forwarders on virtual alias domains

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

forwarders on virtual alias domains

Schiznik Lists
All,

I have postfix 2.3.8 running on a debian etch vps, I have everything
running as i need, with the exception of virtual aliased domains. I
would like to be able to setup forwarders on one domain, and for other
domains that are aliased to it pick up these forwarders. At the moment
it rejects at smtp time correctly for domains that I have set users on,
but accepts then bounces for domains that I want to use as aliases. I
have a lot of forwarders, that I dont want to have to duplicate on each
domain. I dont need to send mail from the aliased domains, only receive
mail/reject spam to invalid addresses

Could I get a bit of advice as to how to reject unknown forwarders on
aliased domains, I have tried to make this work with smtp_generic_maps,
and virtual_alias_domains, to no avail

Thanks,
Matt.

Logs, properly rejected first, then the bounce:

Jul 30 00:38:35 snee postfix/smtpd[5412]: connect from
outgoing.mailserver.example.com[xx.xx.xx.68]
Jul 30 00:38:35 snee postfix/smtpd[5412]: NOQUEUE: reject: RCPT from
outgoing.mailserver.example.com[xx.xx.xx.68]: 550 5.1.1
<[hidden email]>: Recipient address rejected: User unknown in
virtual mailbox table; from=<[hidden email]>
to=<[hidden email]> proto=ESMTP helo=<outgoing.mailserver.example.com>
Jul 30 00:38:35 snee postfix/smtpd[5412]: disconnect from
outgoing.mailserver.example.com[xx.xx.xx.68]
Jul 30 00:38:57 snee postfix/smtpd[5412]: connect from
outgoing.mailserver.example.com[xx.xx.xx.68]
Jul 30 00:38:57 snee postfix/smtpd[5412]: 6E9D3540BC:
client=outgoing.mailserver.example.com[xx.xx.xx.68]
Jul 30 00:38:57 snee postfix/cleanup[5415]: 6E9D3540BC:
message-id=<[hidden email]>
Jul 30 00:38:57 snee postfix/qmgr[5392]: 6E9D3540BC:
from=<[hidden email]>, size=1670, nrcpt=1 (queue active)
Jul 30 00:38:57 snee postfix/smtpd[5412]: disconnect from
outgoing.mailserver.example.com[xx.xx.xx.68]
Jul 30 00:38:57 snee postfix/pipe[5416]: 6E9D3540BC:
to=<[hidden email]>, orig_to=<[hidden email]>,
relay=dovecot, delay=0.23, delays=0.14/0/0/0.09, dsn=5.1.1,
status=bounced (user unknown)
Jul 30 00:38:57 snee postfix/cleanup[5415]: A6D96540BE:
message-id=<[hidden email]>
Jul 30 00:38:57 snee postfix/bounce[5422]: 6E9D3540BC: sender
non-delivery notification: A6D96540BE
Jul 30 00:38:57 snee postfix/qmgr[5392]: A6D96540BE: from=<>, size=2836,
nrcpt=1 (queue active)
Jul 30 00:38:57 snee postfix/qmgr[5392]: 6E9D3540BC: removed
Jul 30 00:38:58 snee postfix/smtp[5423]: A6D96540BE:
to=<[hidden email]>,
relay=mailserver.example.com[xx.xx.xx.195]:25, delay=1,
delays=0.02/0.03/0.67/0.32, dsn=2.0.0, status=sent (250 Ok: queued as
75A5C28F657)
Jul 30 00:38:58 snee postfix/qmgr[5392]: A6D96540BE: removed


postconf -n

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
bounce_size_limit = 1
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
inet_interfaces = all
local_recipient_maps =
mailbox_size_limit = 0
mailbox_transport = dovecot
mydestination = $myhostname, localhost.$myhostname, localhost
snee,
myhostname = snee.schiznik.net
mynetworks = 127.0.0.0/8
myorigin = /etc/mailname
recipient_delimiter = +
relayhost =
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_delay_reject = yes
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks,
reject_invalid_hostname,        permit
smtpd_recipient_restrictions = reject_unauth_pipelining,
permit_sasl_authenticated,        permit_mynetworks,
reject_non_fqdn_recipient,        reject_unknown_recipient_domain,
   reject_unauth_destination,       reject_rbl_client zen.spamhaus.org
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = permit_sasl_authenticated,
permit_mynetworks,        reject_non_fqdn_sender,
reject_unknown_sender_domain,        permit
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtpd_use_tls = yes
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 550
virtual_mailbox_domains = $transport_maps
virtual_mailbox_maps = $virtual_maps


/etc/postfix/transport -
schiznik.com    dovecot:
schiznik.net dovecot:

/etc/postfix/virtual -
[hidden email] [hidden email]
[hidden email] [hidden email]
@schiznik.net @schiznik.com
Reply | Threaded
Open this post in threaded view
|

Re: forwarders on virtual alias domains

mouss-2
MPays wrote:

> All,
>
> I have postfix 2.3.8 running on a debian etch vps, I have everything
> running as i need, with the exception of virtual aliased domains. I
> would like to be able to setup forwarders on one domain, and for other
> domains that are aliased to it pick up these forwarders. At the moment
> it rejects at smtp time correctly for domains that I have set users on,
> but accepts then bounces for domains that I want to use as aliases. I
> have a lot of forwarders, that I dont want to have to duplicate on each
> domain. I dont need to send mail from the aliased domains, only receive
> mail/reject spam to invalid addresses
>
> Could I get a bit of advice as to how to reject unknown forwarders on
> aliased domains, I have tried to make this work with smtp_generic_maps,
> and virtual_alias_domains, to no avail
>
> [snip]
> /etc/postfix/virtual -
> [hidden email]    [hidden email]
> [hidden email]    [hidden email]
> @schiznik.net        @schiznik.com

wildcard virtual aliases break recipient validation. This is a known
issue. You'll need to generate the map with a script or use sql/ldap.


Reply | Threaded
Open this post in threaded view
|

Re: forwarders on virtual alias domains

Schiznik Lists
mouss wrote:
-
> wildcard virtual aliases break recipient validation. This is a known
> issue. You'll need to generate the map with a script or use sql/ldap.
>

Thanks for the info. As I'm running this on a vps I don't have alot of
RAM to use, I don't want to get sql/ldap involved really.

Time for a hacky bash script methinks :)

regards, Matt