1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
|
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html> <head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title> Postfix manual - virtual(5) </title>
</head> <body> <pre>
VIRTUAL(5) VIRTUAL(5)
<b>NAME</b>
virtual - Postfix virtual alias table format
<b>SYNOPSIS</b>
<b>postmap /etc/postfix/virtual</b>
<b>postmap -q "</b><i>string</i><b>" /etc/postfix/virtual</b>
<b>postmap -q - /etc/postfix/virtual</b> <<i>inputfile</i>
<b>DESCRIPTION</b>
The optional <a href="virtual.5.html"><b>virtual</b>(5)</a> alias table rewrites recipient addresses for
all local, all virtual, and all remote mail destinations. This is
unlike the <a href="aliases.5.html"><b>aliases</b>(5)</a> table which is used only for <a href="local.8.html"><b>local</b>(8)</a> delivery.
Virtual aliasing is recursive, and is implemented by the Postfix
<a href="cleanup.8.html"><b>cleanup</b>(8)</a> daemon before mail is queued.
The main applications of virtual aliasing are:
<b>o</b> To redirect mail for one address to one or more addresses.
<b>o</b> To implement virtual alias domains where all addresses are
aliased to addresses in other domains.
Virtual alias domains are not to be confused with the virtual
mailbox domains that are implemented with the Postfix <a href="virtual.8.html"><b>virtual</b>(8)</a>
mail delivery agent. With <a href="ADDRESS_CLASS_README.html#virtual_mailbox_class">virtual mailbox domains</a>, each recipi-
ent address can have its own mailbox.
Virtual aliasing is applied only to recipient envelope addresses, and
does not affect message headers. Use <a href="canonical.5.html"><b>canonical</b>(5)</a> mapping to rewrite
header and envelope addresses in general.
Normally, the <a href="virtual.5.html"><b>virtual</b>(5)</a> alias table is specified as a text file that
serves as input to the <a href="postmap.1.html"><b>postmap</b>(1)</a> command. The result, an indexed file
in <b>dbm</b> or <b>db</b> format, is used for fast searching by the mail system.
Execute the command "<b>postmap /etc/postfix/virtual</b>" to rebuild an
indexed file after changing the corresponding text file.
When the table is provided via other means such as NIS, LDAP or SQL,
the same lookups are done as for ordinary indexed files.
Alternatively, the table can be provided as a regular-expression map
where patterns are given as regular expressions, or lookups can be
directed to a TCP-based server. In those case, the lookups are done in
a slightly different way as described below under "REGULAR EXPRESSION
TABLES" or "TCP-BASED TABLES".
<b>CASE FOLDING</b>
The search string is folded to lowercase before database lookup. As of
Postfix 2.3, the search string is not case folded with database types
such as <a href="regexp_table.5.html">regexp</a>: or <a href="pcre_table.5.html">pcre</a>: whose lookup fields can match both upper and
lower case.
<b>TABLE FORMAT</b>
The input format for the <a href="postmap.1.html"><b>postmap</b>(1)</a> command is as follows:
<i>pattern address, address, ...</i>
When <i>pattern</i> matches a mail address, replace it by the corre-
sponding <i>address</i>.
blank lines and comments
Empty lines and whitespace-only lines are ignored, as are lines
whose first non-whitespace character is a `#'.
multi-line text
A logical line starts with non-whitespace text. A line that
starts with whitespace continues a logical line.
<b>TABLE SEARCH ORDER</b>
With lookups from indexed files such as DB or DBM, or from networked
tables such as NIS, LDAP or SQL, each <i>user</i>@<i>domain</i> query produces a
sequence of query patterns as described below.
Each query pattern is sent to each specified lookup table before trying
the next query pattern, until a match is found.
<i>user</i>@<i>domain address, address, ...</i>
Redirect mail for <i>user</i>@<i>domain</i> to <i>address</i>. This form has the
highest precedence.
<i>user address, address, ...</i>
Redirect mail for <i>user</i>@<i>site</i> to <i>address</i> when <i>site</i> is equal to
$<b><a href="postconf.5.html#myorigin">myorigin</a></b>, when <i>site</i> is listed in $<b><a href="postconf.5.html#mydestination">mydestination</a></b>, or when it is
listed in $<b><a href="postconf.5.html#inet_interfaces">inet_interfaces</a></b> or $<b><a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a></b>.
This functionality overlaps with the functionality of the local
<i>aliases</i>(5) database. The difference is that <a href="virtual.5.html"><b>virtual</b>(5)</a> mapping
can be applied to non-local addresses.
@<i>domain address, address, ...</i>
Redirect mail for other users in <i>domain</i> to <i>address</i>. This form
has the lowest precedence.
Note: @<i>domain</i> is a wild-card. With this form, the Postfix SMTP
server accepts mail for any recipient in <i>domain</i>, regardless of
whether that recipient exists. This may turn your mail system
into a backscatter source: Postfix first accepts mail for
non-existent recipients and then tries to return that mail as
"undeliverable" to the often forged sender address.
To avoid backscatter with mail for a wild-card domain, replace
the wild-card mapping with explicit 1:1 mappings, or add a
<a href="postconf.5.html#reject_unverified_recipient">reject_unverified_recipient</a> restriction for that domain:
<a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a> =
...
<a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a>
<a href="postconf.5.html#check_recipient_access">check_recipient_access</a>
<a href="DATABASE_README.html#types">inline</a>:{example.com=<a href="postconf.5.html#reject_unverified_recipient">reject_unverified_recipient</a>}
<a href="postconf.5.html#unverified_recipient_reject_code">unverified_recipient_reject_code</a> = 550
In the above example, Postfix may contact a remote server if the
recipient is aliased to a remote address.
<b>RESULT ADDRESS REWRITING</b>
The lookup result is subject to address rewriting:
<b>o</b> When the result has the form @<i>otherdomain</i>, the result becomes
the same <i>user</i> in <i>otherdomain</i>. This works only for the first
address in a multi-address lookup result.
<b>o</b> When "<b><a href="postconf.5.html#append_at_myorigin">append_at_myorigin</a>=yes</b>", append "<b>@$<a href="postconf.5.html#myorigin">myorigin</a></b>" to addresses
without "@domain".
<b>o</b> When "<b><a href="postconf.5.html#append_dot_mydomain">append_dot_mydomain</a>=yes</b>", append "<b>.$<a href="postconf.5.html#mydomain">mydomain</a></b>" to addresses
without ".domain".
<b>ADDRESS EXTENSION</b>
When a mail address localpart contains the optional recipient delimiter
(e.g., <i>user+foo</i>@<i>domain</i>), the lookup order becomes: <i>user+foo</i>@<i>domain</i>,
<i>user</i>@<i>domain</i>, <i>user+foo</i>, <i>user</i>, and @<i>domain</i>.
The <b><a href="postconf.5.html#propagate_unmatched_extensions">propagate_unmatched_extensions</a></b> parameter controls whether an
unmatched address extension (<i>+foo</i>) is propagated to the result of a ta-
ble lookup.
<b>VIRTUAL ALIAS DOMAINS</b>
Besides virtual aliases, the virtual alias table can also be used to
implement <a href="ADDRESS_CLASS_README.html#virtual_alias_class">virtual alias domains</a>. With a virtual alias domain, all
recipient addresses are aliased to addresses in other domains.
Virtual alias domains are not to be confused with the virtual mailbox
domains that are implemented with the Postfix <a href="virtual.8.html"><b>virtual</b>(8)</a> mail delivery
agent. With virtual mailbox domains, each recipient address can have
its own mailbox.
With a <a href="ADDRESS_CLASS_README.html#virtual_alias_class">virtual alias domain</a>, the virtual domain has its own user name
space. Local (i.e. non-virtual) usernames are not visible in a virtual
alias domain. In particular, local <a href="aliases.5.html"><b>aliases</b>(5)</a> and local mailing lists
are not visible as <i>localname@virtual-alias.domain</i>.
Support for a <a href="ADDRESS_CLASS_README.html#virtual_alias_class">virtual alias domain</a> looks like:
/etc/postfix/<a href="postconf.5.html">main.cf</a>:
<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> = <a href="DATABASE_README.html#types">hash</a>:/etc/postfix/virtual
Note: some systems use <b>dbm</b> databases instead of <b>hash</b>. See the output
from "<b>postconf -m</b>" for available database types.
/etc/postfix/virtual:
<i>virtual-alias.domain anything</i> (right-hand content does not matter)
<i>postmaster@virtual-alias.domain postmaster</i>
<i>user1@virtual-alias.domain address1</i>
<i>user2@virtual-alias.domain address2, address3</i>
The <i>virtual-alias.domain anything</i> entry is required for a virtual alias
domain. <b>Without this entry, mail is rejected with "relay access</b>
<b>denied", or bounces with "mail loops back to myself".</b>
Do not specify <a href="ADDRESS_CLASS_README.html#virtual_alias_class">virtual alias domain</a> names in the <a href="postconf.5.html"><b>main.cf</a> <a href="postconf.5.html#mydestination">mydestination</a></b>
or <b><a href="postconf.5.html#relay_domains">relay_domains</a></b> configuration parameters.
With a <a href="ADDRESS_CLASS_README.html#virtual_alias_class">virtual alias domain</a>, the Postfix SMTP server accepts mail for
<i>known-user@virtual-alias.domain</i>, and rejects mail for <i>unknown-user</i>@<i>vir-</i>
<i>tual-alias.domain</i> as undeliverable.
Instead of specifying the virtual alias domain name via the <b><a href="postconf.5.html#virtual_alias_maps">vir</a>-</b>
<b><a href="postconf.5.html#virtual_alias_maps">tual_alias_maps</a></b> table, you may also specify it via the <a href="postconf.5.html"><b>main.cf</a> <a href="postconf.5.html#virtual_alias_domains">vir-</b>
<b>tual_alias_domains</a></b> configuration parameter. This latter parameter uses
the same syntax as the <a href="postconf.5.html"><b>main.cf</a> <a href="postconf.5.html#mydestination">mydestination</a></b> configuration parameter.
<b>REGULAR EXPRESSION TABLES</b>
This section describes how the table lookups change when the table is
given in the form of regular expressions. For a description of regular
expression lookup table syntax, see <a href="regexp_table.5.html"><b>regexp_table</b>(5)</a> or <a href="pcre_table.5.html"><b>pcre_table</b>(5)</a>.
Each pattern is a regular expression that is applied to the entire
address being looked up. Thus, <i>user@domain</i> mail addresses are not bro-
ken up into their <i>user</i> and <i>@domain</i> constituent parts, nor is <i>user+foo</i>
broken up into <i>user</i> and <i>foo</i>.
Patterns are applied in the order as specified in the table, until a
pattern is found that matches the search string.
Results are the same as with indexed file lookups, with the additional
feature that parenthesized substrings from the pattern can be interpo-
lated as <b>$1</b>, <b>$2</b> and so on.
<b>TCP-BASED TABLES</b>
This section describes how the table lookups change when lookups are
directed to a TCP-based server. For a description of the TCP
client/server lookup protocol, see <a href="tcp_table.5.html"><b>tcp_table</b>(5)</a>. This feature is
available in Postfix 2.5 and later.
Each lookup operation uses the entire address once. Thus, <i>user@domain</i>
mail addresses are not broken up into their <i>user</i> and <i>@domain</i> con-
stituent parts, nor is <i>user+foo</i> broken up into <i>user</i> and <i>foo</i>.
Results are the same as with indexed file lookups.
<b>BUGS</b>
The table format does not understand quoting conventions.
<b>CONFIGURATION PARAMETERS</b>
The following <a href="postconf.5.html"><b>main.cf</b></a> parameters are especially relevant to this topic.
See the Postfix <a href="postconf.5.html"><b>main.cf</b></a> file for syntax details and for default values.
Use the "<b>postfix reload</b>" command after a configuration change.
<b><a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> ($<a href="postconf.5.html#virtual_maps">virtual_maps</a>)</b>
Optional lookup tables that alias specific mail addresses or
domains to other local or remote addresses.
<b><a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a> ($<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a>)</b>
Postfix is the final destination for the specified list of vir-
tual alias domains, that is, domains for which all addresses are
aliased to addresses in other local or remote domains.
<b><a href="postconf.5.html#propagate_unmatched_extensions">propagate_unmatched_extensions</a> (canonical, virtual)</b>
What address lookup tables copy an address extension from the
lookup key to the lookup result.
Other parameters of interest:
<b><a href="postconf.5.html#inet_interfaces">inet_interfaces</a> (all)</b>
The network interface addresses that this mail system receives
mail on.
<b><a href="postconf.5.html#mydestination">mydestination</a> ($<a href="postconf.5.html#myhostname">myhostname</a>, localhost.$<a href="postconf.5.html#mydomain">mydomain</a>, localhost)</b>
The list of domains that are delivered via the $<a href="postconf.5.html#local_transport">local_transport</a>
mail delivery transport.
<b><a href="postconf.5.html#myorigin">myorigin</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b>
The domain name that locally-posted mail appears to come from,
and that locally posted mail is delivered to.
<b><a href="postconf.5.html#owner_request_special">owner_request_special</a> (yes)</b>
Enable special treatment for owner-<i>listname</i> entries in the
<a href="aliases.5.html"><b>aliases</b>(5)</a> file, and don't split owner-<i>listname</i> and <i>list-</i>
<i>name</i>-request address localparts when the <a href="postconf.5.html#recipient_delimiter">recipient_delimiter</a> is
set to "-".
<b><a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a> (empty)</b>
The network interface addresses that this mail system receives
mail on by way of a proxy or network address translation unit.
<b>SEE ALSO</b>
<a href="cleanup.8.html">cleanup(8)</a>, canonicalize and enqueue mail
<a href="postmap.1.html">postmap(1)</a>, Postfix lookup table manager
<a href="postconf.5.html">postconf(5)</a>, configuration parameters
<a href="canonical.5.html">canonical(5)</a>, canonical address mapping
<b>README FILES</b>
<a href="ADDRESS_REWRITING_README.html">ADDRESS_REWRITING_README</a>, address rewriting guide
<a href="DATABASE_README.html">DATABASE_README</a>, Postfix lookup table overview
<a href="VIRTUAL_README.html">VIRTUAL_README</a>, domain hosting guide
<b>LICENSE</b>
The Secure Mailer license must be distributed with this software.
<b>AUTHOR(S)</b>
Wietse Venema
IBM T.J. Watson Research
P.O. Box 704
Yorktown Heights, NY 10598, USA
Wietse Venema
Google, Inc.
111 8th Avenue
New York, NY 10011, USA
VIRTUAL(5)
</pre> </body> </html>
|