From: Victor Duchovni (Victor.DuchovniMorganStanley.com)
Date: Fri Dec 09 2005 - 16:09:07 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Dec 09, 2005 at 03:45:31PM -0600, scott wrote:

> Victor:
>
> >>Per a note the amavis guys added with a "tip from Wietse", I tried
> >>creating
> >>a recipient_access file with:
> >>mydomain1.com FILTER smpt-amavis:[127.0.0.1]:10024
> >>mydomain2.com OK
> >>rest-of-my-domains OK
> >
> >Stop there. This approach cannot be used for per-user content filters.
> >What you need is two Postfix instances and a transport table in the
> >first that directs users to either the second Postfix directly (no
> >filter) or to a filter which forwards to the second Postfix. Search
> >the archives for previous identical advice (and perhaps some more detail).
>
> Screw it then, too hard <smile>.
>
> But, will this method work for per-domain content filters? That's what the
> original instructions said it was for. Or is it the same problem?
>

The same problem, but less frequently an issue, because MTAs "tend to"
deliver groups of recients in multiple domains as separate messages.

To do otherwise the MTA would have to perform all the MX lookups in
advance of each delivery and sort the recipients by the set of MX
hosts and preference values, ... Postfix definitely does not do this,
in no small part because the queue manager is blissfully unaware of
MX records, it operates on transports and nexthops only. I don't think
that Sendmail will aggregate recipients by MX host name or IP, but I
could be wrong.

Mail from users with relay rights (using your MTA as MSA) will definitely
mix multiple domains. It is generally wise in more complex configurations
to separate the MSA (outgoing service for users) and MTA (incoming MX
for mailboxes) on separate machines or separate instances running on the
same machine.

Multiple instances are not difficult at all:

    mkdir /etc/postfix-new /var/spool/postfix-new
    cp /etc/postfix/* /etc/postfix-new/.
    postconf -e "alternate_config_directories = /etc/postfix-new"
    perl -pi -e 's/^smtp(\s+)inet(\s+)/10025${1}inet${2}/' \
            /etc/postfix-new/master.cf
    postconf -c /etc/postfix-new -e "inet_interfaces = 127.0.0.1"
    postconf -c /etc/postfix-new -e "syslog_name = postfix-new"
    postconf -c /etc/postfix-new -e "queue_directory = /var/spool/postfix-new"

then just go to town changing any other settings that normally pollute
master.cf with "-o" options directly in the main.cf file of the second
instance. To start:

        postfix -c /etc/postfix-new start

To stop:

        postfix -c /etc/postfix-new stop

This should all be even easier when Postfix 2.3 comes out...

--
        Viktor.

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.

To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:majordomopostfix.org?body=unsubscribe%20postfix-users>

If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]