Postfix, hostname and /etc/aliases

aliasesemailpostfix

After having dig for hours on SF/SO and googled a lot, I still can't figure out how /etc/aliases is used by postfix.

  1. I use an Amazon Linux EC2 server (kind of Centos6)
  2. My server hostname is set to srv.example.com
  3. I have setup postfix 2.6.6 with a null-client config (only to send mails for my website and send reports to my personal mail)
  4. I set up /etc/aliases with rules including root: mymail@gmail.com
  5. I run newaliases to take into account the changes in /etc/aliases
  6. I restarted postfix sudo service postfix restart
  7. echo "something" | mailx -s D"subject" root sends a mail to root@example.com instead of mymail@gmail.com

I traced this in /var/log/maillog :

Mar 13 17:21:23 srv postfix/smtpd[14462]: A27B540A87: client=localhost[127.0.0.1]
Mar 13 17:21:23 srv postfix/cleanup[14466]: A27B540A87: message-id=<55031c93.Il7wUJmrkLu/WLNL%srv@example.com>
Mar 13 17:21:23 srv opendkim[2065]: A27B540A87: DKIM-Signature field added (s=prod-key-swf, d=example.com)
Mar 13 17:21:23 srv postfix/qmgr[14458]: A27B540A87: from=<srv@example.com>, size=820, nrcpt=1 (queue active)
Mar 13 17:21:23 srv sendmail[14461]: t2DHLNlC014461: to=root, ctladdr=srv@example.com (serveur srv) (500/500), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=30309, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (Ok: queued as A27B540A87)
Mar 13 17:21:25 srv postfix/smtp[14467]: A27B540A87: to=<root@srv.example.com>, relay=aspmx.l.google.com[64.233.186.27]:25, delay=2, delays=0.1/0.01/1.4/0.48, dsn=5.1.1, status=bounced (host aspmx.l.google.com[64.233.186.27] said: 550-5.1.1 The email account that you tried to reach does not exist. Please try 550-5.1.1 double-checking the recipient's email address for typos or 550-5.1.1 unnecessary spaces. Learn more at 550 5.1.1 http://support.google.com/mail/bin/answer.py?answer=6596 f78si2479139qkh.47 - gsmtp (in reply to RCPT TO command))
Mar 13 17:21:26 srv postfix/bounce[14468]: A27B540A87: sender non-delivery notification: 2297E40A86
Mar 13 17:21:26 srv postfix/qmgr[14458]: A27B540A87: removed

My only postfix configuration modifications are (null-client config):

  • myhostname = srv.example.com
  • myorigin = $mydomain
  • relayhost = $mydomain
  • inet_interfaces = loopback-only
  • mydestination =

Which step am I missing in order to have /etc/aliases statements applied as expected ?

My sudo postconf -n:

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
html_directory = no
inet_interfaces = loopback-only
inet_protocols = all
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
milter_default_action = accept
mydestination =
myhostname = srv.example.com
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
non_smtpd_milters = $smtpd_milters
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES
relayhost = $mydomain
sample_directory = /usr/share/doc/postfix-2.6.6/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_milters = inet:127.0.0.1:8891
unknown_local_recipient_reject_code = 550

Best Answer

After having understood that a "null client" is a null client, I dig a bit more to understand postfix virtual domain how to.

In a nutshell

  1. A null client is ideal for a "send only" mail server (the one I need for my website)
  2. Configuring a "null client" requires defining myorigin to server hostname
  3. myorigin also specifies the default domain name that is appended to recipient addresses that have no @domain part (taken from /et/postfix/main.cf).
  4. Postfix won't use my /etc/aliases to route my local mails as my mails to root / fail2ban / me ... will be rewritten to root@srv.example.com / fail2ban@srv.example.com ...
  5. Then, I need postfix to rewrite xxx@srv.example.com to mymail@gmail.com
  6. Add @srv.example.com mymail@gmail.com in /etc/postfix/canonical
  7. Add canonical_maps = hash:/etc/postfix/canonical in /etc/postfix/main.cf
  8. Run postmap /etc/postfix/canonical and restart postfix (sudo service postfix restart)

Rewritting local mail with regex

I went a little bit further to keep information of the original target user. You can use regular expression for that :

  • In /etc/postfix/main.cf, instead of canonical_maps = hash:/etc/postfix/canonical, use canonical_maps = regexp:/etc/postfix/canonical
  • In /etc/postfix/canonical, instead of @srv.example.com mymail@gmail.com, I used (.+)@(.+).example.com mymail+$1.$2@gmail.com to receive mail to mymail+fail2ban.srv@gmail.com (I will have srv2, srv3, srvx later...)

I asked for help too early, hope this answer will help others stuck with the same issue.

Related Topic