[Novalug] postfix Q (my domain as a virtual domain)

Mon Apr 5 11:27:03 EDT 2010

I was going to suggest that you did exactly what you did. While MX is the MX for example.com, it's job should be more along the lines of a receiving mailroom, accepting mail but forwarding it to wherever the ultimate mailstore is. Actually, that could be itself, example.com itself, or another host.

I'm wondering why you even have a uucp user tho. And if you remove it on MX, is the spam just going to go to example.com itself?

You might consider going one step further, and treating all mail to mx.example.com as if it were the to the main domain, making it a virtual domain too. After all, you don't really want mail piling up on the MX host, do you?

The only other issue I see is whether or not example.com has a lower valued MX than MX itself. If it does, no problem. But if not, you might end up trying to the lowest valued MX, which is MX itself. I know that sendmail has ways around this (relay, but ignore MX records), but I am not sure how Postfix handles this problem.

JIM 

----- Original Message -----
From: "Chris Snyder" <gopher at 3wa.org>
To: "NOVALUG" <NOVALUG at calypso.tux.org>
Sent: Monday, April 5, 2010 10:45:34 AM GMT -05:00 US/Canada Eastern
Subject: [Novalug] postfix Q (my domain as a virtual domain)

Can anybody find a flaw in this concept?  Because I can't, and it's looking
like a really nice option for a Postfix problem I'm having.

I have postfix listening for mail on the host mx.example.com. The host accepts
mail for local delivery (i.e. bob at mx.example.com) and it accepts all mail for
my domain '@example.com' (i.e. frank at example.com).

In the past when I've needed this type of setup, I've just added 'example.com'
to the configuration parameter 'mydestination' and added a few aliases under
/etc/aliases.  The problem I have with this is now any local account on the
host can receive '@example.com' mail, for example, bin, admin, uucp, etc.  I
don't want that, I only want the certain addresses to be able to receive mail
with an @example.com address.  (I'm currently getting spam addressed to
uucp at example.com, this is just rediculous, IMHO.)

So I just found that if I treat 'example.com' as a completely virtual domain,
I can get around this problem:

myhostname = mx.example.com
mydomain = example.com
mydestination = $myhostname, localhost.$mydomain, localhost
virtual_alias_domains = example.com
virtual_alias_maps = hash:/etc/postfix/virtual

Now, all mail addressed to '@example.com' is treated as a virtual domain and
if an address doesn't exist in the file /etc/postfix/virtual it's ignored
(whereas, before if the account was in /etc/passwd or /etc/aliases, the
recipent was considered valid).  On the other hand the only way to deliver
mail to a local user is to address it to @mx.example.com or send it from
localhost to localhost. But, this is exactly what I want as the only local
accounts that should ever recieve mail are the usual Ubuntu utility accounts
such as mysql, root, etc. and that's all generated internal to the host
anyway.

So, am I missing anything here? Any major downsides to this?  All the examples
on the net use the 'add your domain to $mydestination' approach and I can't
find anything like I've described, but neither can I find anything warning me
not to do it.

Thx
Gopher.

P.S. There is another solution where I could have simply kept '@example.com'
in mydestinations and then local_recipient_maps to have a list of approved
addressses, but this seems ugly and feels like extra book keeping to me.

--
gopher at 3wa.org
"Evil is, as humans do" - The Misfits
_______________________________________________
Novalug mailing list
Novalug at calypso.tux.org
http://calypso.tux.org/mailman/listinfo/novalug