1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
|
PPoossttffiixx AAddddrreessss CCllaasssseess
-------------------------------------------------------------------------------
IInnttrroodduuccttiioonn
Postfix version 2.0 introduces the concept of address classes. This is a way of
grouping recipient addresses by their delivery method. The idea comes from
discussions with Victor Duchovni. Although address classes introduced a few
incompatibilities they also made it possible to improve the handling of hosted
domains and of unknown recipients.
This document provides information on the following topics:
* What are address classes good for?
* What address classes does Postfix implement?
* Improvements compared to Postfix 1.1
* Incompatibilities with Postfix 1.1
WWhhaatt aarree aaddddrreessss ccllaasssseess ggoooodd ffoorr??
Why should you care about address classes? This is how Postfix decides what
mail to accept, and how to deliver it. In other words, address classes are very
important for the operation of Postfix.
An address class is defined by three items.
* The list of domains that are a member of that address class.
Examples: all local domains, or all relay domains.
* The default delivery transport for domains in that address class.
Examples: local_transport or relay_transport (these point to services
defined in master.cf).
Benefit: this avoids the need for explicit routing information in transport
maps.
* The list of valid recipient addresses for that address class.
Benefit: the Postfix SMTP server rejects an invalid recipient with "User
unknown in <name of address class> table", and avoids sending a MAILER-
DAEMON message with backscatter spam.
WWhhaatt aaddddrreessss ccllaasssseess ddooeess PPoossttffiixx iimmpplleemmeenntt??
Initially the list of address classes is hard coded, but this is meant to
become extensible. The summary below describes the main purpose of each class,
and what the relevant configuration parameters are.
The local domain class.
* Purpose: final delivery for traditional UNIX system accounts and
traditional Sendmail-style aliases. This is typically used for the
canonical domains of the machine (for example, $myhostname, $mydomain). For
a discussion of the difference between canonical domains, hosted domains
and other domains, see the VIRTUAL_README file.
* Domain names are listed with the mydestination parameter. This domain class
also includes mail for user@[ipaddress] when the IP address is listed with
the inet_interfaces or proxy_interfaces parameters.
* Valid recipient addresses for those domains are listed with the
local_recipient_maps parameter, as described in LOCAL_RECIPIENT_README. The
Postfix SMTP server rejects invalid recipients with "User unknown in local
recipient table". If the local_recipient_maps parameter value is empty,
then the Postfix SMTP server accepts any address in the local domain class.
* The mail delivery transport is specified with the local_transport
parameter. The default value is llooccaall::$$mmyyhhoossttnnaammee for delivery with the
local(8) delivery agent.
The virtual alias domain class.
* Purpose: hosted domains where each recipient address is aliased to an
address in a different domain class, for example, a local UNIX system
account or a remote address. A virtual alias example is given in the
VIRTUAL_README file.
* Domain names are listed in virtual_alias_domains. The default value is
$virtual_alias_maps for Postfix 1.1 compatibility.
* Valid recipient addresses for those domains are listed with the
virtual_alias_maps parameter. The Postfix SMTP server rejects invalid
recipients with "User unknown in virtual alias table". The default value is
$virtual_maps for Postfix 1.1 compatibility.
Note: for historical reasons, virtual_alias_maps apply to recipients in
all domain classes, not only the virtual alias domain class.
* There is no configurable mail delivery transport. Every address must be
aliased to an address in some other domain class.
The virtual mailbox domain class.
* Purpose: final delivery for hosted domains where each recipient address can
have its own mailbox, and where users do not need to have a UNIX system
account. A virtual mailbox example is given in the VIRTUAL_README file.
* Domain names are listed with the virtual_mailbox_domains parameter. The
default value is $virtual_mailbox_maps for Postfix 1.1 compatibility.
* Valid recipient addresses for those domains are listed with the
virtual_mailbox_maps parameter. The Postfix SMTP server rejects invalid
recipients with "User unknown in virtual mailbox table". If this parameter
value is empty, the Postfix SMTP server accepts all recipients for domains
listed in $virtual_mailbox_domains.
* The mail delivery transport is specified with the virtual_transport
parameter. The default value is vviirrttuuaall for delivery with the virtual(8)
delivery agent.
The relay domain class.
* Purpose: mail forwarding to remote destinations that list your system as
primary or backup MX host. For a discussion of the basic configuration
details, see the BASIC_CONFIGURATION_README document. For a discussion of
the difference between canonical domains, hosted domains and other domains,
see the VIRTUAL_README file.
* Domain names are listed with the relay_domains parameter.
* Valid recipient addresses for those domains are listed with the
relay_recipient_maps parameter. The Postfix SMTP server rejects invalid
recipients with "User unknown in relay recipient table". If this parameter
value is empty, the Postfix SMTP server accepts all recipients for domains
listed with the relay_domains parameter.
* The mail delivery transport is specified with the relay_transport
parameter. The default value is rreellaayy which is a clone of the smtp(8)
delivery agent.
The default domain class.
* Purpose: mail forwarding to the Internet on behalf of authorized clients.
For a discussion of the basic configuration details, see the
BASIC_CONFIGURATION_README file. For a discussion of the difference between
canonical domains, hosted domains and other domains, see the VIRTUAL_README
file.
* This class has no destination domain table.
* This class has no valid recipient address table.
* The mail delivery transport is specified with the default_transport
parameter. The default value is ssmmttpp for delivery with the smtp(8) delivery
agent.
IImmpprroovveemmeennttss ccoommppaarreedd ttoo PPoossttffiixx 11..11
Postfix 2.0 address classes made the following improvements possible over
earlier Postfix versions:
* You no longer need to specify all the virtual(8) mailbox domains in the
Postfix transport map. The virtual(8) delivery agent has become a first-
class citizen just like local(8) or smtp(8).
* On mail gateway systems, address classes provide separation of inbound mail
relay traffic ($relay_transport) from outbound traffic
($default_transport). This eliminates a problem where inbound mail
deliveries could become resource starved in the presence of a high volume
of outbound mail.
* The SMTP server rejects unknown recipients in a more consistent manner than
was possible with Postfix version 1. This is needed to keep undeliverable
mail (and bounced undeliverable mail) out of the mail queue. This is
controlled by the smtpd_reject_unlisted_recipient configuration parameter.
* As of Postfix version 2.1, the SMTP server can also reject unknown sender
addresses (i.e. addresses that it would reject as an unknown recipient
addresses). Sender "egress filtering" can help to slow down an email worm
explosion. This is controlled by the smtpd_reject_unlisted_sender
configuration parameter.
IInnccoommppaattiibbiilliittiieess wwiitthh PPoossttffiixx 11..11
Postfix 2.0 address classes introduce a few incompatible changes in documented
behavior. In order to ease the transitions, new parameters have default values
that are backwards compatible.
* The virtual_maps parameter is replaced by virtual_alias_maps (for address
lookups) and by virtual_alias_domains (for the names of what were formerly
called "Postfix-style virtual domains").
For backwards compatibility with Postfix version 1.1, the new
virtual_alias_maps parameter defaults to $virtual_maps, and the new
virtual_alias_domains parameter defaults to $virtual_alias_maps.
* The virtual_mailbox_maps parameter now has a companion parameter called
virtual_mailbox_domains (for the names of domains served by the virtual
delivery agent). The virtual_mailbox_maps parameter is now used for address
lookups only.
For backwards compatibility with Postfix version 1.1, the new
virtual_mailbox_domains parameter defaults to $virtual_mailbox_maps.
* Introduction of the relay_recipient_maps parameter. The Postfix SMTP server
can use this to block mail for relay recipients that don't exist. This list
is empty by default, which means accept any recipient.
* The local_recipient_maps feature is now turned on by default. The Postfix
SMTP server uses this to reject mail for unknown local recipients. See the
LOCAL_RECIPIENT_README file hints and tips.
* Introduction of the relay delivery transport in master.cf. This helps to
avoid mail delivery scheduling problems on inbound mail relays when there
is a lot of outbound mail, but may require that you update your
"defer_transports" setting.
|