Find the answer to your Linux question:
Results 1 to 7 of 7
I am in a college/university environment, and thought I had this problem fixed with a couple of lines in a main.cf file . Some of my users paid for a ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Just Joined!
    Join Date
    Nov 2007
    Location
    Salt Lake City, UT, USA
    Posts
    32

    Postfix: relay domain or virtual domain?


    I am in a college/university environment, and thought I had this problem fixed with a couple of lines in a main.cf file .

    Some of my users paid for a hosted service, in the past, that would allow a forwarding service for alumni users. They would give alumni a your.name@alumni.university.edu "account" that would forward all messages to a preset other account that the user had. They decided to stop paying for this, and weeks later after services were absent completely, I was approached to come up with a solution that would do this same thing. Arg!

    What I came up with was a solution with postfix and virtual domain maps.

    I've got my virtual map set up with a few thousand users like so:

    Code:
    joe.user@alumni.university.edu                  someother.user@job-place.com
    another.user@alumni.university.edu           different@anotherdomain.com
    bob@alumni.university.edu                          ake2314455@someotherdomain.net
    ...
    My main.cf has some lines that I've setup:
    Code:
    inet_protocols = all
    biff = no
    mail_spool_directory = /var/mail
    canonical_maps = hash:/etc/postfix/canonical
    virtual_alias_maps = hash:/etc/postfix/virtual
    virtual_alias_domains = hash:/etc/postfix/virtual
    relocated_maps = hash:/etc/postfix/relocated
    transport_maps = hash:/etc/postfix/transport
    sender_canonical_maps = hash:/etc/postfix/sender_canonical
    masquerade_exceptions = root
    masquerade_classes = envelope_sender, header_sender, header_recipient
    myhostname = alumpostfix.mydomain.edu
    program_directory = /usr/lib/postfix
    #inet_interfaces = localhost
    masquerade_domains =
    mydestination = $myhostname, localhost.$mydomain
    defer_transports =
    #mynetworks_style = subnet
    mynetworks = 127.0.0.0/8, xxx.xx.xx.x/24
    disable_dns_lookups = no
    relayhost =
    mailbox_command =
    mailbox_transport =
    strict_8bitmime = no
    disable_mime_output_conversion = no
    smtpd_sender_restrictions = hash:/etc/postfix/access
    smtpd_client_restrictions =
    smtpd_helo_required = no
    smtpd_helo_restrictions =
    strict_rfc821_envelopes = no
    smtpd_recipient_restrictions = permit_mynetworks,reject_unauth_destination
    smtp_sasl_auth_enable = no
    smtpd_sasl_auth_enable = no
    smtpd_use_tls = no
    smtp_use_tls = no
    #alias_maps MODIFIED BY BEN
    alias_maps = hash:/etc/aliases
    mailbox_size_limit = 0
    message_size_limit = 10240000
    myorigin = $myhostname
    #LINES ADDED AFTER THIS ARE BY BEN.
    inet_interfaces = localhost
    recipient_delimiter = +
    Some of the lines were just copied/pasted from another postfix box that runs mailman, so perhaps I've got some redundant stuff in this config file that is breaking things.

    During testing, I send a message from a different/main email system at the parent domain to a test-user to verify that it will forward. All is gravy and the messages go to where they are supposed to.

    I just recently heard from some users that senders to their @alumni.university.edu email addresses are getting bouncebacks with "relay access denied" in the messages. I haven't yet obtained one of these bouncebacks, but looking through /var/log/mail is showing tons of relay denied type of errors. This has me thinking that I misunderstood the whole concept in the beginning, and that my postfix box is asking recipients to relay the original message and they're not willing to do so.

    Frequently with projects like this, where I have users that expect a very particular type of functionality, I end up tweaking an existing open source solution and bending it to our need...and in the end the software is doing something it wasn't really intended to do. Now, I suspect that this email forwarding project might be difficult since it sounds like a spam-type operation, and other mailservers might not like it.

    So is this something I just have all wrong in my postfix setup, or is this something a relay domain would do better at?

  2. #2
    Linux Enthusiast scathefire's Avatar
    Join Date
    Jan 2010
    Location
    Western Kentucky
    Posts
    626
    Postfix will not take mail that it doesn't know how to transport. If your server is only set up for university.edu when someone sends directly alumni.university.edu it will see it as relay attempt.

    try adding the domain to the mydestination in your main.cf file, we use mysql to handle our domains, so i may be a bit out of my element. but the basic concept is your mail server needs to know it can accept mail for that domain.

  3. #3
    Just Joined!
    Join Date
    Nov 2007
    Location
    Salt Lake City, UT, USA
    Posts
    32
    Based on the POSTFIX doc : Postfix Virtual Domain Hosting Howto , it notes "NEVER list a virtual alias domain name as a mydestination domain!". I haven't put in alumni.university.edu in mydestinations because of this.

    If I'm understanding it right (which I definitely might not be!), doesn't my config file with the lines...
    Code:
    virtual_alias_maps = hash:/etc/postfix/virtual
    virtual_alias_domains = hash:/etc/postfix/virtual
    ...tell postfix that the virtual domains to send mail to are the users in my virtual file? I mean, I've got thousands of lines with usera@alumni.university.edu usera@theirdomain.com .... is this enough to satisfy the virtual_alias_domains entry in main.cf ?

  4. $spacer_open
    $spacer_close
  5. #4
    Linux Enthusiast scathefire's Avatar
    Join Date
    Jan 2010
    Location
    Western Kentucky
    Posts
    626
    mail servers are one of those enigmatic creatures sometimes. when they work they work in most superior manner, when they don't well... they just plain suck. Let's take a look at some of your logs and see if they shed any light on the subject.

  6. #5
    Just Joined!
    Join Date
    Nov 2007
    Location
    Salt Lake City, UT, USA
    Posts
    32

    Talking

    I thought I had read everything there was to read in the docs related to postfix virtual_alias_domains, but obviously not. I just looked at Postfix manual - virtual(5) , which is built into the SLES10 /etc/postfix/virtual file , and looked at the line regarding the syntax of the first line of the file.

    I added this to my virtual file:
    Code:
    alumni.university.edu                                   anything
    postmaster@alumni.university.edu                        postmaster@university.edu
    bknorr@alumni.university.edu                            uberbug@otherdomain.com
    test123@alumni.university.edu                           nebbbben@somethingelse.com
    postmap /etc/postfix/virtual
    postfix reload

    !

    It all works with no more 550 relaying errors now. Meh! Read the documentation. I'll try to remember that next time

  7. #6
    Banned
    Join Date
    Feb 2010
    Posts
    31

    Do your users have home directories?

    Can't you just add .forward files for your users in their home dirs?

  8. #7
    Just Joined!
    Join Date
    Nov 2007
    Location
    Salt Lake City, UT, USA
    Posts
    32
    None of these addressed that are being forwarded have any kind of user accounts on the box. I've set it up so this server only functions to forward a few thousand addresses to external domains.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •