Prev: helo_access
Next: Deny SASL authentication not from local IP
From: Jeremy Brooking on 16 Feb 2010 19:03
Hi,


I have recently inherited a postfix mailserver that accepts undeliverable mail and am trying to resolve this issue.

I have read http://www.postfix.org/LOCAL_RECIPIENT_README.html and tried to impliment the suggestions there, however, it is becoming more apparent I am out of my depth.

Our server makes use of the mailbox_transport feature so have been trying to configure local_recipient_maps as instructed under that sub section of the page, however I cannot get it to work.

This means either something else in the config is preventing it from working, or I am miss-understanding what I am supposed to be placing there.


Please help me.


regards,
Jeremy Brooking


Below is the contents of main.cf:

smtpd_banner = $myhostname
biff = no
append_dot_mydomain = no
delay_warning_time = 4h

#
# Defaults
#
myhostname = mail.domain.net.nz
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = mail, mail.domain.net.nz localhost, localhost.localdomain
relayhosts =
mynetworks = /etc/postfix/mynetworks
message_size_limit = 15360000
recipient_delimiter = +
vacation_destination_recipient_limit = 1
disable_vrfy_command = yes
bounce_template_file = /etc/postfix/bounce.cf


#
# Performance Tuning
#

default_process_limit = 100
relay_destination_concurrency_limit = 75
default_destination_recipient_limit = 100

#
# Restrictions
#

smtpd_helo_required = yes

smtpd_helo_restrictions =
permit_mynetworks,
check_helo_access hash:/etc/postfix/access_helo,
reject_unauth_pipelining,
reject_invalid_hostname,
permit

smtpd_client_restrictions =
permit_mynetworks,
check_client_access hash:/etc/postfix/access_client,
permit

smtpd_sender_restrictions =
permit_mynetworks,
check_sender_access hash:/etc/postfix/access_sender,
reject_non_fqdn_sender,
reject_unknown_sender_domain,
permit

smtpd_recipient_restriction =
permit_mynetworks,
reject_invalid_hostname,
reject_unauth_pipelining,
reject_unauth_destination,
reject_unlisted_recipient,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
reject_multi_recipient_bounce,
check_client_access hash:/etc/postfix/access_client,
check_helo_access hash:/etc/postfix/access_helo,
check_sender_access hash:/etc/postfix/access_sender,
check_recipient_access hash:/etc/postfix/access_recipient,
permit_sasl_authenticated,

#
# Virtual Mailbox Stuff
#

home_mailbox = Maildir/
mailbox_command =
virtual_mailbox_domains = domain.net.nz
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_mailbox_base = /home/vmail
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_minimum_uid = 5000
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
unknown_local_recipient_reject_code = 550

#
# For quotas
#

mailbox_transport = virtual
virtual_mailbox_limit = 102400000
virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_maildir_extended = yes
virtual_create_maildirsize = yes
virtual_overquota_bounce = yes


#
# Auto Reply
#

transport_maps = proxy:mysql:/etc/postfix/mysql_transport_maps.cf

#
# SSL
#

inet_protocols = all
smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_authenticated_header = yes
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
readme_directory = /usr/share/doc/postfix
html_directory = /usr/share/doc/postfix/html

From: Sahil Tandon on 16 Feb 2010 19:33
On Wed, 17 Feb 2010, Jeremy Brooking wrote:

> I have recently inherited a postfix mailserver that accepts
> undeliverable mail and am trying to resolve this issue.
>
> I have read http://www.postfix.org/LOCAL_RECIPIENT_README.html and
> tried to impliment the suggestions there, however, it is becoming more
> apparent I am out of my depth.
>
> Our server makes use of the mailbox_transport feature so have been
> trying to configure local_recipient_maps as instructed under that sub
> section of the page, however I cannot get it to work.

Explain what you tried and show logs related to the problem.

> This means either something else in the config is preventing it from
> working, or I am miss-understanding what I am supposed to be placing
> there.
>
> Please help me.
>
> Below is the contents of main.cf:

Read DEBUG_README and paste 'postconf -n' instead.

--
Sahil Tandon <sahil(a)tandon.net>

 | 
Pages: 1
Prev: helo_access
Next: Deny SASL authentication not from local IP