summaryrefslogtreecommitdiffstats
path: root/html/virtual.5.html
blob: 27b1392853be6091e6ff27359c0a4efce61096aa (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
<!doctype html public "-//W3C//DTD HTML 4.01 Transitional//EN"
        "http://www.w3.org/TR/html4/loose.dtd">
<html> <head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title> Postfix manual - virtual(5) </title>
</head> <body> <pre>
VIRTUAL(5)                                                          VIRTUAL(5)

<b>NAME</b>
       virtual - Postfix virtual alias table format

<b>SYNOPSIS</b>
       <b>postmap /etc/postfix/virtual</b>

       <b>postmap -q "</b><i>string</i><b>" /etc/postfix/virtual</b>

       <b>postmap -q - /etc/postfix/virtual</b> &lt;<i>inputfile</i>

<b>DESCRIPTION</b>
       The  optional  <a href="virtual.5.html"><b>virtual</b>(5)</a>  alias table rewrites recipient addresses for
       all local, all virtual, and all  remote  mail  destinations.   This  is
       unlike  the  <a href="aliases.5.html"><b>aliases</b>(5)</a> table which is used only for <a href="local.8.html"><b>local</b>(8)</a> delivery.
       Virtual aliasing is  recursive,  and  is  implemented  by  the  Postfix
       <a href="cleanup.8.html"><b>cleanup</b>(8)</a> daemon before mail is queued.

       The main applications of virtual aliasing are:

       <b>o</b>      To redirect mail for one address to one or more addresses.

       <b>o</b>      To  implement  virtual  alias  domains  where  all addresses are
              aliased to addresses in other domains.

              Virtual alias domains are not to be confused  with  the  virtual
              mailbox domains that are implemented with the Postfix <a href="virtual.8.html"><b>virtual</b>(8)</a>
              mail delivery agent. With <a href="ADDRESS_CLASS_README.html#virtual_mailbox_class">virtual mailbox domains</a>, each  recipi-
              ent address can have its own mailbox.

       Virtual  aliasing  is applied only to recipient envelope addresses, and
       does not affect message headers.  Use <a href="canonical.5.html"><b>canonical</b>(5)</a> mapping  to  rewrite
       header and envelope addresses in general.

       Normally,  the  <a href="virtual.5.html"><b>virtual</b>(5)</a> alias table is specified as a text file that
       serves as input to the <a href="postmap.1.html"><b>postmap</b>(1)</a> command.  The result, an indexed file
       in  <b>dbm</b>  or  <b>db</b>  format, is used for fast searching by the mail system.
       Execute  the  command  "<b>postmap  /etc/postfix/virtual</b>"  to  rebuild  an
       indexed file after changing the corresponding text file.

       When  the  table  is provided via other means such as NIS, LDAP or SQL,
       the same lookups are done as for ordinary indexed files.

       Alternatively, the table can be provided as  a  regular-expression  map
       where  patterns  are  given  as  regular expressions, or lookups can be
       directed to a TCP-based server. In those case, the lookups are done  in
       a  slightly  different way as described below under "REGULAR EXPRESSION
       TABLES" or "TCP-BASED TABLES".

<b>CASE FOLDING</b>
       The search string is folded to lowercase before database lookup. As  of
       Postfix  2.3,  the search string is not case folded with database types
       such as <a href="regexp_table.5.html">regexp</a>: or <a href="pcre_table.5.html">pcre</a>: whose lookup fields can match both  upper  and
       lower case.

<b>TABLE FORMAT</b>
       The input format for the <a href="postmap.1.html"><b>postmap</b>(1)</a> command is as follows:

       <i>pattern address, address, ...</i>
              When  <i>pattern</i>  matches  a mail address, replace it by the corre-
              sponding <i>address</i>.

       blank lines and comments
              Empty lines and whitespace-only lines are ignored, as are  lines
              whose first non-whitespace character is a `#'.

       multi-line text
              A  logical  line  starts  with  non-whitespace text. A line that
              starts with whitespace continues a logical line.

<b>TABLE SEARCH ORDER</b>
       With lookups from indexed files such as DB or DBM,  or  from  networked
       tables  such  as  NIS,  LDAP  or SQL, each <i>user</i>@<i>domain</i> query produces a
       sequence of query patterns as described below.

       Each query pattern is sent to each specified lookup table before trying
       the next query pattern, until a match is found.

       <i>user</i>@<i>domain address, address, ...</i>
              Redirect  mail  for  <i>user</i>@<i>domain</i>  to <i>address</i>.  This form has the
              highest precedence.

       <i>user address, address, ...</i>
              Redirect mail for <i>user</i>@<i>site</i> to <i>address</i> when  <i>site</i>  is  equal  to
              $<b><a href="postconf.5.html#myorigin">myorigin</a></b>,  when <i>site</i> is listed in $<b><a href="postconf.5.html#mydestination">mydestination</a></b>, or when it is
              listed in $<b><a href="postconf.5.html#inet_interfaces">inet_interfaces</a></b> or $<b><a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a></b>.

              This functionality overlaps with the functionality of the  local
              <i>aliases</i>(5)  database.  The difference is that <a href="virtual.5.html"><b>virtual</b>(5)</a> mapping
              can be applied to non-local addresses.

       @<i>domain address, address, ...</i>
              Redirect mail for other users in <i>domain</i> to <i>address</i>.   This  form
              has the lowest precedence.

              Note:  @<i>domain</i>  is a wild-card. With this form, the Postfix SMTP
              server accepts mail for any recipient in <i>domain</i>,  regardless  of
              whether  that  recipient exists.  This may turn your mail system
              into a  backscatter  source:  Postfix  first  accepts  mail  for
              non-existent  recipients  and  then tries to return that mail as
              "undeliverable" to the often forged sender address.

              To avoid backscatter with mail for a wild-card  domain,  replace
              the  wild-card  mapping  with  explicit  1:1  mappings, or add a
              <a href="postconf.5.html#reject_unverified_recipient">reject_unverified_recipient</a> restriction for that domain:

                  <a href="postconf.5.html#smtpd_recipient_restrictions">smtpd_recipient_restrictions</a> =
                      ...
                      <a href="postconf.5.html#reject_unauth_destination">reject_unauth_destination</a>
                      <a href="postconf.5.html#check_recipient_access">check_recipient_access</a>
                          <a href="DATABASE_README.html#types">inline</a>:{example.com=<a href="postconf.5.html#reject_unverified_recipient">reject_unverified_recipient</a>}
                  <a href="postconf.5.html#unverified_recipient_reject_code">unverified_recipient_reject_code</a> = 550

              In the above example, Postfix may contact a remote server if the
              recipient is aliased to a remote address.

<b>RESULT ADDRESS REWRITING</b>
       The lookup result is subject to address rewriting:

       <b>o</b>      When  the  result  has the form @<i>otherdomain</i>, the result becomes
              the same <i>user</i> in <i>otherdomain</i>.  This works  only  for  the  first
              address in a multi-address lookup result.

       <b>o</b>      When  "<b><a href="postconf.5.html#append_at_myorigin">append_at_myorigin</a>=yes</b>", append "<b>@$<a href="postconf.5.html#myorigin">myorigin</a></b>" to addresses
              without "@domain".

       <b>o</b>      When "<b><a href="postconf.5.html#append_dot_mydomain">append_dot_mydomain</a>=yes</b>", append "<b>.$<a href="postconf.5.html#mydomain">mydomain</a></b>" to addresses
              without ".domain".

<b>ADDRESS EXTENSION</b>
       When a mail address localpart contains the optional recipient delimiter
       (e.g., <i>user+foo</i>@<i>domain</i>), the  lookup  order  becomes:  <i>user+foo</i>@<i>domain</i>,
       <i>user</i>@<i>domain</i>, <i>user+foo</i>, <i>user</i>, and @<i>domain</i>.

       The   <b><a href="postconf.5.html#propagate_unmatched_extensions">propagate_unmatched_extensions</a></b>   parameter  controls  whether  an
       unmatched address extension (<i>+foo</i>) is propagated to the result of a ta-
       ble lookup.

<b>VIRTUAL ALIAS DOMAINS</b>
       Besides  virtual  aliases,  the virtual alias table can also be used to
       implement <a href="ADDRESS_CLASS_README.html#virtual_alias_class">virtual alias domains</a>.  With  a  virtual  alias  domain,  all
       recipient addresses are aliased to addresses in other domains.

       Virtual  alias  domains are not to be confused with the virtual mailbox
       domains that are implemented with the Postfix <a href="virtual.8.html"><b>virtual</b>(8)</a> mail  delivery
       agent.  With  virtual  mailbox domains, each recipient address can have
       its own mailbox.

       With a <a href="ADDRESS_CLASS_README.html#virtual_alias_class">virtual alias domain</a>, the virtual domain has its own  user  name
       space.  Local (i.e. non-virtual) usernames are not visible in a virtual
       alias domain. In particular, local <a href="aliases.5.html"><b>aliases</b>(5)</a> and local  mailing  lists
       are not visible as <i>localname@virtual-alias.domain</i>.

       Support for a <a href="ADDRESS_CLASS_README.html#virtual_alias_class">virtual alias domain</a> looks like:

       /etc/postfix/<a href="postconf.5.html">main.cf</a>:
           <a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> = <a href="DATABASE_README.html#types">hash</a>:/etc/postfix/virtual

       Note:  some  systems use <b>dbm</b> databases instead of <b>hash</b>.  See the output
       from "<b>postconf -m</b>" for available database types.

       /etc/postfix/virtual:
           <i>virtual-alias.domain    anything</i> (right-hand content does not matter)
           <i>postmaster@virtual-alias.domain postmaster</i>
           <i>user1@virtual-alias.domain      address1</i>
           <i>user2@virtual-alias.domain      address2, address3</i>

       The <i>virtual-alias.domain anything</i> entry is required for a virtual alias
       domain.  <b>Without  this  entry,  mail  is  rejected  with  "relay access</b>
       <b>denied", or bounces with "mail loops back to myself".</b>

       Do not specify <a href="ADDRESS_CLASS_README.html#virtual_alias_class">virtual alias domain</a> names in the <a href="postconf.5.html"><b>main.cf</a>  <a href="postconf.5.html#mydestination">mydestination</a></b>
       or <b><a href="postconf.5.html#relay_domains">relay_domains</a></b> configuration parameters.

       With  a  <a href="ADDRESS_CLASS_README.html#virtual_alias_class">virtual alias domain</a>, the Postfix SMTP server accepts mail for
       <i>known-user@virtual-alias.domain</i>, and rejects mail for <i>unknown-user</i>@<i>vir-</i>
       <i>tual-alias.domain</i> as undeliverable.

       Instead  of  specifying  the  virtual  alias  domain  name via the <b><a href="postconf.5.html#virtual_alias_maps">vir</a>-</b>
       <b><a href="postconf.5.html#virtual_alias_maps">tual_alias_maps</a></b> table, you may also specify it  via  the  <a href="postconf.5.html"><b>main.cf</a>  <a href="postconf.5.html#virtual_alias_domains">vir-</b>
       <b>tual_alias_domains</a></b> configuration parameter.  This latter parameter uses
       the same syntax as the <a href="postconf.5.html"><b>main.cf</a> <a href="postconf.5.html#mydestination">mydestination</a></b> configuration parameter.

<b>REGULAR EXPRESSION TABLES</b>
       This section describes how the table lookups change when the  table  is
       given  in the form of regular expressions. For a description of regular
       expression lookup table syntax, see <a href="regexp_table.5.html"><b>regexp_table</b>(5)</a> or <a href="pcre_table.5.html"><b>pcre_table</b>(5)</a>.

       Each pattern is a regular expression that  is  applied  to  the  entire
       address  being looked up. Thus, <i>user@domain</i> mail addresses are not bro-
       ken up into their <i>user</i> and <i>@domain</i> constituent parts, nor  is  <i>user+foo</i>
       broken up into <i>user</i> and <i>foo</i>.

       Patterns  are  applied  in the order as specified in the table, until a
       pattern is found that matches the search string.

       Results are the same as with indexed file lookups, with the  additional
       feature  that parenthesized substrings from the pattern can be interpo-
       lated as <b>$1</b>, <b>$2</b> and so on.

<b>TCP-BASED TABLES</b>
       This section describes how the table lookups change  when  lookups  are
       directed   to  a  TCP-based  server.  For  a  description  of  the  TCP
       client/server lookup  protocol,  see  <a href="tcp_table.5.html"><b>tcp_table</b>(5)</a>.   This  feature  is
       available in Postfix 2.5 and later.

       Each  lookup operation uses the entire address once.  Thus, <i>user@domain</i>
       mail addresses are not broken up  into  their  <i>user</i>  and  <i>@domain</i>  con-
       stituent parts, nor is <i>user+foo</i> broken up into <i>user</i> and <i>foo</i>.

       Results are the same as with indexed file lookups.

<b>BUGS</b>
       The table format does not understand quoting conventions.

<b>CONFIGURATION PARAMETERS</b>
       The following <a href="postconf.5.html"><b>main.cf</b></a> parameters are especially relevant to this topic.
       See the Postfix <a href="postconf.5.html"><b>main.cf</b></a> file for syntax details and for default values.
       Use the "<b>postfix reload</b>" command after a configuration change.

       <b><a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a> ($<a href="postconf.5.html#virtual_maps">virtual_maps</a>)</b>
              Optional  lookup  tables  that  alias specific mail addresses or
              domains to other local or remote addresses.

       <b><a href="postconf.5.html#virtual_alias_domains">virtual_alias_domains</a> ($<a href="postconf.5.html#virtual_alias_maps">virtual_alias_maps</a>)</b>
              Postfix is the final destination for the specified list of  vir-
              tual alias domains, that is, domains for which all addresses are
              aliased to addresses in other local or remote domains.

       <b><a href="postconf.5.html#propagate_unmatched_extensions">propagate_unmatched_extensions</a> (canonical, virtual)</b>
              What address lookup tables copy an address  extension  from  the
              lookup key to the lookup result.

       Other parameters of interest:

       <b><a href="postconf.5.html#inet_interfaces">inet_interfaces</a> (all)</b>
              The  network  interface addresses that this mail system receives
              mail on.

       <b><a href="postconf.5.html#mydestination">mydestination</a> ($<a href="postconf.5.html#myhostname">myhostname</a>, localhost.$<a href="postconf.5.html#mydomain">mydomain</a>, localhost)</b>
              The list of domains that are delivered via the  $<a href="postconf.5.html#local_transport">local_transport</a>
              mail delivery transport.

       <b><a href="postconf.5.html#myorigin">myorigin</a> ($<a href="postconf.5.html#myhostname">myhostname</a>)</b>
              The  domain  name that locally-posted mail appears to come from,
              and that locally posted mail is delivered to.

       <b><a href="postconf.5.html#owner_request_special">owner_request_special</a> (yes)</b>
              Enable special  treatment  for  owner-<i>listname</i>  entries  in  the
              <a href="aliases.5.html"><b>aliases</b>(5)</a>  file,  and  don't  split  owner-<i>listname</i>  and  <i>list-</i>
              <i>name</i>-request address localparts when the <a href="postconf.5.html#recipient_delimiter">recipient_delimiter</a>  is
              set to "-".

       <b><a href="postconf.5.html#proxy_interfaces">proxy_interfaces</a> (empty)</b>
              The  network  interface addresses that this mail system receives
              mail on by way of a proxy or network address translation unit.

<b>SEE ALSO</b>
       <a href="cleanup.8.html">cleanup(8)</a>, canonicalize and enqueue mail
       <a href="postmap.1.html">postmap(1)</a>, Postfix lookup table manager
       <a href="postconf.5.html">postconf(5)</a>, configuration parameters
       <a href="canonical.5.html">canonical(5)</a>, canonical address mapping

<b>README FILES</b>
       <a href="ADDRESS_REWRITING_README.html">ADDRESS_REWRITING_README</a>, address rewriting guide
       <a href="DATABASE_README.html">DATABASE_README</a>, Postfix lookup table overview
       <a href="VIRTUAL_README.html">VIRTUAL_README</a>, domain hosting guide

<b>LICENSE</b>
       The Secure Mailer license must be distributed with this software.

<b>AUTHOR(S)</b>
       Wietse Venema
       IBM T.J. Watson Research
       P.O. Box 704
       Yorktown Heights, NY 10598, USA

       Wietse Venema
       Google, Inc.
       111 8th Avenue
       New York, NY 10011, USA

                                                                    VIRTUAL(5)
</pre> </body> </html>