Note that "virtual_mailbox_maps" does
    no rewriting, so the catchall rewrite still happens in the "virtual_maps"
    tables and you still need to work around the recursion, see below.

    Or you can simply arrange to receive all mail for the domain (by adding it
    to relay_domains) and then route it as necessary via the transport table.

    Bottom line is that mail for a domain is accepted if:

    1. The domain is in $mydestination (Sendmail-Style).

    OR

    2. The domain is a key in $virtual_maps (Postfix-style)

    OR

    3. The domain is a key in $virtual_mailbox_maps (virtual delivery)

    OR

    4. The domain matches $relay_domains (default match style subdomain).

    OR

    5. (Not recommended) The domain is allowed via explicit entries in an
            access map (check_recipient_access maptype:/mapfile in
            $smtpd_recipient_restrictions). This is tricky to implement
            correctly especially if you want to filter SPAM while not
            accidentally becoming an open relay.

    >
    > But when I do this, ALL mail sent to sub.domain.com ends up in
    > catchallsub.domain.com, even user1 & user2.
    >

    The Postfix address rewriting (canonical and virtual) tables are
    recursive. So addresses you do not want to fall into the catchall need
    their own specific keys.

    The "problem" goes away if the RHS is in a different domain (this does not
    meet your apparent requirement to rewrite into the same domain).

    user1domain1 user2domain2
    domain1 catchalldomain2 

    -- 
	Viktor.

    -
To unsubscribe, send mail to majordomopostfix.org with content
(not subject): unsubscribe postfix-users