From: James Lever on
Hi Wietse,

On 25/03/2010, at 8:59 AM, Wietse Venema wrote:

> See http://www.postfix.org/ADRESS_REWRITING_README.html, option
> address masquerading.

So that is what I was trying to use. The problem with this is that to get it to work the way I (think) I want it to work, I need to do the following.. hang on, let me first clearly define what I’m trying to do fully, then show my current configuration.

* all mail to be sent on to a relayhost regardless of whether the local MTA thinks it should be delivered locally or not. (this is the specfic issue I currently have)
* all mail to be rewritten in the form $local@$mydomain (preferrably in that generic manner, rather than having to put @domain.com in the configuration file. (masquerade works fine for all cases except the case where a user is sending mail explicitly to $local@$myhostname or just $local - this mail is delivered locally, not what I’m after)
* the root mail to appear from root@$myhostname (solved by using masquerade_domains and masquerade_exceptions)
* I would also like to not have to localise this configuration file in any way (by explicitly specifying the hostname and preferrably by not specifying the local domain and using the discovered domain)

So, to do this, here’s what I’ve done so far:

inet_interfaces = loopback-only
masquerade_domains = $mydomain
masquerade_exceptions = root, mailer-daemon
myorigin = $myhostname
relayhost = mail

Other than that, it’s a standard RHEL5 postfix configuration.

I tried to use luser_relay, however, it doesn’t support the form luser_relay = $local@$mydomain ($mydomain is not expanded) and testing $local(a)domain.com shows that it only redirects global mail aliases but not user account names as they are found locally (as per the specification)

>> I could not see the ExposeRoot type functionality that Sendmail
>> had. Does that exist? (I know I could have a sender_canonical_map
>> but I don_t see a way to generalise having root being exposed
>> without explicitly entering the hostname and therefore editing
>> files for every system)
>
> See "delivering some addresses locally", in the
> STANDARD_CONFIGURATION_README.

I don’t want to deliver any addresses locally in this configuration. At all. I’m using /etc/aliases to redeliver root mail to another address, but if what I am desiring above would work, I could just have a single alias on the mail hub for root instead of on each host.

cheers,
James

From: Victor Duchovni on
On Thu, Mar 25, 2010 at 07:51:53AM +1000, James Lever wrote:

>
> On 25/03/2010, at 3:45 AM, Victor Duchovni wrote:
>
> >>
> >> http://www.postfix.org/BASIC_CONFIGURATION_README.html#myorigin
> >>
> >> See the *second* paragraph.
> >
> > Also: http://www.postfix.org/MULTI_INSTANCE_README.html#quick
>
> Unfortunately, the problem with both of these configurations is that I cannot expose the root user such that the root account shows up as root@$myhostname
>

Well, the multi-instance specifically shows examples of generic_rewriting,
that expose the origin machine of root's email. You can rewrite
root@$myorigin in any way you see fit via smtp_generic_maps. If you want
root@$myhostname, you can use that. I prefer to never generate envelopes
with @machine domains, since then null-clients don't need to run network
facing MTAs (SMTP server limited to loopback or turned off entirely).

--
Viktor.

P.S. Morgan Stanley is looking for a New York City based, Senior Unix
system/email administrator to architect and sustain our perimeter email
environment. If you are interested, please drop me a note.

From: Wietse Venema on
James Lever:
> * all mail to be sent on to a relayhost regardless of whether
> the local MTA thinks it should be delivered locally or not.
> (this is the specfic issue I currently have)

relayhost = $mydomain

> * all mail to be rewritten in the form $local@$mydomain (preferrably
> in that generic manner, rather than having to put @domain.com in
> the configuration file. (masquerade works fine for all cases
> except the case where a user is sending mail explicitly to
> $local@$myhostname or just $local - this mail is delivered locally,
> not what I_m after)

myorigin = $myhostname
mydestination = $myhostname localhost.$mydomain localhost

> * the root mail to appear from root@$myhostname

masquerade_domains = $mydomain
masquerade_exceptions = root

> * I would also like to not have to localise this configuration
> file in any way (by explicitly specifying the hostname and
> preferrably by not specifying the local domain and using the
> discovered domain)

Wietse

From: James Lever on

On 25/03/2010, at 10:43 AM, Wietse Venema wrote:

>> * all mail to be sent on to a relayhost regardless of whether
>> the local MTA thinks it should be delivered locally or not.
>> (this is the specfic issue I currently have)
>
> relayhost = $mydomain

This still doesn’t solve the issue of local destination mail - mail sent via “mail user” or “mail user@$myhostname” from the local system still gets delivered to the mail spool. This is the key part that I’m still trying to solve.

Any pointers would be greatly appreciated.

cheers,
James

From: James Lever on

On 25/03/2010, at 11:43 AM, James Lever wrote:

> This still doesn’t solve the issue of local destination mail - mail sent via “mail user” or “mail user@$myhostname” from the local system still gets delivered to the mail spool. This is the key part that I’m still trying to solve.


For anybody else that comes along, I discovered 2 methods to easily do what I wanted.

Method 1:

Enable envelope_sender masquerading (non-default behaviour).

edit masquerade_classes to include envelope_recipient, for example:

masquerade_classes = envelope_sender, envelope_recipient, header_sender, header_recipient

along with

masquerade_domains = $mydomain
masquerade_exceptions = root, mailer-daemon, logwatch


Method 2:

This method can provide significantly greater flexibility, but bypasses all local delivery attempts including alias expansion, so any aliases need to be defined in /etc/postfix/virtual and the regexp needs to exclude it (from my minimal testing of this method)

local_transport = virtual
virtual_alias_maps = regexp:/etc/postfix/virtual

in /etc/postfix/virtual have an entry similar to this

/(.*)@/ $1(a)somedomain.com


Hopefully that’s the right way to do the second one.

cheers,
James