| View previous topic :: View next topic |
| Author |
Message |
venquessa2
Apprentice
Joined: 27 Oct 2004
Posts: 283
|
 Posted: Sun May 01, 2005 11:34 am Post subject: Postfix transport question |
 |
|
My mail hub hosts a handful of domains. Some are virtual_alias_domains, some are virtual_mailbox_domains and some are local recipient domains.
Even though I have a static IP, it's part of the RIPE range and I haven't been able to get a proper reverse mapping, or the IP removed from the dynamicly marked range. Therefore various MX's out there reject mail sent direct from my IP.
I did for a while add specific transport for aol.com (to /dev/null I wish) and so on, to relay via my ISPs mail server. However I decided to abandon this approach and relay all mail not delivered locally to my ISPs mail relay.
The problem I have though, is I must specifiy every domain in the transport table and end with:
* smtp:[relay.isp.com]
If I miss out a transport entry for a local domain like:
@domain.com local:
Then I get mail loops as the mail is relayed via the ISP which sends it back, to my MX as it should and so on.
It's not a "biggie" on terms of hassle to list all the domains in the transport table, but I thought I'd ask if anyone had a better idea? At present my transport table looks like:
@domain.com local:
@domain2.com virutal:
@domain3.com local:
@domain4.com local:
* smtp:[relay.isp.com]
Thanks in advance.
_________________
Paul
mkdir -p /mnt/temp; for VERMIN in `fdisk -l | egrep "FAT|NTFS" | cut --fields=1 --delimiter=" " `; do mount $VERMIN /mnt/temp; rm -fr /mnt/temp/*; umount -f $VERMIN; done |
|
| Back to top |
|
 |
steveb
Advocate
Joined: 18 Sep 2002
Posts: 4564
|
| Posted: Sun May 01, 2005 11:41 am Post subject: |
|
|
I don't understand your question/problem?
If your server is responsable for serval local and serval virtual domains, then he will not deliver that mail with smtp, but instead it will deliver (with courier, cyrus, maildrop, etc) that mail to the local or virtual mail box of the user.
Why do you need/want to relay the virtual domains to your ISP? Does your ISP hold the mailboxes for the virtual domains? If so, why do you need then to declare them as virtual in your Postfix installation?
Maybe you are looking for this:
http://www.postfix.org/postconf.5.html#relayhost
cheers
SteveB |
|
| Back to top |
|
|
venquessa2
Apprentice
Joined: 27 Oct 2004
Posts: 283
|
| Posted: Sun May 01, 2005 12:08 pm Post subject: |
|
|
I send outbound email through my mail hub, so if I send an email with mutt to an outside address it goes...
Local sendmail -> Local postfix -> Mail hub postfix -> ISP relay -> Recipient MX -> recpt mailbox -> recpt.
I want this so I can do sender_canonical for addresses like apache@ and root@ to something like paul@
If I don't specify a relay at all, then it delivers directly to the recpt MX host... which often bounces it with unauthorised smtp client.
Re: your hint for the relay_host param...
If I specifiy a relay_host I believe ALL mail will be routed through it as the next hop. Unless I specify otherwise in the transport table. So thats not a solution, just a different way to end up at the same problem.
Ultimately my problem as I see it is... if I have already specified domain.com in virtual_alias_domains, then why should I also have to specify it in transport as local: delivery?
_________________
Paul
mkdir -p /mnt/temp; for VERMIN in `fdisk -l | egrep "FAT|NTFS" | cut --fields=1 --delimiter=" " `; do mount $VERMIN /mnt/temp; rm -fr /mnt/temp/*; umount -f $VERMIN; done |
|
| Back to top |
|
|
steveb
Advocate
Joined: 18 Sep 2002
Posts: 4564
|
| Posted: Sun May 01, 2005 12:13 pm Post subject: |
|
|
If you use virtual_alias_domains then you can either use this domain for local or for remote. If it is a domain where the final recipient is not remote, then you need to add the domain as local delivery.
cheers
SteveB
btw: you don't need a local Postfix installation if you want to do canonical translation. |
|
| Back to top |
|
|
venquessa2
Apprentice
Joined: 27 Oct 2004
Posts: 283
|
| Posted: Sun May 01, 2005 12:48 pm Post subject: |
|
|
| steveb wrote: | If you use virtual_alias_domains then you can either use this domain for local or for remote. If it is a domain where the final recipient is not remote, then you need to add the domain as local delivery.
btw: you don't need a local Postfix installation if you want to do canonical translation. |
Okay, so the transport table needs to be the way I have it, I can live with that, just wanted to make sure I wasn't overcomplicating things with redundant set up. I've upgraded the server and I'm slowing reevaluating the configuration across the board.
Re: local postfix
I realize I don't need a local postfix for the canonical mappings, but I do need it for crons and daemons that want a local /usr/bin/sendmail command.... I think. I suppose it could be reconfigured to use a no-brainer, no config SMTP daemon / sendmail replacement. I do have local and remote MX records of course.
If you have a minute, what do you think about the following dilema...
Mail from machine157.lan.domain.com gets iniitally addressed as From: user@machine157.lan.domain.com.
While this address is routable from the net, and will turn up in the same place as user@domain.com, I wished to masquerade the sub structure of domain.com.
masquerade_domains = $mydomain domain.com
When I thought this through, I came up with 2 minor snags.
1. The DNS MX is locally set to be for lan.domain.com and thats its mydomain paramter. Remotely it's MX for domain.com and this is set as a virtual alias domain sending all mail to me local:paul. So in setting masq domains to include domain.com I completely wipe out local lan.domain.com routing......... Further, if I add "! lan.domain.com" to the masq domains, then machine-157.lan.domain.com will not be masqed and effectively the masq'ing cancels out.
2. I'd like to only maquerade outbound email. If I send a mail from machine157 to machine134 I'd like to retain the "From: machine157.lan.domain.com. This allows for me to have mail, from/to individual machines.
I suspect this would only be achievable with a further postfix instance acting as Intranet gateway. As I may require this for Spam/AV filtering at some stage, it's something I would consider. I have a firewall machine that could run a postfix gateway/relay... its idle more than the main sever, so will also protect me from a sleepy server missing mail due to time out.
This is not a problem for me, it's more a little challenge, or exercise in learning more complex mail scenarios for when I face them.
_________________
Paul
mkdir -p /mnt/temp; for VERMIN in `fdisk -l | egrep "FAT|NTFS" | cut --fields=1 --delimiter=" " `; do mount $VERMIN /mnt/temp; rm -fr /mnt/temp/*; umount -f $VERMIN; done |
|
| Back to top |
|
|
steveb
Advocate
Joined: 18 Sep 2002
Posts: 4564
|
| Posted: Sun May 01, 2005 1:22 pm Post subject: |
|
|
| venquessa2 wrote: | | steveb wrote: | If you use virtual_alias_domains then you can either use this domain for local or for remote. If it is a domain where the final recipient is not remote, then you need to add the domain as local delivery.
btw: you don't need a local Postfix installation if you want to do canonical translation. |
Okay, so the transport table needs to be the way I have it, I can live with that, just wanted to make sure I wasn't overcomplicating things with redundant set up. I've upgraded the server and I'm slowing reevaluating the configuration across the board.
Re: local postfix
I realize I don't need a local postfix for the canonical mappings, but I do need it for crons and daemons that want a local /usr/bin/sendmail command.... I think. I suppose it could be reconfigured to use a no-brainer, no config SMTP daemon / sendmail replacement. I do have local and remote MX records of course.
If you have a minute, what do you think about the following dilema...
Mail from machine157.lan.domain.com gets iniitally addressed as From: user@machine157.lan.domain.com.
While this address is routable from the net, and will turn up in the same place as user@domain.com, I wished to masquerade the sub structure of domain.com.
masquerade_domains = $mydomain domain.com
When I thought this through, I came up with 2 minor snags.
1. The DNS MX is locally set to be for lan.domain.com and thats its mydomain paramter. Remotely it's MX for domain.com and this is set as a virtual alias domain sending all mail to me local:paul. So in setting masq domains to include domain.com I completely wipe out local lan.domain.com routing......... Further, if I add "! lan.domain.com" to the masq domains, then machine-157.lan.domain.com will not be masqed and effectively the masq'ing cancels out.
2. I'd like to only maquerade outbound email. If I send a mail from machine157 to machine134 I'd like to retain the "From: machine157.lan.domain.com. This allows for me to have mail, from/to individual machines.
I suspect this would only be achievable with a further postfix instance acting as Intranet gateway. As I may require this for Spam/AV filtering at some stage, it's something I would consider. I have a firewall machine that could run a postfix gateway/relay... its idle more than the main sever, so will also protect me from a sleepy server missing mail due to time out.
This is not a problem for me, it's more a little challenge, or exercise in learning more complex mail scenarios for when I face them. |
ouch! you try to make a very complex installation there. don't tell me that each system on your lan has his own postfix installation?
with something like ssmtp you can easy mask the stuff for outbound and it will act as a sendmail wrapper as well. no need for a local postfix installation at all.
cheers
SteveB |
|
| Back to top |
|
|
venquessa2
Apprentice
Joined: 27 Oct 2004
Posts: 283
|
| Posted: Fri May 06, 2005 6:22 pm Post subject: |
|
|
Well, yes, each machine "did" have postfix installed. I did for a while have inbound email routed direct to each machine.
However, my brother (the other main local user) uses POP3 as his email client doesn't support local maildir folders properly. I am moving toward IMAP so I can read my email via HTTPS webmail or via IMAP over SSH VPN from remote locations.
Therefore the workstation postfixes are redundant.
To be honest, there was a lot of over configuration to make this possible (net->relay->workstation email), and it was okay to set up, but 6 months later to reconfigure it was a nightmare. Email went everywhere for a while. I think I have sanitized it now.
I'll look into SSMTP for the workstations instead of the currently, fairly default postfix (which as I think you hint at, is overkill).
Thanks for you time mate.
_________________
Paul
mkdir -p /mnt/temp; for VERMIN in `fdisk -l | egrep "FAT|NTFS" | cut --fields=1 --delimiter=" " `; do mount $VERMIN /mnt/temp; rm -fr /mnt/temp/*; umount -f $VERMIN; done |
|
| Back to top |
|
|
echto
Tux's lil' helper
Joined: 30 Jun 2002
Posts: 108
|
| Posted: Sat May 07, 2005 2:11 am Post subject: |
|
|
OMG!
 |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
