Postfix: relay domain or virtual domain?
I am in a college/university environment, and thought I had this problem fixed with a couple of lines in a main.cf file .
Some of my users paid for a hosted service, in the past, that would allow a forwarding service for alumni users. They would give alumni a email@example.com "account" that would forward all messages to a preset other account that the user had. They decided to stop paying for this, and weeks later after services were absent completely, I was approached to come up with a solution that would do this same thing. Arg!
What I came up with was a solution with postfix and virtual domain maps.
I've got my virtual map set up with a few thousand users like so:
My main.cf has some lines that I've setup:
Some of the lines were just copied/pasted from another postfix box that runs mailman, so perhaps I've got some redundant stuff in this config file that is breaking things.
inet_protocols = all
biff = no
mail_spool_directory = /var/mail
canonical_maps = hash:/etc/postfix/canonical
virtual_alias_maps = hash:/etc/postfix/virtual
virtual_alias_domains = hash:/etc/postfix/virtual
relocated_maps = hash:/etc/postfix/relocated
transport_maps = hash:/etc/postfix/transport
sender_canonical_maps = hash:/etc/postfix/sender_canonical
masquerade_exceptions = root
masquerade_classes = envelope_sender, header_sender, header_recipient
myhostname = alumpostfix.mydomain.edu
program_directory = /usr/lib/postfix
#inet_interfaces = localhost
mydestination = $myhostname, localhost.$mydomain
#mynetworks_style = subnet
mynetworks = 127.0.0.0/8, xxx.xx.xx.x/24
disable_dns_lookups = no
strict_8bitmime = no
disable_mime_output_conversion = no
smtpd_sender_restrictions = hash:/etc/postfix/access
smtpd_helo_required = no
strict_rfc821_envelopes = no
smtpd_recipient_restrictions = permit_mynetworks,reject_unauth_destination
smtp_sasl_auth_enable = no
smtpd_sasl_auth_enable = no
smtpd_use_tls = no
smtp_use_tls = no
#alias_maps MODIFIED BY BEN
alias_maps = hash:/etc/aliases
mailbox_size_limit = 0
message_size_limit = 10240000
myorigin = $myhostname
#LINES ADDED AFTER THIS ARE BY BEN.
inet_interfaces = localhost
recipient_delimiter = +
During testing, I send a message from a different/main email system at the parent domain to a test-user to verify that it will forward. All is gravy and the messages go to where they are supposed to.
I just recently heard from some users that senders to their @alumni.university.edu email addresses are getting bouncebacks with "relay access denied" in the messages. I haven't yet obtained one of these bouncebacks, but looking through /var/log/mail is showing tons of relay denied type of errors. This has me thinking that I misunderstood the whole concept in the beginning, and that my postfix box is asking recipients to relay the original message and they're not willing to do so.
Frequently with projects like this, where I have users that expect a very particular type of functionality, I end up tweaking an existing open source solution and bending it to our need...and in the end the software is doing something it wasn't really intended to do. Now, I suspect that this email forwarding project might be difficult since it sounds like a spam-type operation, and other mailservers might not like it.
So is this something I just have all wrong in my postfix setup, or is this something a relay domain would do better at?
Do your users have home directories?
Can't you just add .forward files for your users in their home dirs?