diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-06 01:46:30 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-06 01:46:30 +0000 |
commit | b5896ba9f6047e7031e2bdee0622d543e11a6734 (patch) | |
tree | fd7b460593a2fee1be579bec5697e6d887ea3421 /man/man5/virtual.5 | |
parent | Initial commit. (diff) | |
download | postfix-upstream.tar.xz postfix-upstream.zip |
Adding upstream version 3.4.23.upstream/3.4.23upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'man/man5/virtual.5')
-rw-r--r-- | man/man5/virtual.5 | 335 |
1 files changed, 335 insertions, 0 deletions
diff --git a/man/man5/virtual.5 b/man/man5/virtual.5 new file mode 100644 index 0000000..74fbcef --- /dev/null +++ b/man/man5/virtual.5 @@ -0,0 +1,335 @@ +.TH VIRTUAL 5 +.ad +.fi +.SH NAME +virtual +\- +Postfix virtual alias table format +.SH "SYNOPSIS" +.na +.nf +\fBpostmap /etc/postfix/virtual\fR + +\fBpostmap \-q "\fIstring\fB" /etc/postfix/virtual\fR + +\fBpostmap \-q \- /etc/postfix/virtual <\fIinputfile\fR +.SH DESCRIPTION +.ad +.fi +The optional \fBvirtual\fR(5) alias table rewrites recipient +addresses for all local, all virtual, and all remote mail +destinations. +This is unlike the \fBaliases\fR(5) table which is used +only for \fBlocal\fR(8) delivery. Virtual aliasing is +recursive, and is implemented by the Postfix \fBcleanup\fR(8) +daemon before mail is queued. + +The main applications of virtual aliasing are: +.IP \(bu +To redirect mail for one address to one or more addresses. +.IP \(bu +To implement virtual alias domains where all addresses are aliased +to addresses in other domains. +.sp +Virtual alias domains are not to be confused with the virtual mailbox +domains that are implemented with the Postfix \fBvirtual\fR(8) mail +delivery agent. With virtual mailbox domains, each recipient address +can have its own mailbox. +.PP +Virtual aliasing is applied only to recipient +envelope addresses, and does not affect message headers. +Use \fBcanonical\fR(5) +mapping to rewrite header and envelope addresses in general. + +Normally, the \fBvirtual\fR(5) alias table is specified as a text file +that serves as input to the \fBpostmap\fR(1) command. +The result, an indexed file in \fBdbm\fR or \fBdb\fR format, +is used for fast searching by the mail system. Execute the command +"\fBpostmap /etc/postfix/virtual\fR" to rebuild an indexed +file after changing the corresponding text file. + +When the table is provided via other means such as NIS, LDAP +or SQL, the same lookups are done as for ordinary indexed files. + +Alternatively, the table can be provided as a regular\-expression +map where patterns are given as regular expressions, or lookups +can be directed to TCP\-based server. In those case, the lookups +are done in a slightly different way as described below under +"REGULAR EXPRESSION TABLES" or "TCP\-BASED TABLES". +.SH "CASE FOLDING" +.na +.nf +.ad +.fi +The search string is folded to lowercase before database +lookup. As of Postfix 2.3, the search string is not case +folded with database types such as regexp: or pcre: whose +lookup fields can match both upper and lower case. +.SH "TABLE FORMAT" +.na +.nf +.ad +.fi +The input format for the \fBpostmap\fR(1) command is as follows: +.IP "\fIpattern address, address, ...\fR" +When \fIpattern\fR matches a mail address, replace it by the +corresponding \fIaddress\fR. +.IP "blank lines and comments" +Empty lines and whitespace\-only lines are ignored, as +are lines whose first non\-whitespace character is a `#'. +.IP "multi\-line text" +A logical line starts with non\-whitespace text. A line that +starts with whitespace continues a logical line. +.SH "TABLE SEARCH ORDER" +.na +.nf +.ad +.fi +With lookups from indexed files such as DB or DBM, or from networked +tables such as NIS, LDAP or SQL, each \fIuser\fR@\fIdomain\fR +query produces a sequence of query patterns as described below. + +Each query pattern is sent to each specified lookup table +before trying the next query pattern, until a match is +found. +.IP "\fIuser\fR@\fIdomain address, address, ...\fR" +Redirect mail for \fIuser\fR@\fIdomain\fR to \fIaddress\fR. +This form has the highest precedence. +.IP "\fIuser address, address, ...\fR" +Redirect mail for \fIuser\fR@\fIsite\fR to \fIaddress\fR when +\fIsite\fR is equal to $\fBmyorigin\fR, when \fIsite\fR is listed in +$\fBmydestination\fR, or when it is listed in $\fBinet_interfaces\fR +or $\fBproxy_interfaces\fR. +.sp +This functionality overlaps with functionality of the local +\fIaliases\fR(5) database. The difference is that \fBvirtual\fR(5) +mapping can be applied to non\-local addresses. +.IP "@\fIdomain address, address, ...\fR" +Redirect mail for other users in \fIdomain\fR to \fIaddress\fR. +This form has the lowest precedence. +.sp +Note: @\fIdomain\fR is a wild\-card. With this form, the +Postfix SMTP server accepts +mail for any recipient in \fIdomain\fR, regardless of whether +that recipient exists. This may turn your mail system into +a backscatter source: Postfix first accepts mail for +non\-existent recipients and then tries to return that mail +as "undeliverable" to the often forged sender address. +.sp +To avoid backscatter with mail for a wild\-card domain, +replace the wild\-card mapping with explicit 1:1 mappings, +or add a reject_unverified_recipient restriction for that +domain: + +.nf + smtpd_recipient_restrictions = + ... + reject_unauth_destination + check_recipient_access + inline:{example.com=reject_unverified_recipient} + unverified_recipient_reject_code = 550 +.fi + +In the above example, Postfix may contact a remote server +if the recipient is aliased to a remote address. +.SH "RESULT ADDRESS REWRITING" +.na +.nf +.ad +.fi +The lookup result is subject to address rewriting: +.IP \(bu +When the result has the form @\fIotherdomain\fR, the +result becomes the same \fIuser\fR in \fIotherdomain\fR. +This works only for the first address in a multi\-address +lookup result. +.IP \(bu +When "\fBappend_at_myorigin=yes\fR", append "\fB@$myorigin\fR" +to addresses without "@domain". +.IP \(bu +When "\fBappend_dot_mydomain=yes\fR", append +"\fB.$mydomain\fR" to addresses without ".domain". +.SH "ADDRESS EXTENSION" +.na +.nf +.fi +.ad +When a mail address localpart contains the optional recipient delimiter +(e.g., \fIuser+foo\fR@\fIdomain\fR), the lookup order becomes: +\fIuser+foo\fR@\fIdomain\fR, \fIuser\fR@\fIdomain\fR, \fIuser+foo\fR, +\fIuser\fR, and @\fIdomain\fR. + +The \fBpropagate_unmatched_extensions\fR parameter controls whether +an unmatched address extension (\fI+foo\fR) is propagated to the +result of table lookup. +.SH "VIRTUAL ALIAS DOMAINS" +.na +.nf +.ad +.fi +Besides virtual aliases, the virtual alias table can also be used +to implement virtual alias domains. With a virtual alias domain, all +recipient addresses are aliased to addresses in other domains. + +Virtual alias domains are not to be confused with the virtual mailbox +domains that are implemented with the Postfix \fBvirtual\fR(8) mail +delivery agent. With virtual mailbox domains, each recipient address +can have its own mailbox. + +With a virtual alias domain, the virtual domain has its +own user name space. Local (i.e. non\-virtual) usernames are not +visible in a virtual alias domain. In particular, local +\fBaliases\fR(5) and local mailing lists are not visible as +\fIlocalname@virtual\-alias.domain\fR. + +Support for a virtual alias domain looks like: + +.nf +/etc/postfix/main.cf: + virtual_alias_maps = hash:/etc/postfix/virtual +.fi + +Note: some systems use \fBdbm\fR databases instead of \fBhash\fR. +See the output from "\fBpostconf \-m\fR" for available database types. + +.nf +/etc/postfix/virtual: + \fIvirtual\-alias.domain anything\fR (right\-hand content does not matter) + \fIpostmaster@virtual\-alias.domain postmaster\fR + \fIuser1@virtual\-alias.domain address1\fR + \fIuser2@virtual\-alias.domain address2, address3\fR +.fi +.sp +The \fIvirtual\-alias.domain anything\fR entry is required for a +virtual alias domain. \fBWithout this entry, mail is rejected +with "relay access denied", or bounces with +"mail loops back to myself".\fR + +Do not specify virtual alias domain names in the \fBmain.cf +mydestination\fR or \fBrelay_domains\fR configuration parameters. + +With a virtual alias domain, the Postfix SMTP server +accepts mail for \fIknown\-user@virtual\-alias.domain\fR, and rejects +mail for \fIunknown\-user\fR@\fIvirtual\-alias.domain\fR as undeliverable. + +Instead of specifying the virtual alias domain name via +the \fBvirtual_alias_maps\fR table, you may also specify it via +the \fBmain.cf virtual_alias_domains\fR configuration parameter. +This latter parameter uses the same syntax as the \fBmain.cf +mydestination\fR configuration parameter. +.SH "REGULAR EXPRESSION TABLES" +.na +.nf +.ad +.fi +This section describes how the table lookups change when the table +is given in the form of regular expressions. For a description of +regular expression lookup table syntax, see \fBregexp_table\fR(5) +or \fBpcre_table\fR(5). + +Each pattern is a regular expression that is applied to the entire +address being looked up. Thus, \fIuser@domain\fR mail addresses are not +broken up into their \fIuser\fR and \fI@domain\fR constituent parts, +nor is \fIuser+foo\fR broken up into \fIuser\fR and \fIfoo\fR. + +Patterns are applied in the order as specified in the table, until a +pattern is found that matches the search string. + +Results are the same as with indexed file lookups, with +the additional feature that parenthesized substrings from the +pattern can be interpolated as \fB$1\fR, \fB$2\fR and so on. +.SH "TCP-BASED TABLES" +.na +.nf +.ad +.fi +This section describes how the table lookups change when lookups +are directed to a TCP\-based server. For a description of the TCP +client/server lookup protocol, see \fBtcp_table\fR(5). +This feature is not available up to and including Postfix version 2.4. + +Each lookup operation uses the entire address once. Thus, +\fIuser@domain\fR mail addresses are not broken up into their +\fIuser\fR and \fI@domain\fR constituent parts, nor is +\fIuser+foo\fR broken up into \fIuser\fR and \fIfoo\fR. + +Results are the same as with indexed file lookups. +.SH BUGS +.ad +.fi +The table format does not understand quoting conventions. +.SH "CONFIGURATION PARAMETERS" +.na +.nf +.ad +.fi +The following \fBmain.cf\fR parameters are especially relevant to +this topic. See the Postfix \fBmain.cf\fR file for syntax details +and for default values. Use the "\fBpostfix reload\fR" command after +a configuration change. +.IP "\fBvirtual_alias_maps ($virtual_maps)\fR" +Optional lookup tables that alias specific mail addresses or domains +to other local or remote address. +.IP "\fBvirtual_alias_domains ($virtual_alias_maps)\fR" +Postfix is final destination for the specified list of virtual +alias domains, that is, domains for which all addresses are aliased +to addresses in other local or remote domains. +.IP "\fBpropagate_unmatched_extensions (canonical, virtual)\fR" +What address lookup tables copy an address extension from the lookup +key to the lookup result. +.PP +Other parameters of interest: +.IP "\fBinet_interfaces (all)\fR" +The network interface addresses that this mail system receives +mail on. +.IP "\fBmydestination ($myhostname, localhost.$mydomain, localhost)\fR" +The list of domains that are delivered via the $local_transport +mail delivery transport. +.IP "\fBmyorigin ($myhostname)\fR" +The domain name that locally\-posted mail appears to come +from, and that locally posted mail is delivered to. +.IP "\fBowner_request_special (yes)\fR" +Enable special treatment for owner\-\fIlistname\fR entries in the +\fBaliases\fR(5) file, and don't split owner\-\fIlistname\fR and +\fIlistname\fR\-request address localparts when the recipient_delimiter +is set to "\-". +.IP "\fBproxy_interfaces (empty)\fR" +The network interface addresses that this mail system receives mail +on by way of a proxy or network address translation unit. +.SH "SEE ALSO" +.na +.nf +cleanup(8), canonicalize and enqueue mail +postmap(1), Postfix lookup table manager +postconf(5), configuration parameters +canonical(5), canonical address mapping +.SH "README FILES" +.na +.nf +.ad +.fi +Use "\fBpostconf readme_directory\fR" or +"\fBpostconf html_directory\fR" to locate this information. +.na +.nf +ADDRESS_REWRITING_README, address rewriting guide +DATABASE_README, Postfix lookup table overview +VIRTUAL_README, domain hosting guide +.SH "LICENSE" +.na +.nf +.ad +.fi +The Secure Mailer license must be distributed with this software. +.SH "AUTHOR(S)" +.na +.nf +Wietse Venema +IBM T.J. Watson Research +P.O. Box 704 +Yorktown Heights, NY 10598, USA + +Wietse Venema +Google, Inc. +111 8th Avenue +New York, NY 10011, USA |