 Postfix Configuration - Address Manipulation
 Postfix Configuration - Address ManipulationUnless indicated otherwise, all parameters described here are in the main.cf file. If you change parameters of a running Postfix system, don't forget to issue a postfix reload command.
All mail:
Local delivery:
 
 
 
You probably should never turn off this feature, because a lot of
Postfix components expect that all addresses have the form
user@domain.
 
If your machine is not the main machine for $myorigin and
you wish to have some users delivered locally without going via
that main machine, make an entry in the virtual
table that redirects user@$myorigin to user@$myhostname.
 
 
Some will argue that rewriting host to host.$mydomain
is bad. That is why it can be turned off. Others like the convenience of having
the local domain appended automatically.
Canonical mapping is disabled by default. To enable, edit the canonical_maps parameter in the main.cf file and specify one or more lookup tables, separated by whitespace or commas. For example:
In addition to the canonical maps which are applied to both sender and recipient addresses, you can specify canonical maps that are applied only to sender addresses or to recipient addresses. For example:
The sender and recipient canonical maps are applied before the common canonical maps.
Sender-specific rewriting is useful when you want to rewrite ugly
sender addresses to pretty ones, and still want to be able to
send mail to the those ugly address without creating a mailer loop.
  
Address masquerading is disabled by default. To enable, edit the
masquerade_domains parameter in the main.cf file and
specify one or more domain names separated by whitespace or commas.
The list is processed left to right, and processing stops at the
first match.  Thus,
 
A domain name prefixed with ! means do not masquerade this domain
or its subdomains. Thus,
 
The masquerade_exceptions configuration parameter specifies
what user names should not be subjected to address masquerading.
Specify a list of user names, /file/name or type:table patterns,
separated by commas and/or whitespace. The list is matched left to
right, and the search stops on the first match. Specify !name to
exclude a name from the list. A /file/name pattern is replaced by
its contents; a type:table is matched when a name matches a lookup
key (the right-hand side is ignored).  Continue long lines by
starting the next line with whitespace.
For example,
 
By default, Postfix makes no exceptions.
 
Subtle point: by default, address masquerading is applied only to
message headers and to envelope sender addresses, but not to envelope
recipients. This allows you to use address masquerading on a mail
gateway machine, while still being able to forward mail from outside
to users on individual machines.
 
In order to subject envelope recipient addresses to masquerading,
too, specify (only available with Postfix versions after 20010802):
 
If you do this, Postfix will no longer be able to send mail to
individual machines.
  
Virtual aliasing is disabled by default. To enable, edit the 
virtual_alias_maps parameter in the main.cf file and
specify one or more lookup tables, separated by whitespace or
commas. For example:
 
Addresses found in virtual alias maps are subjected to another
iteration of virtual aliasing, but are not subjected to canonical
mapping, in order to avoid loops.
  
Transport table lookups are disabled by default. To enable, edit
the transport_maps parameter in the main.cf file and
specify one or more lookup tables, separated by whitespace or
commas. For example:
 Address masquerading
Address masquerading is a method to hide all hosts inside a domain
behind their mail gateway, and to make it appear as if the mail
comes from the gateway itself, instead of from individual machines.
masquerade_domains = foo.example.com example.com
strips any.thing.foo.example.com to foo.example.com, but strips
any.thing.else.example.com to example.com.
masquerade_domains = !foo.example.com example.com
does not change any.thing.foo.example.com and foo.example.com,
but strips any.thing.else.example.com to example.com.
 Virtual address aliasing
After applying the canonical and masquerade mappings, the cleanup daemon uses the virtual alias table to redirect mail for all
recipients, local or remote.  The mapping affects only envelope
recipients; it has no effect on message headers or envelope senders.
Virtual alias lookups are useful to redirect mail for virtual
alias domains to real user mailboxes, and to redirect mail for
domains that no longer exist.  Virtual alias lookups can also be
used to transform  Firstname.Lastname  back into UNIX login
names, although it seems that local aliases
are a more appropriate vehicle.
 Mail transport switch
Once the address rewriting and resolving daemon has established
the destination of a message, it determines the default delivery
method for that destination. Postfix distinguishes four major
address classes, each with its own default delivery method.
The optional transport table overrides
the default message delivery method (this table is used by the
address rewriting and resolving daemon).
The transport table can be used to send mail to specific sites via
UUCP, or to send mail to a really broken mail system that
can handle only one SMTP connection at a time (yes, such systems
exist and people used to pay real money for them).
Destination matches Default delivery agent  Controlling parameter
 $mydestination or
$inet_interfaces
 local
 $local_transport 
 $virtual_mailbox_domains 
 virtual
 $virtual_transport 
 $relay_domains
 relay (clone of smtp)
 $relay_transport 
 none 
 smtp
 $default_transport 
 
 Relocated users table
Next, the address rewriting and resolving daemon runs each recipient
name through the relocated database.
This table provides information on how to reach users that no longer
have an account, or what to do with mail for entire domains that
no longer exist.  When mail is sent to an address that is listed
in this table, the message is bounced with an informative message.
Lookups of relocated users are disabled by default. To enable, edit the relocated_maps parameter in the main.cf file and specify one or more lookup tables, separated by whitespace or commas. For example:
Alias lookups are enabled by default. The default configuration depends on the system environment, but it is typically one of the following:
The path to the alias database file is controlled via the alias_database configuration parameter. The value is system dependent. Usually it is one of the following:
For security reasons, deliveries to command and file destinations
are performed with the rights of the alias database owner.  A
default userid, default_privs, is used for deliveries to
commands/files in root-owned aliases.
  
Alternatively, mail for non-existent recipients can be delegated
to an entirely different message transport, as specified with the
fallback_transport configuration parameter. For details,
see the  local delivery agent.
 
Note: if you use the luser_relay feature in order to receive
mail for non-UNIX accounts, then you must specify:
 
luser_relay can specify one address. It is subjected to
$name expansions. The most useful examples are:
 
 
 
 Per-user .forward files
Users can control their own mail delivery by specifying destinations
in a file called .forward in their home directories. The
syntax of these files is the same as with system aliases, except
that the lookup key and colon are not present.
  Non-existent users
When the local delivery agent finds that a message recipient does
not exist, the message is normally bounced to the sender ("user
unknown").  Sometimes it is desirable to forward mail for non-existing
recipients to another machine.  For this purpose you can specify
an alternative destination with the luser_relay configuration
parameter.
(i.e. empty) in the main.cf file, otherwise the Postfix SMTP
server will reject mail for non-UNIX accounts with "User unknown
in local recipient table".
local_recipient_maps =
Up one level |
 Basic Configuration | UCE
Controls |  Rate Controls |  Resource Controls | Address Manipulation