Multiple domains for Postfix

sbabcock23 · 08-16-2006, 08:11 PM

Hi everyone,

Another question. Say I have x.domain.com and y.domain.com and want to setup postfix to accept and send mail for both those domains. Both domains have the same ip address by the way. Do I have to create a virtual domain? I currently have x.domain.com setup correctly and everything is working fine. Now I want to create a new user who has user@y.domain.com, is this possible? Are there any good tutorials on how to do this?

Thanks,
Steve

acid_kewpie · 08-17-2006, 03:03 AM

normally you'd just use the virtual_alias_domains variable to the additional domains you want. that would then deliver bob@y.domain.com to the same destination as bob@x.domain.com. if you need to be more specific than that you'd be looking ath a virtual_alias_map file.

Child of Wonder · 08-17-2006, 10:55 AM

Virtual alias domains works OK if you want all your email going to local user mailboxes. That means user1@x.domain.com and user1@y.domain.com are each going to have different Linux user accounts since they both can't have user1. This can be confusing to users and is harder to manage.

If you want each user1@x.domain.com and user1@y.domain.com account to have it's own mailbox but not a Linux user account, you need virtual mailboxes. This is how I do it on my Ubuntu Postfix box at home.

**Make sure to back up your config files before making any changes!**

First make sure Postfix has the virtual module available to use. Look for the virtual line in /etc/postfix/master.cf. If it's there (which it should) continue.

Create an account that will have access to the virtual mailboxes directory and one for each domain to write to them.

Code:

useradd vuser -u 2000  (or any uid you want above 1000)
groupadd vuser -g 2000  (same as uid)
useradd xdomain -u 2001  
groupadd xdomain -g 2001  
useradd ydomain -u 2002
groupadd ydomain -g 2002

Then create the base directory for your virtual mailboxes.

Code:

mkdir /var/spool/virtual_mailboxes
chown vuser:vuser /var/spool/virtual_mailboxes
chmod 755 /var/spool/virtual_mailboxes

Next, create the subdirectories.

Code:

mkdir /var/spool/virtual_mailboxes/x.domain.com
mkdir /var/spool/virtual_mailboxes/y.domain.com
chown xdomain /var/spool/virtual_mailboxes/x.domain.com/
chown ydomain /var/spool/virtual_mailboxes/y.domain.com/
chgrp xdomain /var/spool/virtual_mailboxes/x.domain.com/
chgrp ydomain /var/spool/virtual_mailboxes/y.domain.com/
chmod 700 /var/spool/virtual_mailboxes/x.domain.com/
chmod 700 /var/spool/virtual_mailboxes/y.domain.com/

Next you need to build a file that you can enter all your email addresses into. Call it /etc/postfix/virtual_build_map_source.

Code:

user1@x.domain.com            x.domain.com/user1/           2001    2001
user2@x.domain.com            x.domain.com/user2/           2001    2001
user1@y.domain.com            y.domain.com/user1/           2002    2002
user2@y.domain.com            y.domain.com/user2/           2002    2002

Then create a script to take that virtual_build_map_source file and create all the other needed files that Postfix will need. Call it /etc/postfix/build_virtual_maps.sh.

Code:

# !/bin/bash
#
# Build all virtual mailbox maps from one source

# section: paths
SOURCE=/etc/postfix/virtual_build_map_source
VMAP=/etc/postfix/virtual_mailbox_recipients
VUID=/etc/postfix/virtual_uid_map
VGID=/etc/postfix/virtual_gid_map
AWK=/usr/bin/awk
POSTMAP=/usr/sbin/postmap

# section: build
# build $virtual_mailbox_maps
$AWK '{printf("%s %s\n",$1,$2)}' $SOURCE > $VMAP
$POSTMAP hash:$VMAP

# build $virtual_uid_maps
$AWK '{printf("%s %s\n",$1,$3)}' $SOURCE > $VUID
$POSTMAP hash:$VUID

# build $virtual_gid_maps
$AWK '{printf("%s %s\n",$1,$4)}' $SOURCE > $VGID
$POSTMAP hash:$VGID

Make the file executable.

Code:

chmod 755 /etc/postfix/build_virtual_maps.sh

Then run the script and it will create the virtual_uid_map, virtual_gid_map, virtual_mailbox_recipients files and postmap them. You should also create a virtual_aliases file for any aliases you want set up. The aliases format is simple. Just write the incoming address, a space, and what address you want it to go to. Then postmap it.

Code:

user1@x.domain.com user2@y.domain.com

Go into main.cf and add the following lines:

Code:

## Virtual Mailboxes
virtual_mailbox_domains = x.domain.com, y.domain.com
virtual_uid_maps = hash:/etc/postfix/virtual_uid_map
virtual_gid_maps = hash:/etc/postfix/virtual_gid_map
virtual_mailbox_base = /var/spool/virtual_mailboxes
virtual_mailbox_maps = hash:/etc/postfix/virtual_mailbox_recipients
virtual_alias_maps = hash:/etc/postfix/virtual_aliases

DO NOT PUT YOUR VIRTUAL DOMAINS IN "mydestination=" OR POSTFIX WILL TRY TO DELIVER THOSE DOMAINS LOCALLY!

Postfix will now start delivering all incoming mail to those virtual mailboxes. The next step would be to set up your POP3 or IMAP server to allow users to get those emails. I use dovecot-pop3 and dovecot-imap.

/etc/dovecot/dovecot.conf

Code:

base_dir = /var/run/dovecot/
protocols = imap pop3
log_path = /var/log/dovecot
info_log_path = /var/log/dovecot.info
login_dir = /var/run/dovecot/login
login_chroot = yes
login_user = dovecot
protocol imap {
  login_executable = /usr/lib/dovecot/imap-login
  mail_executable = /usr/lib/dovecot/imap
}
protocol pop3 {
   login_executable = /usr/lib/dovecot/pop3-login
   mail_executable = /usr/lib/dovecot/pop3
   pop3_uidl_format =  %08Xu%08Xv
}
valid_chroot_dirs = /var/spool/virtual_mailboxes
default_mail_env = maildir:/var/spool/virtual_mailboxes/%d/%n
disable_plaintext_auth = no
auth default {
   mechanisms = plain digest-md5
   userdb passwd-file {
      args = /etc/dovecot/users
   }
   passdb passwd-file {
     args = /etc/dovecot/passwd
   }
}
auth_executable = /usr/lib/dovecot/dovecot-auth
auth_user = root
auth_verbose = yes

Create /etc/dovecot/users and include all your users in there in the following format:

Code:

user1@x.domain.com::2001:2001::/var/spool/virtual_mailboxes/x.domain.com/:/bin/false::
user2@x.domain.com::2001:2001::/var/spool/virtual_mailboxes/x.domain.com/:/bin/false::
user1@y.domain.com::2002:2002::/var/spool/virtual_mailboxes/y.domain.com/:/bin/false::
user2@y.domain.com::2002:2002::/var/spool/virtual_mailboxes/y.domain.com/:/bin/false::

Make the file only usable by root and readable by root group.

Code:

chmod 740 /etc/dovecot/users

Create the following script and put it into /usr/sbin/mkdovecotpasswd.

Code:

#!/bin/bash
mkpasswd --hash=md5 $2  > /tmp/hash
echo "$1:`cat /tmp/hash`" >> /etc/dovecot/passwd

Make it executable.

Code:

chmod 755 /usr/sbin/mkdovecotpasswd

Make your Dovecot password file and give it only root rights.

Code:

touch /etc/dovecot/passwd
chmod 740 /etc/dovecot/passwd

Now you need to assign passwords for your users. Run your new script in this format:

Code:

mkdovecotpasswd user1@x.domain.com password

Do this for every user you have. If you ever need to change a password, just delete the corresponding line in /etc/dovecot/passwd and run the command again with the new password.

To add a new user, add them to the /etc/virtual_build_map_source file, run /etc/postfix/build_virtual_maps.sh, add them to /etc/dovecot/users, and run the mkdovecotpasswd command to assign them a password. All your users can now retrieve mail via POP3 and IMAP (assuming your box is set to accept ports 110, 143, and 25 and/or have them forwarded from your router to your server) and users will be using their full email address as their username.

Restart Postfix and dovecot and you should be good.

gcrumb · 12-12-2006, 12:06 AM

Thanks for the detailed reply. It was invaluable.

Just one little detail:

I followed these steps to the letter and found that my postfix server was bouncing email to valid virtual user accounts. A bit of research determined that the problem was that I hadn't included the 'virtual_transport = virtual' parameter in /etc/postfix/main.cf.

After adding that, everything worked fine.

P.S. I was inspired by your script, and re-wrote the whole thing in perl and in a somewhat more comprehensive format. I'll post it here as soon as I have the pod documentation completed.....

gani · 12-12-2006, 12:26 AM

This one, if you are interested on trying, it uses MySQL in setting virtual domains/hosting. This is the tutorial I followed and my Slack-based postfix server based on.

http://www.postfixvirtual.net/postfixconf.html

---------
GANI

Child of Wonder · 12-12-2006, 09:37 AM

I'm glad I could help. I got most of my info from "The Book of Postfix" by Ralf Hildebrandt and Patrick Koetter. AWESOME BOOK!

My next task is to set up Postfix and LDAP. We have it running where I work but I'd like to try it on my own.