Postfix + Virtual

@A32:

virtualmailboxdomains = mydomain.com

virtualmailboxbase = /home/owner/mail

virtualmailboxmaps = hash:/etc/postfix/virtual_mailboxes

virtualminimumuid = 100

virtualuidmaps = static:5000

virtualgidmaps = static:5000

The problem is most likely that the static:5000 uid and gid above are not allowed to access the /home/owner/mail directory.

You need to specify files for the uid and gid maps and place the uid and gid for the owner of /home/owner/mail into these files.

I've done this recently but don't have the info at hand as I'm at work. I think I found how to do it by searching uid_maps or the like on google. I think the format is along the lines of:

owner@mydomain.xxx 1000

other@mydomain.xxx 1001

etc.

Whew.. that was a toughie!

I ended up changing the directories around (/var/spool/postfix/virtual) and changed the uid and gid to the postfix uid and gid respectively.

So to change from /var/spool/postfix/virtual to something more appealing I think I would:

A.

1. change virtualmailboxbase = /some/path

2. chown that path to postfix.postfix?

3. keep the virtualuidmaps: static:103 virtualgidmaps: static:105

-or-

B.

1. change virtualmailboxbase = /some/path

2. create a user, say, themailman

3. chown /some/path to themailman

4. set virtualuidmaps and virtualgidmaps respective to the id/group of themailman

One thing I'm confused about.. N00b alert - If postfix is chrooted by default like I've been reading, how does it access dirs outside the jail like /home/mail or whatever?

Thanks.

The following assumes your using Dovecot SMTP Auth and a version of Postfix that supports it. > 2.3 (I think)

Create a virtual mail user, make the directory for the virtual mail, and make it owned by the vmail account.

groupadd -g 5000 vmail
useradd -m -u 5000 -g 5000 -s /bin/bash vmail
mkdir /var/mail/vmail
chown vmail:vmail /var/mail/vmail

/etc/postfix/main.cf

# DELIVERY TO MAILBOX
#
# The home_mailbox parameter specifies the optional pathname of a
# mailbox file relative to a user's home directory. The default
# mailbox file is /var/spool/mail/user or /var/mail/user.  Specify
# "Maildir/" for qmail-style delivery (the / is required).
#
home_mailbox = Maildir/

# Virtual mail users
virtual_mailbox_base = /var/mail/vmail
virtual_mailbox_domains = /etc/postfix/virtual/vdomains.txt
virtual_mailbox_maps = hash:/etc/postfix/virtual/vmailboxes.txt
virtual_minimum_uid = 1000
virtual_uid_maps = hash:/etc/postfix/virtual/vuid.txt
virtual_gid_maps = hash:/etc/postfix/virtual/vgid.txt
virtual_alias_maps = hash:/etc/postfix/virtual/valias.txt

The "home_mailbox = Maildir/" above allows both local and virtual users to work without permission problems.

Local mails are in: /home/user/Maildir

Virtual mails are in: /var/mail/vmail/domain.xxx/user/Maildir/

/etc/postfix/virtual/domains

domain.xxx

xxx above can be com / org / net or whatever you own.

/etc/postfix/virtual/domains/domain.xxx

# Maildir mail addresses for domain.xxx
user1@domain.xxx   domain.xxx/user1/Maildir/
user2@domain.xxx   domain.xxx/user2/Maildir/

# Comment out the entry below to implement a catch-all.
# @domain.xxx      domain

/etc/postfix/virtual/uids/domain

# Domains owned by local user domain (uid/gid) 1000:1000
#@domain.com 1000
@domain.xxx 5000
#@domain.net 1000
#@domain.org 1000

The 1000's above are part of an incomplete experiment to move virtual mail to the local system owner of the virtual domain from:

/var/mail/vmail/domain.xxx

to

/home/localuser/Maildir/domain.xxx/user/Maildir

/etc/postfix/build-mail.sh

#!/bin/sh

# Create the list of domains
ls /etc/postfix/virtual/domains > /etc/postfix/virtual/vdomains.txt

# Create the virtual mailboxes
cat /etc/postfix/virtual/domains/* > /etc/postfix/virtual/vmailboxes.txt
postmap /etc/postfix/virtual/vmailboxes.txt

# Create the virtual aliases
cat /etc/postfix/virtual/aliases/* > /etc/postfix/virtual/valiases.txt
postmap /etc/postfix/virtual/valiases.txt

# Create the list of domain uids
cat /etc/postfix/virtual/uids/* > /etc/postfix/virtual/vuid.txt
postmap /etc/postfix/virtual/vuid.txt

# Create the list of domain gids
cat /etc/postfix/virtual/uids/* > /etc/postfix/virtual/vgid.txt
postmap /etc/postfix/virtual/vgid.txt

# The final step is to create the mailboxes for the users.
# Thanks to the magic of permissions this will happen auto-magically when the account first gets mail

The above is a quick build and postmap all the files.

@A32:

One thing I'm confused about.. N00b alert - If postfix is chrooted by default like I've been reading, how does it access dirs outside the jail like /home/mail or whatever?

It can get to the stuff in /var/mail for local users because it has the group mail. It can get to the stuff in vmail because the virtual uid and gid maps match the uid and gid of the vmail user (5000) and you told postfix to use that to deliver virtual mails.

It can't get to /home/localuser/Maildir directly, but there is some magic (which I don't understand) that allows the mails to be placed there after postfix accepts them.

Getting virtual mails to turn up in /home/localuser/Maildir/domain.xxx/* is something I haven't cracked yet. Probably because I don't really understand how it all works.

I believe I have a decent grasp of how it works now. Thanks very much for all your help!

@kangaby:

The following assumes your using Dovecot SMTP Auth and a version of Postfix that supports it. > 2.3 (I think)

Create a virtual mail user, make the directory for the virtual mail, and make it owned by the vmail account.

groupadd -g 5000 vmail
useradd -m -u 5000 -g 5000 -s /bin/bash vmail
mkdir /var/mail/vmail
chown vmail:vmail /var/mail/vmail

Hello all. :)

Ok, so I thought I was finally getting a grasp on how to do this (and why I was doing the steps I needed to do) thanks to this thread and the Postfix Virtual Readme, but when I got the the 3rd step above (mkdir /var/mail/vmail), it failed:

mkdir: cannot create directory `/var/mail/vmail': File exists

Apparently when I created the user it added a blank file named vmail in my /var/spool/mail directory (which is an alias of /var/mail on my box).

Any ideas?

Thanks. :D

I should let you guys know that I am still learning my way around Linux and fairly newbie-ish.

-Michael

@mvandemar:

@kangaby:

The following assumes your using Dovecot SMTP Auth and a version of Postfix that supports it. > 2.3 (I think)

Create a virtual mail user, make the directory for the virtual mail, and make it owned by the vmail account.

groupadd -g 5000 vmail
useradd -m -u 5000 -g 5000 -s /bin/bash vmail
mkdir /var/mail/vmail
chown vmail:vmail /var/mail/vmail

Hello all. :)

Ok, so I thought I was finally getting a grasp on how to do this (and why I was doing the steps I needed to do) thanks to this thread and the Postfix Virtual Readme, but when I got the the 3rd step above (mkdir /var/mail/vmail), it failed:

mkdir: cannot create directory `/var/mail/vmail': File exists

Apparently when I created the user it added a blank file named vmail in my /var/spool/mail directory (which is an alias of /var/mail on my box).

Any ideas?

Yeah, when you create the user in the manner specified, it will create a mailbox for that user as if it were a person. That's really got nothing to do with the server setup itself; I'd simply pick a different location for your mail directory. I definitely recommend looking through the postfix documentation above if you haven't already.

@mvandemar:

I should let you guys know that I am still learning my way around Linux and fairly newbie-ish.

-Michael

You certainly picked a difficult way to get up to speed… Mail servers can be among the most complicated daemons to (correctly) configure on linux. Don't get discouraged.

@CybrMatt:

@mvandemar:

I should let you guys know that I am still learning my way around Linux and fairly newbie-ish.

-Michael

You certainly picked a difficult way to get up to speed… Mail servers can be among the most complicated daemons to (correctly) configure on linux. Don't get discouraged.

Thanks, I won't. :D

@CybrMatt:

@mvandemar:

@kangaby:

The following assumes your using Dovecot SMTP Auth and a version of Postfix that supports it. > 2.3 (I think)

Create a virtual mail user, make the directory for the virtual mail, and make it owned by the vmail account.

groupadd -g 5000 vmail
useradd -m -u 5000 -g 5000 -s /bin/bash vmail
mkdir /var/mail/vmail
chown vmail:vmail /var/mail/vmail

Hello all. :)

Ok, so I thought I was finally getting a grasp on how to do this (and why I was doing the steps I needed to do) thanks to this thread and the Postfix Virtual Readme, but when I got the the 3rd step above (mkdir /var/mail/vmail), it failed:

mkdir: cannot create directory `/var/mail/vmail': File exists

Apparently when I created the user it added a blank file named vmail in my /var/spool/mail directory (which is an alias of /var/mail on my box).

Any ideas?

Yeah, when you create the user in the manner specified, it will create a mailbox for that user as if it were a person.

See, and that's the problem with all of the walkthroughs I've found so far… either they assume that you have knowledge that you might not, or they have minor issues like this one, where following it like a recipe simply won't work all the way through, or (like most) they toss in a whole bunch of config options/flags without saying what they mean. Getting there slowly though. :)

Question though, when you say, "create the user in the manner specified", I didn't see an option to create a user without creating a mailbox on the useradd man page… is there another way to add a user then?

@CybrMatt:

That's really got nothing to do with the server setup itself; I'd simply pick a different location for your mail directory.

That I can do. :)

@CybrMatt:

I definitely recommend looking through the postfix documentation above if you haven't already.

I have, thanks, bookmarked it and keep referring back to it as I go. Only one site on the server gets mail, and it's a non-critical one, so no rush with it.

-Michael

@mvandemar:

See, and that's the problem with all of the walkthroughs I've found so far… either they assume that you have knowledge that you might not, or they have minor issues like this one, where following it like a recipe simply won't work all the way through, or (like most) they toss in a whole bunch of config options/flags without saying what they mean. Getting there slowly though. :)

Question though, when you say, "create the user in the manner specified", I didn't see an option to create a user without creating a mailbox on the useradd man page… is there another way to add a user then?

It's not really anything to worry about; it's normal for local user accounts to be able to receive mail locally. You can use any mail program (like mailx or mutt) to send mail to a local user account:

$ mailx vmail

subject: hi

body…

.

And it will deliver it to the user's mail file. If the file doesn't exit, the system will create it. They're usually in /var/mail or /var/spool/mail by default. The files hold the messages in plain text, so you can just open them and read what's inside.

If you're setting up a virtual domain though, it's usually completely unrelated to the local system accounts.

@CybrMatt:

If you're setting up a virtual domain though, it's usually completely unrelated to the local system accounts.

Hm. Ok, in the following snippet from this document:

@Postfix website:

Postfix Postfix virtual MAILBOX example: separate domains, non-UNIX accounts

{snip}

Here is an example of a virtual mailbox domain "example.com":

     1 /etc/postfix/main.cf:
     2     virtual_mailbox_domains = example.com ...more domains...
     3     virtual_mailbox_base = /var/mail/vhosts
     4     virtual_mailbox_maps = hash:/etc/postfix/vmailbox
     5     virtual_minimum_uid = 100
     6     virtual_uid_maps = static:5000
     7     virtual_gid_maps = static:5000
     8     virtual_alias_maps = hash:/etc/postfix/virtual

{snip}
* Lines 6, 7: The virtualuidmaps and virtualgidmaps parameters specify that all the virtual mailboxes are owned by a fixed uid and gid 5000. If this is not what you want, specify lookup tables that are searched by the recipient's mail address.

I am assuming that is where A32 got the original code he posted, and it does seem like it would be a simplification of things if all of the virtual mailboxes had a single owner for delivery purposes.

That static account does have to be a system account though, correct? And it can't have the same name as the folder where the mail is then stored? That's why in the example they chose "vhosts" for the directory and the descriptive yet arbitrary name of "static" for the user…?

-Michael

@CybrMatt:

Yeah, when you create the user in the manner specified, it will create a mailbox for that user as if it were a person.
I'm sure when I did this it created a vmail user in the home directory, and as long as you never send local user vmail any mail, it doesn't create a directory in /var/mail

@mvandemar:

See, and that's the problem with all of the walkthroughs I've found so far… either they assume that you have knowledge that you might not, or they have minor issues like this one, where following it like a recipe simply won't work all the way through, or (like most) they toss in a whole bunch of config options/flags without saying what they mean. Getting there slowly though. :)
Have a look at this one.

http://www.linode.com/wiki/index.php/Us … ail_Server">http://www.linode.com/wiki/index.php/User:Kangaby#SetupPostfixMail_Server

Might / might not help.

Static is not the user. It means static i.e. not dynamic.

The 5000 references the user id 5000 in the password file and the group id 5000 in the groups file. The 5000 was assigned as part of the useradd command. It could be any number you want, as long as it's not already used by the system. (higher the better, as normal users start around 100 or is it 1000 and go up from there.

Thanks kangaby. :)

If sendmail was handling the system messages before (like sending root notices after a cron job), will Postfix do that by default? I just disable sendmail altogether, right?

-Michael

Generally, when you install postfix, it will remove sendmail.

There will still be some sendmail references from memory, (can't remember what exactly) but this is to allow applications that only know about sendmail to send mail through postfix.

Yes, postfix can send local (root) and virtual emails in the same setup if you configure it for both.

@kangaby:

Generally, when you install postfix, it will remove sendmail.

It will remove the sendmail package. However, postfix comes with a "sendmail" binary program that is used by cron et. al. and does the expected thing (local mail submission).

@SteveG:

It will remove the sendmail package. However, postfix comes with a "sendmail" binary program that is used by cron et. al. and does the expected thing (local mail submission).

By binary, you mean a symlink to /usr/sbin/sendmail and /usr/sbin/mail.

Not on my system (standard debian postfix):

$ ls -l /usr/sbin/sendmail

-rwxr-xr-x 1 root root 22084 2008-09-14 09:09 /usr/sbin/sendmail

$ ls -l /usr/sbin/mail

ls: cannot access /usr/sbin/mail: No such file or directory

If you meant /usr/bin/mail, that's a completely different program for reading/sending mail, which uses /usr/sbin/sendmail for the latter.

@kangaby:

Generally, when you install postfix, it will remove sendmail.

Actually, both sendmail and postfix were installed when I got the box, but postfix was neither configured nor running. I tried configuring postfix based on posts that I found (which lead me here), got frustrated, realized it was holding up actual development, so disabled that on boot and re-enabled sendmail until I could dig deeper into it (having mail for the main domain would be very nice, but not the top priority).

Thing is, since I did that as near as I can tell no more mail has been delivered to root. Not sure why, since I never touched sendmail's config aside from disabling and then re-enabling it at boot time (which is not actual in sendmail's config).

-Michael