Postfix › Postfix Users

Alias and local delivery issues (Edited)

_‹ Previous Topic Next Topic _›

Classic

List

Threaded

3 messages Options

Randall R. Sargent

Alias and local delivery issues (Edited)

Hello,

I have an alias system that I need to deliver some mail via relay, and some locally for PAM accounts. The local PAM accounts are not in the aliases file and their mail is delivered successfully via dovecot-lda (mailbox_command = /usr/libexec/dovecot/dovecot-lda -f "$SENDER" -a "$RECIPIENT").

The problem is when I have an alias that doesn’t refer to a canonical address immediately and Postfix assumes it must be a local account:

Billadmin: bill.smith

William: bill.smith

Bill.smith: bill.smith1 -at- abc.com

If I send an email to bill.smith -at- abc.com it works. If I send an email to billadmin -at- abc.com or William -at- abc.com the error I get is “bad recipient address syntax: bill.smith@/etc/mailname”

Thanks in advance!

Randy

Randy Sargent

Sr. Systems Administrator | Technology Services

Office (251) 634-3312 | Fax (888) 217-4567

Viktor Dukhovni

Re: Alias and local delivery issues (Edited)

On Mon, Apr 01, 2019 at 05:22:08PM +0000, Randall R. Sargent wrote:

> I have an alias system that I need to deliver some mail via relay, and
> some locally for PAM accounts. The local PAM accounts are not in the aliases
> file and their mail is delivered successfully via dovecot-lda
> (mailbox_command = /usr/libexec/dovecot/dovecot-lda -f "$SENDER" -a "$RECIPIENT").

While this generally works, far more robust is to use LMTP and

mailbox_transport = lmtp:unix:/path/to/dovecot/lmtp/socket

with Dovecot's LMTP server on the other end of the socket.

> The problem is when I have an alias that doesn't refer to a canonical
> address immediately and Postfix assumes it must be a local account:

1. My advice is to do *all* address-to-address aliasing via
virtual_alias_maps, with only pipe aliases, owned-lists,
and ":include:" aliases in aliases(5).

2. Even further, only use the local(8) delivery agent for
specifically designated addresses, by setting:

mydestination = localhost.$mydomain
myorigin = $mydomain
append_dot_mydomain = yes

and explicitly rewriting (virtual_alias_maps) just
the addresses you want for local(8) processing:

[hidden email] user@localhost

> Billadmin: bill.smith
> William: bill.smith

With "$myorigin" not listed in $mydestination, the RHS of aliases(5)
entries that are not explicitly qualified with @localhost (really
@localhost.$mydomain given append_dot_mydomain=yes) are not treated
as "local" and get forwarded back into the queue for reprocessing
via virtual alias expansion and indirect delivery. This avoids
multiple delivery problems when one user is over quota, because
each expanded recipient gets a separate queue file entry, and
gives more consistent alias expansion.

The only downside is potential loops, but with just pipes, commands
and lists in aliases(5) the odds of loops are low.

> Bill.smith: bill.smith1 -at- abc.com
>
> If I send an email to bill.smith -at- abc.com it works. If I send an email
> to billadmin -at- abc.com or William -at- abc.com the error I get is "bad
> recipient address syntax: bill.smith@/etc/mailname"

Don't set "myorigin = /etc/mailname", that's a Debianism that does not
appear to work on your system.

--
Viktor.

Randall R. Sargent

RE: Alias and local delivery issues (Edited)

Thanks! That worked!

-----Original Message-----
From: [hidden email] <[hidden email]> On Behalf Of Viktor Dukhovni
Sent: Monday, April 1, 2019 12:46 PM
To: [hidden email]
Subject: Re: Alias and local delivery issues (Edited)

On Mon, Apr 01, 2019 at 05:22:08PM +0000, Randall R. Sargent wrote:

> I have an alias system that I need to deliver some mail via relay, and
> some locally for PAM accounts. The local PAM accounts are not in the
> aliases file and their mail is delivered successfully via dovecot-lda
> (mailbox_command = /usr/libexec/dovecot/dovecot-lda -f "$SENDER" -a "$RECIPIENT").

While this generally works, far more robust is to use LMTP and

mailbox_transport = lmtp:unix:/path/to/dovecot/lmtp/socket

with Dovecot's LMTP server on the other end of the socket.

> The problem is when I have an alias that doesn't refer to a canonical
> address immediately and Postfix assumes it must be a local account:

1. My advice is to do *all* address-to-address aliasing via
virtual_alias_maps, with only pipe aliases, owned-lists,
and ":include:" aliases in aliases(5).

2. Even further, only use the local(8) delivery agent for
specifically designated addresses, by setting:

mydestination = localhost.$mydomain
myorigin = $mydomain
append_dot_mydomain = yes

and explicitly rewriting (virtual_alias_maps) just
the addresses you want for local(8) processing:

[hidden email] user@localhost

> Billadmin: bill.smith
> William: bill.smith

With "$myorigin" not listed in $mydestination, the RHS of aliases(5) entries that are not explicitly qualified with @localhost (really @localhost.$mydomain given append_dot_mydomain=yes) are not treated as "local" and get forwarded back into the queue for reprocessing via virtual alias expansion and indirect delivery. This avoids multiple delivery problems when one user is over quota, because each expanded recipient gets a separate queue file entry, and gives more consistent alias expansion.

The only downside is potential loops, but with just pipes, commands and lists in aliases(5) the odds of loops are low.

> Bill.smith: bill.smith1 -at- abc.com
>
> If I send an email to bill.smith -at- abc.com it works. If I send an
> email to billadmin -at- abc.com or William -at- abc.com the error I
> get is "bad recipient address syntax: bill.smith@/etc/mailname"

Don't set "myorigin = /etc/mailname", that's a Debianism that does not appear to work on your system.

--
Viktor.