1VIRTUAL(5) File Formats Manual VIRTUAL(5)
2
6 virtual - Postfix virtual alias table format
7
9 postmap /etc/postfix/virtual
10 postmap -q "string" /etc/postfix/virtual
12 postmap -q - /etc/postfix/virtual <inputfile
14
16 The optional virtual(5) alias table rewrites recipient addresses for
17 all local, all virtual, and all remote mail destinations. This is
18 unlike the aliases(5) table which is used only for local(8) delivery.
19 Virtual aliasing is recursive, and is implemented by the Postfix
20 cleanup(8) daemon before mail is queued.
21 The main applications of virtual aliasing are:
23 · To redirect mail for one address to one or more addresses.
25 · To implement virtual alias domains where all addresses are
27 aliased to addresses in other domains.
28 Virtual alias domains are not to be confused with the virtual
30 mailbox domains that are implemented with the Postfix virtual(8)
31 mail delivery agent. With virtual mailbox domains, each recipi‐
32 ent address can have its own mailbox.
33 Virtual aliasing is applied only to recipient envelope addresses, and
35 does not affect message headers. Use canonical(5) mapping to rewrite
36 header and envelope addresses in general.
37 Normally, the virtual(5) alias table is specified as a text file that
39 serves as input to the postmap(1) command. The result, an indexed file
40 in dbm or db format, is used for fast searching by the mail system.
41 Execute the command "postmap /etc/postfix/virtual" to rebuild an
42 indexed file after changing the corresponding text file.
43 When the table is provided via other means such as NIS, LDAP or SQL,
45 the same lookups are done as for ordinary indexed files.
46 Alternatively, the table can be provided as a regular-expression map
48 where patterns are given as regular expressions, or lookups can be
49 directed to TCP-based server. In those case, the lookups are done in a
50 slightly different way as described below under "REGULAR EXPRESSION
51 TABLES" or "TCP-BASED TABLES".
52
54 The search string is folded to lowercase before database lookup. As of
55 Postfix 2.3, the search string is not case folded with database types
56 such as regexp: or pcre: whose lookup fields can match both upper and
57 lower case.
58
60 The input format for the postmap(1) command is as follows:
61 pattern address, address, ...
63 When pattern matches a mail address, replace it by the corre‐
64 sponding address.
65 blank lines and comments
67 Empty lines and whitespace-only lines are ignored, as are lines
68 whose first non-whitespace character is a `#'.
69 multi-line text
71 A logical line starts with non-whitespace text. A line that
72 starts with whitespace continues a logical line.
73
75 With lookups from indexed files such as DB or DBM, or from networked
76 tables such as NIS, LDAP or SQL, each user@domain query produces a
77 sequence of query patterns as described below.
78 Each query pattern is sent to each specified lookup table before trying
80 the next query pattern, until a match is found.
81 user@domain address, address, ...
83 Redirect mail for user@domain to address. This form has the
84 highest precedence.
85 user address, address, ...
87 Redirect mail for user@site to address when site is equal to
88 $myorigin, when site is listed in $mydestination, or when it is
89 listed in $inet_interfaces or $proxy_interfaces.
90 This functionality overlaps with functionality of the local
92 aliases(5) database. The difference is that virtual(5) mapping
93 can be applied to non-local addresses.
94 @domain address, address, ...
96 Redirect mail for other users in domain to address. This form
97 has the lowest precedence.
98 Note: @domain is a wild-card. With this form, the Postfix SMTP
100 server accepts mail for any recipient in domain, regardless of
101 whether that recipient exists. This may turn your mail system
102 into a backscatter source: Postfix first accepts mail for
103 non-existent recipients and then tries to return that mail as
104 "undeliverable" to the often forged sender address.
105 To avoid backscatter with mail for a wild-card domain, replace
107 the wild-card mapping with explicit 1:1 mappings, or add a
108 reject_unverified_recipient restriction for that domain:
109 smtpd_recipient_restrictions =
111 ...
112 reject_unauth_destination
113 check_recipient_access
114 inline:{example.com=reject_unverified_recipient}
115 unverified_recipient_reject_code = 550
116 In the above example, Postfix may contact a remote server if the
118 recipient is aliased to a remote address.
119
121 The lookup result is subject to address rewriting:
122 · When the result has the form @otherdomain, the result becomes
124 the same user in otherdomain. This works only for the first
125 address in a multi-address lookup result.
126 · When "append_at_myorigin=yes", append "@$myorigin" to addresses
128 without "@domain".
129 · When "append_dot_mydomain=yes", append ".$mydomain" to addresses
131 without ".domain".
132
134 When a mail address localpart contains the optional recipient delimiter
135 (e.g., user+foo@domain), the lookup order becomes: user+foo@domain,
136 user@domain, user+foo, user, and @domain.
137 The propagate_unmatched_extensions parameter controls whether an
139 unmatched address extension (+foo) is propagated to the result of table
140 lookup.
141
143 Besides virtual aliases, the virtual alias table can also be used to
144 implement virtual alias domains. With a virtual alias domain, all
145 recipient addresses are aliased to addresses in other domains.
146 Virtual alias domains are not to be confused with the virtual mailbox
148 domains that are implemented with the Postfix virtual(8) mail delivery
149 agent. With virtual mailbox domains, each recipient address can have
150 its own mailbox.
151 With a virtual alias domain, the virtual domain has its own user name
153 space. Local (i.e. non-virtual) usernames are not visible in a virtual
154 alias domain. In particular, local aliases(5) and local mailing lists
155 are not visible as localname@virtual-alias.domain.
156 Support for a virtual alias domain looks like:
158 /etc/postfix/main.cf:
160 virtual_alias_maps = hash:/etc/postfix/virtual
161 Note: some systems use dbm databases instead of hash. See the output
163 from "postconf -m" for available database types.
164 /etc/postfix/virtual:
166 virtual-alias.domain anything (right-hand content does not matter)
167 postmaster@virtual-alias.domain postmaster
168 user1@virtual-alias.domain address1
169 user2@virtual-alias.domain address2, address3
170 The virtual-alias.domain anything entry is required for a virtual alias
172 domain. Without this entry, mail is rejected with "relay access
173 denied", or bounces with "mail loops back to myself".
174 Do not specify virtual alias domain names in the main.cf mydestination
176 or relay_domains configuration parameters.
177 With a virtual alias domain, the Postfix SMTP server accepts mail for
179 known-user@virtual-alias.domain, and rejects mail for unknown-user@vir‐
180 tual-alias.domain as undeliverable.
181 Instead of specifying the virtual alias domain name via the vir‐
183 tual_alias_maps table, you may also specify it via the main.cf vir‐
184 tual_alias_domains configuration parameter. This latter parameter uses
185 the same syntax as the main.cf mydestination configuration parameter.
186
188 This section describes how the table lookups change when the table is
189 given in the form of regular expressions. For a description of regular
190 expression lookup table syntax, see regexp_table(5) or pcre_table(5).
191 Each pattern is a regular expression that is applied to the entire
193 address being looked up. Thus, user@domain mail addresses are not bro‐
194 ken up into their user and @domain constituent parts, nor is user+foo
195 broken up into user and foo.
196 Patterns are applied in the order as specified in the table, until a
198 pattern is found that matches the search string.
199 Results are the same as with indexed file lookups, with the additional
201 feature that parenthesized substrings from the pattern can be interpo‐
202 lated as $1, $2 and so on.
203
205 This section describes how the table lookups change when lookups are
206 directed to a TCP-based server. For a description of the TCP
207 client/server lookup protocol, see tcp_table(5). This feature is not
208 available up to and including Postfix version 2.4.
209 Each lookup operation uses the entire address once. Thus, user@domain
211 mail addresses are not broken up into their user and @domain con‐
212 stituent parts, nor is user+foo broken up into user and foo.
213 Results are the same as with indexed file lookups.
215
217 The table format does not understand quoting conventions.
218
220 The following main.cf parameters are especially relevant to this topic.
221 See the Postfix main.cf file for syntax details and for default values.
222 Use the "postfix reload" command after a configuration change.
223 virtual_alias_maps ($virtual_maps)
225 Optional lookup tables that alias specific mail addresses or
226 domains to other local or remote address.
227 virtual_alias_domains ($virtual_alias_maps)
229 Postfix is final destination for the specified list of virtual
230 alias domains, that is, domains for which all addresses are
231 aliased to addresses in other local or remote domains.
232 propagate_unmatched_extensions (canonical, virtual)
234 What address lookup tables copy an address extension from the
235 lookup key to the lookup result.
236 Other parameters of interest:
238 inet_interfaces (all)
240 The network interface addresses that this mail system receives
241 mail on.
242 mydestination ($myhostname, localhost.$mydomain, localhost)
244 The list of domains that are delivered via the $local_transport
245 mail delivery transport.
246 myorigin ($myhostname)
248 The domain name that locally-posted mail appears to come from,
249 and that locally posted mail is delivered to.
250 owner_request_special (yes)
252 Enable special treatment for owner-listname entries in the
253 aliases(5) file, and don't split owner-listname and list‐
254 name-request address localparts when the recipient_delimiter is
255 set to "-".
256 proxy_interfaces (empty)
258 The network interface addresses that this mail system receives
259 mail on by way of a proxy or network address translation unit.
260
262 cleanup(8), canonicalize and enqueue mail
263 postmap(1), Postfix lookup table manager
264 postconf(5), configuration parameters
265 canonical(5), canonical address mapping
266
268 Use "postconf readme_directory" or "postconf html_directory" to locate
269 this information.
270 ADDRESS_REWRITING_README, address rewriting guide
271 DATABASE_README, Postfix lookup table overview
272 VIRTUAL_README, domain hosting guide
273
275 The Secure Mailer license must be distributed with this software.
276
278 Wietse Venema
279 IBM T.J. Watson Research
280 P.O. Box 704
281 Yorktown Heights, NY 10598, USA
282 Wietse Venema
284 Google, Inc.
285 111 8th Avenue
286 New York, NY 10011, USA
287 VIRTUAL(5)