Wildcard .domain.tld notation in mydestination

Detailed information: http://pastie.org/private/w93tv2bb7yrb8suyjqkqmq
Tested on: Postfix 2.6.5 on FreeBSD 7.2p7

I had configured mydestination to contain both domain.tld and
.domain.tld notations, expecting that would accept mail for domains and
their subdomains as local mail. Postfix had in fact been rejecting mail
addressed to subdomains e.g. [hidden email]. Specifying
the list of domains directly rather than via /file/name did not resolve
the issue, neither did converting the file to a hash-table (i.e. giving
all entries a return value of OK and running postmap); using a
pcre-table works around the issue. I am familiar with the
parent_domain_matches_subdomains setting, but would rather avoid using a
setting intended for backwards compatibility.

NB: harry.aprogas.net is a backend mailserver, receiving mail via
nvidium.soleus.nu. It is not directly accessible on port 25 due to an
ISP-block, but port 8025 should work. I have since worked around the
issue, so you cannot use this server to replicate the described behaviour.

As far as I can tell, the documentation does not promise that
mydestination supports .domain matching, therefore such behavior
is not supported.

If the documentation is in error, you're welcome to report this
and the documentation will be fixed.

It is not practical for Postfix to document all the things that it
does not do.

        Wietse

On Tue, Aug 31, 2010 at 02:22:02PM +0200, Jasper Jongmans wrote:

> Detailed information: http://pastie.org/private/w93tv2bb7yrb8suyjqkqmq
> Tested on: Postfix 2.6.5 on FreeBSD 7.2p7
>
> I had configured mydestination to contain both domain.tld and
> .domain.tld notations, expecting that would accept mail for domains and
> their subdomains as local mail.

Typically, sub-domains are "relay" domains (or not accepted at all),
rather than "local". So Postfix does not perform sub-domain matching
on mydestination. You can use a regexp table if you need sub-domains
to be local:

    main.cf:
        mydestination = pcre:${config_directory}/mydest.pcre

    mydest.pcre:
    /(^|\.)example\.com$/ LOCAL

Do you really want to receive mail for arbitrary sub-domains:

        rue-de-remarque.example.com

at the very least, avoid wild-card MX records that make such-domains
appear to exist.

In the long run, you are better off knowing which domains are valid,
and listing them all explicitly in a suitable table. Wildcards are
are a short term win and often cause long-term pain.

--
        Viktor.

On 2010-08-31 14:54, Wietse Venema wrote: The mydestination documentation indeed does not promise such a thing, I
just blindly assumed it because of the wording of the
parent_domain_matches_subdomain documentation (all Postfix features are
expected to require explicit ".domain.tld"). My email was intended as a
feature request, not a bug report.

On Tue, Aug 31, 2010 at 03:32:48PM +0200, Jasper Jongmans wrote:

The lack of sub-domain matching in mydestination is deliberate, it is
not a missing feature. If you need sub-domain matching in this case,
you can get it via a regexp table.

--
        Viktor.