[Novalug] postfix Q (my domain as a virtual domain)

Chris Snyder gopher at 3wa.org
Mon Apr 5 10:45:34 EDT 2010 

Can anybody find a flaw in this concept?  Because I can't, and it's looking
like a really nice option for a Postfix problem I'm having.

I have postfix listening for mail on the host mx.example.com. The host accepts
mail for local delivery (i.e. bob at mx.example.com) and it accepts all mail for
my domain '@example.com' (i.e. frank at example.com).

In the past when I've needed this type of setup, I've just added 'example.com'
to the configuration parameter 'mydestination' and added a few aliases under
/etc/aliases.  The problem I have with this is now any local account on the
host can receive '@example.com' mail, for example, bin, admin, uucp, etc.  I
don't want that, I only want the certain addresses to be able to receive mail
with an @example.com address.  (I'm currently getting spam addressed to
uucp at example.com, this is just rediculous, IMHO.)

So I just found that if I treat 'example.com' as a completely virtual domain,
I can get around this problem:

myhostname = mx.example.com
mydomain = example.com
mydestination = $myhostname, localhost.$mydomain, localhost
virtual_alias_domains = example.com
virtual_alias_maps = hash:/etc/postfix/virtual

Now, all mail addressed to '@example.com' is treated as a virtual domain and
if an address doesn't exist in the file /etc/postfix/virtual it's ignored
(whereas, before if the account was in /etc/passwd or /etc/aliases, the
recipent was considered valid).  On the other hand the only way to deliver
mail to a local user is to address it to @mx.example.com or send it from
localhost to localhost. But, this is exactly what I want as the only local
accounts that should ever recieve mail are the usual Ubuntu utility accounts
such as mysql, root, etc. and that's all generated internal to the host
anyway.

So, am I missing anything here? Any major downsides to this?  All the examples
on the net use the 'add your domain to $mydestination' approach and I can't
find anything like I've described, but neither can I find anything warning me
not to do it.

Thx
Gopher.

P.S. There is another solution where I could have simply kept '@example.com'
in mydestinations and then local_recipient_maps to have a list of approved
addressses, but this seems ugly and feels like extra book keeping to me.

--
gopher at 3wa.org
"Evil is, as humans do" - The Misfits

More information about the Novalug mailing list