Postfix satelite mail configuration with special needs
Posted by Admin • Monday, February 15. 2010 • Category: Linux
OK so I have special needs. (Either that or I am just oblivious to a working example of this).
My needs are:
Doesn't seem so hard, right? So I started with the postfix "Satelite System" option in ubuntu installer, and then...
There are several issues. First of all, the system as-is will only process mail to local addresses for real linux user accounts. If you comment out mydestinations, this problem is solved, and it will send everything out. However, /etc/aliases will no longer apply since we're, well, not a destination. Here is where virtual maps come in.
Let's say my real domain is example.com ... My server is at myserver.example.com. All my mail should be qualified with @example.com unless it's a fully qualified email address (recipient and sender). For my needs, I want mail sent to some internal accounts to be sent to an external mailing list [email protected] .
Everything should theoretically work now - you can now send mail to [email protected], root, [email protected], system-info, etc. In short, any unqualified address gets @example.com tacked on, and addresses listed in virtual map (root, nagios) get redirected to [email protected]. There is no local delivery. Mail for any address not specified in virtual map will be sent out as is, and hopefully your upstream system will deal with it correctly.
Here is my complete main.cf:
My needs are:
- Do not receive inbound mail
- Do not deliver mail locally at all
- Send all outbound mail through an upstream relay (ISP's smtp)
- Qualify local addresses with a valid domain name (ISP's smtp will reject invalid domains)
- Map some local addresses to convenient aliases (distribution lists in the real mail system - google apps in this case)
Doesn't seem so hard, right? So I started with the postfix "Satelite System" option in ubuntu installer, and then...
There are several issues. First of all, the system as-is will only process mail to local addresses for real linux user accounts. If you comment out mydestinations, this problem is solved, and it will send everything out. However, /etc/aliases will no longer apply since we're, well, not a destination. Here is where virtual maps come in.
Let's say my real domain is example.com ... My server is at myserver.example.com. All my mail should be qualified with @example.com unless it's a fully qualified email address (recipient and sender). For my needs, I want mail sent to some internal accounts to be sent to an external mailing list [email protected] .
- Forget your /etc/aliases contents, they no longer do anything
- Comment out mydestination
- Set myorigin to example.com (eg myorigin = /etc/mailname, and in /etc/mailname you have example.com)
- Create /etc/postfix/virtual: (list users you care to alias)
[email protected] system-info root system-info [email protected] system-info nagios system-info # and so on
- Add to main.cf : virtual_alias_maps = hash:/etc/postfix/virtual
- run: postmap /etc/postfix/virtual (to regenerate the db)
- Set Up your relayhost as appropriate if you haven't already
- Refresh postfix: service postfix reload (or restart posfix)
Everything should theoretically work now - you can now send mail to [email protected], root, [email protected], system-info, etc. In short, any unqualified address gets @example.com tacked on, and addresses listed in virtual map (root, nagios) get redirected to [email protected]. There is no local delivery. Mail for any address not specified in virtual map will be sent out as is, and hopefully your upstream system will deal with it correctly.
Here is my complete main.cf:
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
#AKOM: added this:
virtual_alias_maps = hash:/etc/postfix/virtual
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
#AKOM: optional, defaults to FQDN from dhcp/network settings
#myhostname = myserver.example.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
# AKOM: commented out:
#mydestination = example.com, myserver.example.com, localhost.example.com, localhost
relayhost = [outgoing.verizon.net] #my isp's mail server
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = loopback-only
0 Comments
Add Comment