Postfix: both local and virtual users?

I'm about to set up a mail server based (CentOS 4 distro).
I'm considering Postfix and some webmail interface like
Squirrelmail.

I need to be able to deliver to local users (users with shell
accounts on the system) and to virtual users. The hostname
of the server will be something like mail.companyname.com and
all mail will be to someuser@companyname.com.

Can Postfix send to both local and virtual users for the same
domain?

--
Dale Dellutri <ddelQQQlutr@panQQQix.com> (lose the Q's)

Dale Dellutri wrote:
> I'm about to set up a mail server based (CentOS 4 distro).
> I'm considering Postfix and some webmail interface like
> Squirrelmail.
>
> I need to be able to deliver to local users (users with shell
> accounts on the system) and to virtual users. The hostname
> of the server will be something like mail.companyname.com and
> all mail will be to someuser@companyname.com.
>
> Can Postfix send to both local and virtual users for the same
> domain?


The short answer is yes.

There's some info here, but it's a reference file and
not a detailed tutorial:

http://www.postfix.org/VIRTUAL_README.html

A good book to learn from is "The Book of Postfix" by Ralf
Hildebrandt and Patrick Koetter, which was just released this year:

http://www.amazon.com/exec/obidos/AS...493587-4700709

--
Greg

On Fri, 15 Sep 2006 13:25:39 GMT, Greg Hackney <hackney@swbell.net> wrote:
> Dale Dellutri wrote:
> > I'm about to set up a mail server based (CentOS 4 distro).
> > I'm considering Postfix and some webmail interface like
> > Squirrelmail.
> >
> > I need to be able to deliver to local users (users with shell
> > accounts on the system) and to virtual users. The hostname
> > of the server will be something like mail.companyname.com and
> > all mail will be to someuser@companyname.com.
> >
> > Can Postfix send to both local and virtual users for the same
> > domain?


> The short answer is yes.

> There's some info here, but it's a reference file and
> not a detailed tutorial:

> http://www.postfix.org/VIRTUAL_README.html

I've read this, and it implies that for "canonical" hostnames,
only local delivery is possible, and for virtual domains (which
I don't want to use) either local or virtual delivery is possible,
but not both.

I want either all virtual delivery or mixed local/virtual delivery
for a canonical hostname. That's not covered in the VIRTUAL_README.

> A good book to learn from is "The Book of Postfix" by Ralf
> Hildebrandt and Patrick Koetter, which was just released this year:

> http://www.amazon.com/exec/obidos/AS...493587-4700709

I'm going ou to the bookstore right now!

--
Dale Dellutri <ddelQQQlutr@panQQQix.com> (lose the Q's)

Dale Dellutri wrote:

> I've read this, and it implies that for "canonical" hostnames,
> only local delivery is possible, and for virtual domains (which
> I don't want to use) either local or virtual delivery is possible,
> but not both.
>
> I want either all virtual delivery or mixed local/virtual delivery
> for a canonical hostname. That's not covered in the VIRTUAL_README.

By default, the accounts in the UNIX password file are valid recipients.

You can use a "virtual_mailbox_maps" table to specify all your valid virtual
recipient addresses that are in your domain, and what their mailboxes are.

At least, I think this is what you are asking.

--
Greg

On Sat, 16 Sep 2006 17:15:48 GMT, Greg Hackney <hackney@swbell.net> wrote:
> Dale Dellutri wrote:

> > I've read this, and it implies that for "canonical" hostnames,
> > only local delivery is possible, and for virtual domains (which
> > I don't want to use) either local or virtual delivery is possible,
> > but not both.
> >
> > I want either all virtual delivery or mixed local/virtual delivery
> > for a canonical hostname. That's not covered in the VIRTUAL_README.

> By default, the accounts in the UNIX password file are valid recipients.

> You can use a "virtual_mailbox_maps" table to specify all your valid virtual
> recipient addresses that are in your domain, and what their mailboxes are.

> At least, I think this is what you are asking.

Greg, thanks for trying to interpret what I was saying. I've never
used Postfix before and I wasn't using some of the terminology
correctly.

I think I've finally read enough postfix documentation, including most
of _Postfix, The Definitive Guide_, to ask this question correctly.

If the mail server's hostname is mail.mycompany.com, then a typical
Posfix install has:
mydomain = mycompany.com
myhostname = mail.mycompany.com
mydestination = $myhostname, localhost.$mydomain, $mydomain
and so any mail someone@mycompany.com would be delivered using the
local delivery transport. In other words, "someone" would have to
be a UNIX account on the system.

The Postfix rule is: domains listed in mydestination are local
delivery, and domains belong to exactly one address class.

However, most of my mail recipients will never have a UNIX account
on mail.mycompany.com. I guess I could use re-write rules to change
those users to another domain which is a virtual domain, but I don't
want another domain name.

Since I want virtual delivery (or preferably mixed virtual/local),
I can't list $mydomain or $myhostname in mydestination. So, I
assume that mydestination would either be null:
mydestination =
(which would not allow any local delivery) or just localhost:
mydestination = localhost
(which would allow local delivery for mail sent to
someone@localhost).

Then I guess I'd want $mydomain and $myhostname as virtual domains:
virtual_mailbox_domains = $myhostnam, $mydomain
and I'd get virtual delivery. If I needed to get local delivery
for a few accounts (like root), I'd need a rewrite rule to change
mail sent to root@mail.mycompany.com -> root@localhost
(assuming that mydestination = localhost).

So will this work? Can I list $myhostname and $mydomain as
virtual_mailbox_domains instead of in mydestination? Will
mydestination = locahost
allow re-write rules for certain users for local delivery?

That's what I was trying to get at by asking how to get
virtual (or mixed virtual/local) for the canonical hostname.

I'm about to start experimenting with Postfix to try this all
for myself. I eventually want to set up Postfix + OpenLDAP +
Dovecot or Cyrus IMAP + Cyrus SASL + SquirrelMAil

Thanks again.

--
Dale Dellutri <ddelQQQlutr@panQQQix.com> (lose the Q's)

Dale Dellutri wrote:
> On Sat, 16 Sep 2006 17:15:48 GMT, Greg Hackney <hackney@swbell.net> wrote:
>> Dale Dellutri wrote:
>
>>> I've read this, and it implies that for "canonical" hostnames,
>>> only local delivery is possible, and for virtual domains (which
>>> I don't want to use) either local or virtual delivery is possible,
>>> but not both.
>>>
>>> I want either all virtual delivery or mixed local/virtual delivery
>>> for a canonical hostname. That's not covered in the VIRTUAL_README.
>
>> By default, the accounts in the UNIX password file are valid recipients.
>
>> You can use a "virtual_mailbox_maps" table to specify all your valid virtual
>> recipient addresses that are in your domain, and what their mailboxes are.
>
>> At least, I think this is what you are asking.
>
> Greg, thanks for trying to interpret what I was saying. I've never
> used Postfix before and I wasn't using some of the terminology
> correctly.
>
> I think I've finally read enough postfix documentation, including most
> of _Postfix, The Definitive Guide_, to ask this question correctly.
>
> If the mail server's hostname is mail.mycompany.com, then a typical
> Posfix install has:
> mydomain = mycompany.com
> myhostname = mail.mycompany.com
> mydestination = $myhostname, localhost.$mydomain, $mydomain
> and so any mail someone@mycompany.com would be delivered using the
> local delivery transport. In other words, "someone" would have to
> be a UNIX account on the system.
>
> The Postfix rule is: domains listed in mydestination are local
> delivery, and domains belong to exactly one address class.
>
> However, most of my mail recipients will never have a UNIX account
> on mail.mycompany.com. I guess I could use re-write rules to change
> those users to another domain which is a virtual domain, but I don't
> want another domain name.
>
> Since I want virtual delivery (or preferably mixed virtual/local),
> I can't list $mydomain or $myhostname in mydestination. So, I
> assume that mydestination would either be null:
> mydestination =
> (which would not allow any local delivery) or just localhost:
> mydestination = localhost
> (which would allow local delivery for mail sent to
> someone@localhost).
>
> Then I guess I'd want $mydomain and $myhostname as virtual domains:
> virtual_mailbox_domains = $myhostnam, $mydomain
> and I'd get virtual delivery. If I needed to get local delivery
> for a few accounts (like root), I'd need a rewrite rule to change
> mail sent to root@mail.mycompany.com -> root@localhost
> (assuming that mydestination = localhost).
>
> So will this work? Can I list $myhostname and $mydomain as
> virtual_mailbox_domains instead of in mydestination? Will
> mydestination = locahost
> allow re-write rules for certain users for local delivery?
>
> That's what I was trying to get at by asking how to get
> virtual (or mixed virtual/local) for the canonical hostname.
>
> I'm about to start experimenting with Postfix to try this all
> for myself. I eventually want to set up Postfix + OpenLDAP +
> Dovecot or Cyrus IMAP + Cyrus SASL + SquirrelMAil
>
> Thanks again.
>


I think you'd need something like this:

mydomain = mycompany.com
myhostname = mail.mycompany.com
mydestination = $myhostname, localhost.$mydomain, $mydomain

local_recipient_maps = $alias_maps,
unix:passwd.byname,
ldap:/etc/postfix/ldap_users.cf

virtual_mailbox_domains = $virtual_mailbox_maps (the system default)
virtual_mailbox_maps = ldap:/etc/postfix/ldap_mailboxes.cf


"Dovecot supports defining multiple password databases, so that if the
password doesn't match in the first database, it checks the next one.
This can be useful if you want to easily support having both virtual
users and also local system users in /etc/passwd."
-- http://wiki.dovecot.org/PasswordDatabase
--
Greg