![首頁 Logo Keith ]p !!](/themes/mytheme/logo.png){kind=logo}
最後更新: 2019-11-26
目錄
- Local alias database
- Local user 的 Catch All
- virtual alias
- 測試表是否有 result
- Debug
- Turn off Virtual aliasing
- Map 的次序
- "X-Original-To" Header
- 防止收到 "mail list" 出的信
Local alias database
alias 一共由兩個 file 設定:
alias_maps = hash:/etc/postfix/aliases
alias_database = hash:/etc/postfix/aliases <-- 指定當行 newaliases 指令時建立那檔
/etc/postfix/aliases 內容:
user1@domainA user2@domainB # keep copy user3@domainA user3@domainA, user1@domainA # catch-all @domainA user1@domainB
修改完後, 須要行一次 newaliases 就有效 (newaliases 相當於 postalias /etc/aliases)
It will take a minute or so before changes become visible.
Use "postfix reload" to eliminate the delay.
alias_database (未必須)
because alias_maps (see above) may specify tables(alias_maps) that are not necessarily all under control by Postfix.
Local user 的 Catch All
luser_relay (default: empty)
luser_relay = sales
Optional catch-all destination for unknown local(8) recipients.
By default, mail for unknown recipients in domains that match $mydestination, $inet_interfaces or $proxy_interfaces is returned as undeliverable.
Note: if you use this feature for accounts not in the UNIX password file, then you must specify "local_recipient_maps =" (i.e. empty) in the main.cf file,
otherwise the Postfix SMTP server will reject mail for non-UNIX accounts with "User unknown in local recipient table".
virtual alias
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql/virtual_alias_maps.cf
virtual_alias_maps.cf:
query = SELECT alias.goto FROM alias,domain WHERE alias.address='%s' AND alias.domain='%d' AND alias.domain=domain.domain AND alias.active=1 AND domain.backupmx=0 AND domain.active=1
mysql-virtual_forwardings.cf
forwardings 都可以由它來完成
測試表是否有 result
postmap -q [email protected] hash:/etc/postfix/aliases
postmap -q [email protected] mysql:/etc/postfix/mysql/virtual_alias_maps.cf
Debug
# default: 2
debug_peer_level = 2
# 與合 debug_peer_level 使用
debug_peer_list = 127.0.0.1 debug_peer_list = e-mail.domain
Turn off Virtual aliasing
Virtual aliasing can be turned off selectively for mail received by smtpd(8), qmqpd(8), or pickup(8), by overriding main.cf settings in the master.cf file.
This feature is available in Postfix version 2.1 and later.
Example:
/etc/postfix/master.cf:
127.0.0.1:10026 inet n - n - - smtpd
-o receive_override_options=no_address_mappingsNote: do not specify whitespace around the "=" here.
At this point the message is ready to be stored into the Postfix incoming queue.
May 3 18:12:22 vm postfix/qmgr[16429]: 43E7E3D8073: from=<tim@?????>, size=1369, nrcpt=1 (queue active)
May 3 18:12:23 vm postfix/smtp[16449]: 43E7E3D8073: to=<tim@????>, orig_to=<info@????>, relay=mx.????.net[203.194.???.???]:25, delay=1.6,
delays=0.9/0.01/0.02/0.71, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 0151D3A021D)
May 3 18:12:23 vm postfix/qmgr[16429]: 43E7E3D8073: removed
Map 的次序
當第一個表沒有回應時, 那才會問第二個表, 其中一個有回應後, 之後的就不會再查 !
"X-Original-To" Header
dovecot unix - n n - - pipe
flags=DRhuO user=[...OMIT OTHER SETTINGS HERE...]Prepend an "X-Original-To: recipient" message header with the recipient address as given to Postfix.
(一定要這設定: dovecot_destination_recipient_limit = 1 及 enable_original_recipient = yes 才會加這 Header )
防止收到 "mail list" 出的信
假設系統有 maillist
services@mydomain a@mydomain, b@mydomain
那別人可以用以下 telnet cmd 入信
mail from: services@mydomain
rcpt to: services@mydomain
我比較簡陋的解決
main.cf
proxy_read_maps = ... $smtpd_recipient_restrictions smtpd_recipient_restrictions = ... check_sender_access proxy:mysql:/etc/postfix/mysql/reject_maillist_sent_mail.cf, ...
reject_maillist_sent_mail.cf
user = vmail password = ????????????? hosts = 127.0.0.1 port = 3306 dbname = vmail # 由於 address!=goto 所以是 maillist 來 query = SELECT 'reject maillist' FROM alias WHERE domain='%d' AND address='%s' AND address!=goto AND active=1
