Postfix – virtual domains (part II)

Postfix – virtual domains (part II)

This is the second of two articles on Postfix. Please read Postfix – virtual domains first.

Postfix is my mail server of preference and has been for over
a year. But my first article about it was less than two weeks ago.
It showed how I installed and configured Postfix and how I implemented virtual domains.
At the time, I was setting up some secondary mail servers and was moving
the mail service for some domains from one server to another. Shortly after writing that article,
I became much more aware of the power and flexibility which is available with Postfix when it comes to
virtual domains. That first article
barely scratches the surface. Sure, it will get you up and running, but will you have the type
of implementation which best suits your needs? In this article, I will talk about the
three different types of virtual domains available with Postfix. After reading this, I’m sure
you will know which one to use.

My thanks must go to Russell Mosemann for pointing out the missing pieces.
You can find the original message via Google

Things have changed, be warned

This article was written back in November 2002, but sat here unfinished for some time. After someone asked me
about virtual domains, I decided it was time to publish. Please note that around January 2003, the terminology
used for Postfix virtual domains was changed to avoid confusion. The terms sendmail virtual domains
and postfix virtual domains are no longer used in Postfix 2. The RELEASE_NOTES has details. Look for
Name change of virtual domain tables. I have reproduced that section here:


Name change of virtual domain tables
====================================

This release introduces separation of lookup tables for addresses
and for domain names of virtual domains.

[Incompat 20021209] the virtual_maps parameter is replaced by
virtual_alias_maps (for address lookups) and virtual_alias_domains
(for the names of what were formerly called "Postfix-style virtual
domains").

  For backwards compatibility with Postfix version 1.1, the new
  virtual_alias_maps parameter defaults to $virtual_maps, and the
  new virtual_alias_domains parameter defaults to $virtual_alias_maps.
  This means that you can still keep all information about a domain
  in one file, just like before.

For details, see the virtual(5) and sample-virtual.cf files.

[Incompat 20021209] the virtual_mailbox_maps parameter now has a
companion parameter called virtual_mailbox_domains (for the names
of domains served by the virtual delivery agent). virtual_mailbox_maps
is now used for address lookups only.

  For backwards compatibility with Postfix version 1.1,, the new
  virtual_mailbox_domains parameter defaults to $virtual_mailbox_maps.
  This means that you can still keep all information about a domain
  in one file, just like before.

For details, see the VIRTUAL_README file.

[Incompat 20021209] If you use the "advanced content filter"
technique, you MUST NOT override the virtual aliases and virtual
mailbox settings in the SMTP server that receives mail from the
content filter, or else mail for virtual recipients will be rejected
with "User unknown".

For details, see the FILTER_README file.

The choices

There are three types of virtual domains available with Postfix.

  • sendmail-style virtual domain
  • regular postfix-style virtual domain
  • virtual mailbox domain

I will now give a short overview of each type.

sendmail-style virtual domain

With a sendmail-style virtual domain, every local account exists in all of the
domains handled by Postfix. For example, if your mail server accepts mail for
example.net and example.com, and you have a local user tk19, then mail to
tk19@example.net and tk19@example.com will both be delivered to the local user.
This may not be what you want. If it isn’t, then regular postfix-style virtual domain
may be what you need.

This is an example of a sendmail-style virtual domain:


dan@example.net     dan

dan@example.com     dtm

With this scenario, mail sent to the unknown user dtm@example.com will be delivered
to the local user dtm. Mail to xyz@example.org will be bounced to the sender if no
local user xyz exists.

regular postfix-style virtual domain

The main difference between a sendmail-style virtual domain and a regular postfix-style virtual domain
is what I call the domain header (this is a term I made up; don’t expect to see it used elsewhere).
This creates a domain use name space. Local user names are not visible
in a regular postfix-style virtual domain.


example.net         DOMAIN
dan@example.net     dan

example.com         DOMAIN
dan@example.com     dtm

With this example, mail for an unknown user in example.net will be bounced back to the
sender, unlike a sendmail-style virtual domain where delivery will be first
attempted to a local user before bouncing.

For what it’s worth, this is the type of virtual domain I use on my mail servers.

virtual mailbox domain

I haven’t investigated this at all yet.

See http://www.postfix.org/virtual.8.html and
this long google link.

6 thoughts on “Postfix – virtual domains (part II)”

  1. You say in this article that "Local user names are not visible in a regular postfix-style virtual domain." This is only true if every domain for which you accept mail is configured as a virtual domain. If, for example, you have a "base" domain which does not have a virtual table, then its users will be the local users. Generally speaking, most people will not configure a virtual domain for the FQDN, so if your system is foo.example.com and you have virtual domains for example.com and example.net as follows:
    example.com DOMAIN
    dan@example.com dan-com
    example.net DOMAIN
    dan@example.net dan-net

    then the addresses dan-com@foo.example.com and dan-net@foo.example.com would work, delivering email to the mailboxes for dan@example.com and dan@example.net respectively.

    1. Jim Trigg wrote:
      >
      > if your system is foo.example.com and you have virtual
      > domains for example.com and example.net as follows:
      > example.com DOMAIN
      > dan@example.com dan-com
      > example.net DOMAIN
      > dan@example.net dan-net
      >
      > then the addresses dan-com@foo.example.com and
      > dan-net@foo.example.com would work, delivering email to the
      > mailboxes for dan@example.com and dan@example.net
      > respectively.

      dan@example.com mail will be delivered locally to dan-com.
      dan@example.net mail will be delivered locally to dan-net.

      Yes, mail for dan-com@foo.example.com will be delivered to dan-com. That has nothing to do with the virtual domains.

      I don’t actually know what I meant by "Local user names are not visible in a regular postfix- style virtual domain."

    2. <i>
      I don’t actually know what I meant by "Local user names are not visible in a regular postfix- style virtual domain."</i>

      maybe you meant ‘virtual mailbox’ which is a different namespace.

      i just successfully got virtual mailboxes working, which was a bit of a royal pain, but now i can’t get IMAP to work. i’ve been using ( or trying to use ) UW-IMAP, but apparently from reading the docs it only supports local users, and i would like to just deal with ‘virtual’ users — just mailbox logins, basically.

      any suggestions?

    3. I just realized what you meant. You meant exactly what you said — local user names (such as dan-com and dan-net) will not be visible as email addresses in domains that are configured as postfix-style virtual domains (such as example.com and example.net). So the only working address @example.com is dan@example.com (delivering to dan-com) and the only working address @example.net is dan@example.net (delivering to dan-net). The information I provided is accurate, but so is the information you provided.

    4. Hello,

      Yes, I suggest you to forget about imap-uw and recognize courier-imap. Or (i’ve heard) the best is cyrus-imap :-))).

      OK, so these imap server are what are you looking for.

      Greetings from Poland
      wtp

Leave a Comment

Scroll to Top