1VIRTUAL(5)                    File Formats Manual                   VIRTUAL(5)
2
3
4

NAME

6       virtual - Postfix virtual alias table format
7

SYNOPSIS

9       postmap /etc/postfix/virtual
10
11       postmap -q "string" /etc/postfix/virtual
12
13       postmap -q - /etc/postfix/virtual <inputfile
14

DESCRIPTION

16       The  optional  virtual(5)  alias table rewrites recipient addresses for
17       all local, all virtual, and all remote mail destinations.  This is  un‐
18       like  the  aliases(5)  table  which is used only for local(8) delivery.
19       This feature is implemented in the  Postfix  cleanup(8)  daemon  before
20       mail is queued.
21
22       Virtual  aliasing  is  recursive; to terminate recursion for a specific
23       address, alias that address to itself.
24
25       The main applications of virtual aliasing are:
26
27       •      To redirect mail for one address to one or more addresses.
28
29       •      To implement virtual  alias  domains  where  all  addresses  are
30              aliased to addresses in other domains.
31
32              Virtual  alias  domains  are not to be confused with the virtual
33              mailbox domains that are implemented with the Postfix virtual(8)
34              mail  delivery agent. With virtual mailbox domains, each recipi‐
35              ent address can have its own mailbox.
36
37       Virtual aliasing is applied only to recipient envelope  addresses,  and
38       does  not  affect message headers.  Use canonical(5) mapping to rewrite
39       header and envelope addresses in general.
40
41       Normally, the virtual(5) alias table is specified as a text  file  that
42       serves as input to the postmap(1) command.  The result, an indexed file
43       in dbm or db format, is used for fast searching by the mail system. Ex‐
44       ecute  the command "postmap /etc/postfix/virtual" to rebuild an indexed
45       file after changing the corresponding text file.
46
47       When the table is provided via other means such as NIS,  LDAP  or  SQL,
48       the same lookups are done as for ordinary indexed files.
49
50       Alternatively,  the  table  can be provided as a regular-expression map
51       where patterns are given as regular expressions, or lookups can be  di‐
52       rected  to a TCP-based server. In those case, the lookups are done in a
53       slightly different way as described below under "REGULAR EXPRESSION TA‐
54       BLES" or "TCP-BASED TABLES".
55

CASE FOLDING

57       The  search string is folded to lowercase before database lookup. As of
58       Postfix 2.3, the search string is not case folded with  database  types
59       such  as  regexp: or pcre: whose lookup fields can match both upper and
60       lower case.
61

TABLE FORMAT

63       The input format for the postmap(1) command is as follows:
64
65       pattern address, address, ...
66              When pattern matches a mail address, replace it  by  the  corre‐
67              sponding address.
68
69       blank lines and comments
70              Empty  lines and whitespace-only lines are ignored, as are lines
71              whose first non-whitespace character is a `#'.
72
73       multi-line text
74              A logical line starts with  non-whitespace  text.  A  line  that
75              starts with whitespace continues a logical line.
76

TABLE SEARCH ORDER

78       With  lookups  from  indexed files such as DB or DBM, or from networked
79       tables such as NIS, LDAP or SQL, each user@domain query produces a  se‐
80       quence of query patterns as described below.
81
82       Each query pattern is sent to each specified lookup table before trying
83       the next query pattern, until a match is found.
84
85       user@domain address, address, ...
86              Redirect mail for user@domain to address.   This  form  has  the
87              highest precedence.
88
89       user address, address, ...
90              Redirect  mail  for  user@site  to address when site is equal to
91              $myorigin, when site is listed in $mydestination, or when it  is
92              listed in $inet_interfaces or $proxy_interfaces.
93
94              This  functionality overlaps with the functionality of the local
95              aliases(5) database. The difference is that  virtual(5)  mapping
96              can be applied to non-local addresses.
97
98       @domain address, address, ...
99              Redirect  mail  for other users in domain to address.  This form
100              has the lowest precedence.
101
102              Note: @domain is a wild-card. With this form, the  Postfix  SMTP
103              server  accepts  mail for any recipient in domain, regardless of
104              whether that recipient exists.  This may turn your  mail  system
105              into  a  backscatter  source:  Postfix  first  accepts  mail for
106              non-existent recipients and then tries to return  that  mail  as
107              "undeliverable" to the often forged sender address.
108
109              To  avoid  backscatter with mail for a wild-card domain, replace
110              the wild-card mapping with explicit 1:1 mappings, or add  a  re‐
111              ject_unverified_recipient restriction for that domain:
112
113                  smtpd_recipient_restrictions =
114                      ...
115                      reject_unauth_destination
116                      check_recipient_access
117                          inline:{example.com=reject_unverified_recipient}
118                  unverified_recipient_reject_code = 550
119
120              In the above example, Postfix may contact a remote server if the
121              recipient is aliased to a remote address.
122

RESULT ADDRESS REWRITING

124       The lookup result is subject to address rewriting:
125
126       •      When the result has the form @otherdomain,  the  result  becomes
127              the same user in otherdomain.  This works only for the first ad‐
128              dress in a multi-address lookup result.
129
130       •      When "append_at_myorigin=yes", append "@$myorigin" to  addresses
131              without "@domain".
132
133       •      When "append_dot_mydomain=yes", append ".$mydomain" to addresses
134              without ".domain".
135

ADDRESS EXTENSION

137       When a mail address localpart contains the optional recipient delimiter
138       (e.g.,  user+foo@domain),  the  lookup  order becomes: user+foo@domain,
139       user@domain, user+foo, user, and @domain.
140
141       The propagate_unmatched_extensions parameter controls  whether  an  un‐
142       matched address extension (+foo) is propagated to the result of a table
143       lookup.
144

VIRTUAL ALIAS DOMAINS

146       Besides virtual aliases, the virtual alias table can also  be  used  to
147       implement  virtual  alias domains. With a virtual alias domain, all re‐
148       cipient addresses are aliased to addresses in other domains.
149
150       Virtual alias domains are not to be confused with the  virtual  mailbox
151       domains  that are implemented with the Postfix virtual(8) mail delivery
152       agent. With virtual mailbox domains, each recipient  address  can  have
153       its own mailbox.
154
155       With  a  virtual alias domain, the virtual domain has its own user name
156       space. Local (i.e. non-virtual) usernames are not visible in a  virtual
157       alias  domain.  In particular, local aliases(5) and local mailing lists
158       are not visible as localname@virtual-alias.domain.
159
160       Support for a virtual alias domain looks like:
161
162       /etc/postfix/main.cf:
163           virtual_alias_maps = hash:/etc/postfix/virtual
164
165       Note: some systems use dbm databases instead of hash.  See  the  output
166       from "postconf -m" for available database types.
167
168       /etc/postfix/virtual:
169           virtual-alias.domain    anything (right-hand content does not matter)
170           postmaster@virtual-alias.domain postmaster
171           user1@virtual-alias.domain      address1
172           user2@virtual-alias.domain      address2, address3
173
174       The virtual-alias.domain anything entry is required for a virtual alias
175       domain. Without this entry, mail is rejected  with  "relay  access  de‐
176       nied", or bounces with "mail loops back to myself".
177
178       Do  not specify virtual alias domain names in the main.cf mydestination
179       or relay_domains configuration parameters.
180
181       With a virtual alias domain, the Postfix SMTP server accepts  mail  for
182       known-user@virtual-alias.domain, and rejects mail for unknown-user@vir‐
183       tual-alias.domain as undeliverable.
184
185       Instead of specifying the  virtual  alias  domain  name  via  the  vir‐
186       tual_alias_maps  table,  you  may  also specify it via the main.cf vir‐
187       tual_alias_domains configuration parameter.  This latter parameter uses
188       the same syntax as the main.cf mydestination configuration parameter.
189

REGULAR EXPRESSION TABLES

191       This  section  describes how the table lookups change when the table is
192       given in the form of regular expressions. For a description of  regular
193       expression lookup table syntax, see regexp_table(5) or pcre_table(5).
194
195       Each  pattern is a regular expression that is applied to the entire ad‐
196       dress being looked up. Thus, user@domain mail addresses are not  broken
197       up  into their user and @domain constituent parts, nor is user+foo bro‐
198       ken up into user and foo.
199
200       Patterns are applied in the order as specified in the  table,  until  a
201       pattern is found that matches the search string.
202
203       Results  are the same as with indexed file lookups, with the additional
204       feature that parenthesized substrings from the pattern can be  interpo‐
205       lated as $1, $2 and so on.
206

TCP-BASED TABLES

208       This  section  describes  how the table lookups change when lookups are
209       directed  to  a  TCP-based  server.  For  a  description  of  the   TCP
210       client/server  lookup  protocol,  see  tcp_table(5).   This  feature is
211       available in Postfix 2.5 and later.
212
213       Each lookup operation uses the entire address once.  Thus,  user@domain
214       mail  addresses  are  not  broken  up  into their user and @domain con‐
215       stituent parts, nor is user+foo broken up into user and foo.
216
217       Results are the same as with indexed file lookups.
218

BUGS

220       The table format does not understand quoting conventions.
221

CONFIGURATION PARAMETERS

223       The following main.cf parameters are especially relevant to this topic.
224       See the Postfix main.cf file for syntax details and for default values.
225       Use the "postfix reload" command after a configuration change.
226
227       virtual_alias_maps ($virtual_maps)
228              Optional lookup tables that alias specific mail addresses or do‐
229              mains to other local or remote addresses.
230
231       virtual_alias_domains ($virtual_alias_maps)
232              Postfix  is the final destination for the specified list of vir‐
233              tual alias domains, that is, domains for which all addresses are
234              aliased to addresses in other local or remote domains.
235
236       propagate_unmatched_extensions (canonical, virtual)
237              What  address  lookup  tables copy an address extension from the
238              lookup key to the lookup result.
239
240       Other parameters of interest:
241
242       inet_interfaces (all)
243              The network interface addresses that this mail  system  receives
244              mail on.
245
246       mydestination ($myhostname, localhost.$mydomain, localhost)
247              The  list of domains that are delivered via the $local_transport
248              mail delivery transport.
249
250       myorigin ($myhostname)
251              The domain name that locally-posted mail appears to  come  from,
252              and that locally posted mail is delivered to.
253
254       owner_request_special (yes)
255              Enable  special  treatment  for  owner-listname  entries  in the
256              aliases(5) file, and don't split owner-listname and listname-re‐
257              quest  address localparts when the recipient_delimiter is set to
258              "-".
259
260       proxy_interfaces (empty)
261              The network interface addresses that this mail  system  receives
262              mail on by way of a proxy or network address translation unit.
263

SEE ALSO

265       cleanup(8), canonicalize and enqueue mail
266       postmap(1), Postfix lookup table manager
267       postconf(5), configuration parameters
268       canonical(5), canonical address mapping
269

README FILES

271       Use  "postconf readme_directory" or "postconf html_directory" to locate
272       this information.
273       ADDRESS_REWRITING_README, address rewriting guide
274       DATABASE_README, Postfix lookup table overview
275       VIRTUAL_README, domain hosting guide
276

LICENSE

278       The Secure Mailer license must be distributed with this software.
279

AUTHOR(S)

281       Wietse Venema
282       IBM T.J. Watson Research
283       P.O. Box 704
284       Yorktown Heights, NY 10598, USA
285
286       Wietse Venema
287       Google, Inc.
288       111 8th Avenue
289       New York, NY 10011, USA
290
291
292
293                                                                    VIRTUAL(5)
Impressum