Sub-domain Alias Assistance

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
15 messages Options
Reply | Threaded
Open this post in threaded view
|

Sub-domain Alias Assistance

Henri Shustak
Hello,

I manage a mailman mailing list server. The mailing list address  
(aliases) were being managed from from /etc/aliases (on Ubuntu). In  
the past I have configured the aliases and ran the postalias command  
to update the .db file and everything has been working great!

However, I am now concerned that I have made some mistakes with  
regards the setup of the postfix configuration.

I updated the system (with apt-get) and I guess this updated the  
version of postfix I was running. I figured everything was running  
correctly. However, when I recently went to configure a mailing list  
by adding various lines similar to the following :

[hidden email]:              "|/var/lib/mailman/mail/mailman  
post maillistname"

into the /etc/alias file and then going to run the postalias command  
on this file to update the .db file. the following error was reported :

postalias: warning: /etc/aliases, line XXX: name must be local

for every line which contained the above syntax.

I am guessing this is because the domain.com is not the local domain  
for the server. However, post fix is setup to relay mail for this this  
subdomain in the /etc/postfix/main.cf file. In addition, mailman is  
configured as the transport for this domain.

I am not sure exactly what I have done wrong or how to fix this  
situation. At present, I am not able to add any mailing lists to the  
server. I will keep looking into the problem.

However, if anyone on this list is able to provide any helpful hints,  
they would certainly be most welcomed.

I will report back if I manage to work this out.

Thanks.



Disclaimer : I am still learning about postfix administration. As such  
it is very possible that I have configured something in a very odd way  
and I am doing something very simple totally wrong.


---------------------------------------------------------------------
This email is protected by LBackup, an open source backup solution :
http://www.lucidsystems.org/tools/lbackup

LBackup is fully compatible with LINUX and Mac OS X based systems.
In addition you are free to customize it to meet your requirements
via pre and post hook scripts. Alternatively you may edit the source
code which is included with every download of LBackup.
---------------------------------------------------------------------

Reply | Threaded
Open this post in threaded view
|

Re: Sub-domain Alias Assistance

Barney Desmond
2009/9/3 Henri Shustak <[hidden email]>:

> However, I am now concerned that I have made some mistakes with regards the
> setup of the postfix configuration.
>
> I updated the system (with apt-get) and I guess this updated the version of
> postfix I was running. I figured everything was running correctly. However,
> when I recently went to configure a mailing list by adding various lines
> similar to the following :
>
> [hidden email]:              "|/var/lib/mailman/mail/mailman post
> maillistname"
>
> into the /etc/alias file and then going to run the postalias command on this
> file to update the .db file. the following error was reported :
>
> postalias: warning: /etc/aliases, line XXX: name must be local
>
> for every line which contained the above syntax.

/etc/aliases is only good for local names - basically: system accounts.

One solution to this is a set of virtual aliases that point to local
aliases, something like (this is just an example, I can't remember the
usual mailman syntax):

virtual_alias_maps: (note that this is postmap'd not postalias'd, so
there's no colons)

[hidden email]       listname
[hidden email]     listname-admin
etc..

Then in /etc/aliases:

listname: "|/var/lib/mailman/mail/mailman post listname"
listname-admin: "|/var/lib/mailman/mail/mailman admin listname"


A cleaner solution might be to use mailman's "virtual domain" support.
It's been a while since I've looked at it, but this should be the
right page:
http://www.gnu.org/software/mailman/mailman-install/postfix-virtual.html

If memory serves, it leaves all the alias-handling to mailman, which is a boon.
Reply | Threaded
Open this post in threaded view
|

Re: Sub-domain Alias Assistance

Benny Pedersen
In reply to this post by Henri Shustak
On Thu 03 Sep 2009 11:27:01 AM CEST, Henri Shustak wrote

> [hidden email]:              
> "|/var/lib/mailman/mail/mailman post maillistname"

[hidden email]: "|/path"

is not local in postalias

foo: "|/path"

is

to solve setup mailman to use postfix virtual_alias_domains

this is explained in mailman docs

--
xpoint

Reply | Threaded
Open this post in threaded view
|

Re: Sub-domain Alias Assistance

Henri Shustak

>> [hidden email]:              "|/var/lib/mailman/mail/
>> mailman post maillistname"
>
> [hidden email]: "|/path"
>
> is not local in postalias
>
> foo: "|/path"
>
> is
>
> to solve setup mailman to use postfix virtual_alias_domains
>
> this is explained in mailman docs
>
> --
> xpoint
>

Okay thank you this makes sense.

I have one further question in this case. Please correct me if I have  
misunderstood the setup you described.

My question with this setup is : How do I stop delivery to the primary  
domain?

Clarification of question :
---------------------------

If I had a mailing list called [hidden email] which I had  
redirected to local account foo-maillist. How would I then stop  
delivery to the [hidden email].

As I understand it, adding the foo-maillist to the /etc/alias would  
essentially mean that there would be an email account for this mailing  
list at both the sub-domain and also at the primary domain. How do I  
avoid adding the foo-maillist into the /etc/alias to stop this from  
happening? Essentially, I would like to have foo-maillist@sub-
domain.com and not have [hidden email]. In the past I had  
specified the full domain in the alias file and it was working.

I am guessing that I misunderstood the way to do this in the past and  
botched up the configuration. Howevr, everything worked when I tested  
this previous configuration. However, now when I runs post-alias this  
warning is reported is this warning fatal will postfix still work  
correctly. I would like to set this up in way that makes sense. I am  
still learning what the recommended way of doing this with postfix is,  
I thought I had worked it out.

Any further clarification would be warmly welcomed. I have tried  
creating a file called /etc/postfix/virtual/aliases and then added the  
virtual alias information to this file. The mail server is setup with  
the other files /etc/postfix/virtual/domains and /etc/postfix/virtual/
addresses as I have configured the mail server to run other virtual  
domains.

If there is a way of setting up the mailing list on the sub-domain and  
not on the primary domain that would be great. However, as far as I  
can tell this is not possible with the virtual alias domains as it  
must deliver to a local address. Please let me know if I have  
misunderstood the postfix documentation or your recommendations.

The only way I had worked out of stopping the local delivery was to  
speicy the full address in the /etc/alias file. Which worked in the  
past.

Is there some way to only have the address [hidden email]  
and not have the [hidden email]

Thank you again for your assistance. Much appreciated.

> virtual_alias_maps: (note that this is postmap'd not postalias'd, so
> there's no colons)
>
> [hidden email]       listname
> [hidden email]     listname-admin
> etc..
>
> Then in /etc/aliases:
>
> listname: "|/var/lib/mailman/mail/mailman post listname"
> listname-admin: "|/var/lib/mailman/mail/mailman admin listname"



Thank you for this reply as well. However, I think this has exactly  
the problem I am attempting to work around. I would like to not have  
the mailing list on the local domain only on the virtual domain.

If I have misunderstood please correct me.

Thank you again.


Reply | Threaded
Open this post in threaded view
|

Re: Sub-domain Alias Assistance

Victor Duchovni
On Fri, Sep 04, 2009 at 07:46:42AM +1200, Henri Shustak wrote:

> I have one further question in this case. Please correct me if I have
> misunderstood the setup you described.
>
> My question with this setup is : How do I stop delivery to the primary
> domain?

Two possible solutions:

    1. List only one of the domains in $mydestination. Only addresses in
       local (mydestination) domains are passed to the local(8) delivery
       agent and subjected to aliases(5) expansion.

    2. Use a virtual(5) alias to implement the list:

    virtual(5)
            [hidden email] foo-internal@localhost

        aliases(5)
            foo-internal: "|/path args"

        Optional, block direct mail to "foo-internal":

        access(5)
            # For each domain in $mydestination:
            [hidden email] REJECT Access denied
            [hidden email] REJECT Access denied

--
        Viktor.

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.

To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:[hidden email]?body=unsubscribe%20postfix-users>

If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.
Reply | Threaded
Open this post in threaded view
|

Re: Sub-domain Alias Assistance

Benny Pedersen
In reply to this post by Henri Shustak
On Thu 03 Sep 2009 09:46:42 PM CEST, Henri Shustak wrote

> Okay thank you this makes sense.
>
> I have one further question in this case. Please correct me if I
> have misunderstood the setup you described.
>
> My question with this setup is : How do I stop delivery to the  
> primary domain?

the virtual_alias is the only one that can be writed to from outside localhost

the local alias cant be writed to from outside

and this is how mailman does it with virtual alias, so to clear up the  
mess, make sure there is no mydestination domains that are maillists,  
if there is move them to virtual_domains and if still needed map them  
to be delivered local

--
xpoint

Reply | Threaded
Open this post in threaded view
|

Re: Sub-domain Alias Assistance

Henri Shustak
In reply to this post by Victor Duchovni

>> I have one further question in this case. Please correct me if I have
>> misunderstood the setup you described.
>>
>> My question with this setup is : How do I stop delivery to the  
>> primary
>> domain?
>
> Two possible solutions:
>
>    1. List only one of the domains in $mydestination. Only addresses  
> in
>       local (mydestination) domains are passed to the local(8)  
> delivery
>       agent and subjected to aliases(5) expansion.
>
>    2. Use a virtual(5) alias to implement the list:
>
>     virtual(5)
>    [hidden email] foo-internal@localhost
>
> aliases(5)
>    foo-internal: "|/path args"
>
> Optional, block direct mail to "foo-internal":
>
> access(5)
>    # For each domain in $mydestination:
>    [hidden email] REJECT Access denied
>    [hidden email] REJECT Access denied
>


Thanks Viktor,

Option two is a possibility. However, it seems overly complex. In this  
situation there are now three database files to be updated. Rather  
than just one. If this is the recommended way I will do it this way.  
It just far more complicated that what I was doing. Is there any  
reason (sorry I am not a post fix developer) that it is now not  
possible to specify a non-local domain in the /etc/alias file. Being  
able to do this was really a good way of dealing with the situation in  
the previous version. Just one database to update for list removal or  
addition?

At this point. I will update the three files if that is the  
recommended way of doing this. I just think the way it used to work  
was far less complex.

I see that option one is also a possible with some major re-
arrangement of the postfix configuration. However, doing this  
rearrangement means that then running a mailing list on a different  
domain in the future on this server becomes quite complex again.

Option one should work. I will try option two a this point. If any one  
has any other ways of doing this then please let me know.

Being able to add in something like [hidden email] to  
the /etc/alias file is a good idea, I am happy to contribute back to  
post fix project to make this work if others think this is a good  
idea, provided doing this would not be overly complicated. I really  
liked the ability to do this in the older version of postfix. It was  
very nice being able to just set this from a single file in the /etc/
alias/ file. However, I suppose this is a topic for the developer  
mailing list.

Thanks again, for your suggestions Viktor. With your assistance I will  
be able to get it working in the very near future! Right now I am very  
keen to actually get it working ASAP.

I am then happy to spend some time to work it out in a better way even  
if this means a re-organization.

Again, if anyone has some other suggestions I am listening. Thank you  
again to everyone who has provided me with some feed back to date!




Reply | Threaded
Open this post in threaded view
|

Re: Sub-domain Alias Assistance

Henri Shustak
In reply to this post by Benny Pedersen

> and this is how mailman does it with virtual alias, so to clear up  
> the mess, make sure there is no mydestination domains that are  
> maillists, if there is move them to virtual_domains and if still  
> needed map them to be delivered local

Yes - thanks to post by Vicktor, this is what I will be doing.

Thanks.

Reply | Threaded
Open this post in threaded view
|

Re: Sub-domain Alias Assistance

Benny Pedersen
On Thu 03 Sep 2009 11:21:35 PM CEST, Henri Shustak wrote
>> and this is how mailman does it with virtual alias, so to clear up
>> the mess, make sure there is no mydestination domains that are  
>> maillists, if there is move them to virtual_domains and if still  
>> needed map them to be delivered local
> Yes - thanks to post by Vicktor, this is what I will be doing.

using mailman here, and i have lists.junc.info as mydestination just  
to confuse it even more, well this is how i did, but if you want more  
then one mailman domain then mailman can handle the virtual_domain as  
well as virtual_alias

and the virtual_alias maps back to local alias, this is needed as long  
virtual_alias does not support pipe "|"

--
xpoint

Reply | Threaded
Open this post in threaded view
|

Re: Sub-domain Alias Assistance

Henri Shustak

>>> and this is how mailman does it with virtual alias, so to clear up
>>> the mess, make sure there is no mydestination domains that are  
>>> maillists, if there is move them to virtual_domains and if still  
>>> needed map them to be delivered local
>>
>> Yes - thanks to post by Vicktor, this is what I will be doing.
>
> using mailman here, and i have lists.junc.info as mydestination just  
> to confuse it even more, well this is how i did, but if you want  
> more then one mailman domain then mailman can handle the  
> virtual_domain as well as virtual_alias
>
> and the virtual_alias maps back to local alias, this is needed as  
> long virtual_alias does not support pipe "

Okay thanks good to know.
Reply | Threaded
Open this post in threaded view
|

Re: Sub-domain Alias Assistance

Henri Shustak
In reply to this post by Benny Pedersen
Thank you to everyone who provided assistance with regards sub-domain  
aliases. The mailman mailing lists are working great now!

Finally, what are your general thoughts on being able to include non-
local addresses in the /etc/aliases file? Before, I sign up to the  
developer mailing list I would like some feed back about this from  
people who have more experience with the way postfix works.

After all, there could be a good reason that this file is only for  
local mail. If anyone is able to explain why this is file is only for  
dealing with local mail then I would be be most interested to know more.

You all provided great feed back. The postfix mailman community is  
very helpful which is a really good for this kind of project.

Thank you again!

Reply | Threaded
Open this post in threaded view
|

Re: Sub-domain Alias Assistance

Noel Jones-2
On 9/3/2009 6:28 PM, Henri Shustak wrote:

> Thank you to everyone who provided assistance with regards sub-domain
> aliases. The mailman mailing lists are working great now!
>
> Finally, what are your general thoughts on being able to include
> non-local addresses in the /etc/aliases file? Before, I sign up to the
> developer mailing list I would like some feed back about this from
> people who have more experience with the way postfix works.
>
> After all, there could be a good reason that this file is only for local
> mail. If anyone is able to explain why this is file is only for dealing
> with local mail then I would be be most interested to know more.
>
> You all provided great feed back. The postfix mailman community is very
> helpful which is a really good for this kind of project.
>
> Thank you again!
>


Before you sign up for the developer mail list, read its
purpose on the http://www.postfix.org/lists.html page.
"NOT for questions, problem reports and feature requests;"

Addresses listed in alias_maps are expanded during delivery by
the local(8) delivery agent.  This is the only postfix process
that expands these aliases.  As a result, only local usernames
(ie. the user part of any domain listed in $mydestination) are
valid in the local alias table.
This is for both sendmail(TM) compatibility and for security.

If you need to rewrite arbitrary addresses, use the
virtual_alias_maps feature.

These design features are not likely to change.

For further details, see
http://www.postfix.org/aliases.5.html
http://www.postfix.org/local.8.html
http://www.postfix.org/OVERVIEW.html
and the list archives.

   -- Noel Jones
Reply | Threaded
Open this post in threaded view
|

Re: Sub-domain Alias Assistance

Henri Shustak
>> Thank you to everyone who provided assistance with regards sub-domain
>> aliases. The mailman mailing lists are working great now!
>>
>> Finally, what are your general thoughts on being able to include
>> non-local addresses in the /etc/aliases file? Before, I sign up to  
>> the
>> developer mailing list I would like some feed back about this from
>> people who have more experience with the way postfix works.
>>
>> After all, there could be a good reason that this file is only for  
>> local
>> mail. If anyone is able to explain why this is file is only for  
>> dealing
>> with local mail then I would be be most interested to know more.
>>
>> You all provided great feed back. The postfix mailman community is  
>> very
>> helpful which is a really good for this kind of project.
>>
>> Thank you again!
>>
>
>
> Before you sign up for the developer mail list, read its purpose on  
> the http://www.postfix.org/lists.html page.
> "NOT for questions, problem reports and feature requests;"
>
> Addresses listed in alias_maps are expanded during delivery by the  
> local(8) delivery agent.  This is the only postfix process that  
> expands these aliases.  As a result, only local usernames (ie. the  
> user part of any domain listed in $mydestination) are valid in the  
> local alias table.
> This is for both sendmail(TM) compatibility and for security.
>
> If you need to rewrite arbitrary addresses, use the  
> virtual_alias_maps feature.
>
> These design features are not likely to change.
>
> For further details, see
> http://www.postfix.org/aliases.5.html
> http://www.postfix.org/local.8.html
> http://www.postfix.org/OVERVIEW.html
> and the list archives.


Okay thank you. This is all great information.

I understand now from reading the man page for local that this is only  
for local queues :
This line states this perfectly : "All delivery decisions are made  
using the bare recipient name"

As such this lookup is not going to involve the part of the email  
after the '@' symbol. If I have misunderstood then please let me know.

I am guessing that in the earlier version of postfix the entire email  
address was being examined and now this is not the case.

Thank you again for your help and clarification with regards the local  
command and its relevance to the /etc/aliases (.db file).


Reply | Threaded
Open this post in threaded view
|

Re: Sub-domain Alias Assistance

/dev/rob0
On Thursday 03 September 2009 21:25:37 Henri Shustak wrote:
> Noel Jones:
> > Addresses listed in alias_maps are expanded during delivery by the
> > local(8) delivery agent.  This is the only postfix process that
> > expands these aliases.  As a result, only local usernames (ie. the
> > user part of any domain listed in $mydestination) are valid in the
> > local alias table.
> > This is for both sendmail(TM) compatibility and for security.

> As such this lookup is not going to involve the part of the email
> after the '@' symbol. If I have misunderstood then please let me

Indeed it is only the LHS, the bare recipient name without @domain.

> I am guessing that in the earlier version of postfix the entire
> email address was being examined and now this is not the case.

Um, no. As Noel said, aliases(5) was originally written for Sendmail
compatibility. As far as I know, local(8) has never looked up
user@domain in alias_maps. My guess would be that you misunderstood
something.
--
    Offlist mail to this address is discarded unless
    "/dev/rob0" or "not-spam" is in Subject: header
Reply | Threaded
Open this post in threaded view
|

Re: Sub-domain Alias Assistance

Wietse Venema
In reply to this post by Henri Shustak
Henri Shustak:
> I am guessing that in the earlier version of postfix the entire email  
> address was being examined and now this is not the case.

The local(8) delivery agent has never used the domain in aliases(5).
You can verify this yourself. All the releases are available on-line,
starting late 1998.

        Wietse