DevHeads.net

Virtual users and local users in the same domain?

Given that I have two users, <a href="mailto: ... at example dot com"> ... at example dot com</a> and <a href="mailto: ... at example dot com"> ... at example dot com</a> who are currently both local users and given that mydomain=example.com, is it possible to configure postfix such that one of them is in the mysql database and one is still local? It appears that once I add a domain to the mysql_virtual_domains_maps.cf Then all the users for that domain need to be in the mysql table.

(I’ve tried adding the user to the mysql table already, but since postfix figures out mydomain on its own it resolves it to the local user and delivers it to procmail as usual and doesn’t check the sql map as far as I can tell, which makes sense, but can I override this somehow? I am trying to avoid changing all the mydomain local users at once and prefer to start with my own account so if something goes wrong no one else is affected).

Comments

Re: Virtual users and local users in the same domain?

By Wietse Venema at 06/11/2019 - 07:12

If the idea is to use the local(8) delivery agent for all recipients,
and telling it to look into the mysql table, that would require PAM
configuration. I am not familiar with that.

Below is an example that uses different delivery agents, but this
will need multiple overrides.

/etc/postfix/main.cf:
transport_maps = hash:/etc/postfix/transport
# Add virtual users table for address validation.
local_recipient_maps = proxy:unix:passwd.byname $alias_maps
mysql:virtual_domains_maps.cf
mydestination = example.com ...
virtual_uid_maps = ...
virtual_gid_maps = ...

/etc/postfix/transport:
# Overrides for virtual recipients.
<a href="mailto: ... at example dot com"> ... at example dot com</a> virtual:
<a href="mailto: ... at example dot com"> ... at example dot com</a> virtual:
...

Instead of using virtual(8) you could try lmtp+dovecot.

Wietse

Re: Virtual users and local users in the same domain?

By Viktor Dukhovni at 06/11/2019 - 11:39

Another option might be "mailbox_transport_maps", at the cost
of splitting the envelope for multi-recipient messages. Which
might play better with existing aliases(5) data (which I always
recommend migrating to virtual(5) aliases).