Expand PMF_FN_* macros.

[netbsd-mini2440.git] / external / ibm-public / postfix / dist / README_FILES / STANDARD_CONFIGURATION_README

P\bPo\bos\bst\btf\bfi\bix\bx S\bSt\bta\ban\bnd\bda\bar\brd\bd C\bCo\bon\bnf\bfi\big\bgu\bur\bra\bat\bti\bio\bon\bn E\bEx\bxa\bam\bmp\bpl\ble\bes\bs

-------------------------------------------------------------------------------

P\bPu\bur\brp\bpo\bos\bse\be o\bof\bf t\bth\bhi\bis\bs d\bdo\boc\bcu\bum\bme\ben\bnt\bt

This document presents a number of typical Postfix configurations. This
document should be reviewed after you have followed the basic configuration
steps as described in the BASIC_CONFIGURATION_README document. In particular,
do not proceed here if you don't already have Postfix working for local mail
submission and for local mail delivery.

The first part of this document presents standard configurations that each
solve one specific problem.

  * Postfix on a stand-alone Internet host
  * Postfix on a null client
  * Postfix on a local network
  * Postfix email firewall/gateway

The second part of this document presents additional configurations for hosts
in specific environments.

  * Delivering some but not all accounts locally
  * Running Postfix behind a firewall
  * Configuring Postfix as primary or backup MX host for a remote site
  * Postfix on a dialup machine
  * Postfix on hosts without a real Internet hostname

P\bPo\bos\bst\btf\bfi\bix\bx o\bon\bn a\ba s\bst\bta\ban\bnd\bd-\b-a\bal\blo\bon\bne\be I\bIn\bnt\bte\ber\brn\bne\bet\bt h\bho\bos\bst\bt

Postfix should work out of the box without change on a stand-alone machine that
has direct Internet access. At least, that is how Postfix installs when you
download the Postfix source code via http://www.postfix.org/.

You can use the command "p\bpo\bos\bst\btc\bco\bon\bnf\bf -\b-n\bn" to find out what settings are overruled
by your main.cf. Besides a few pathname settings, few parameters should be set
on a stand-alone box, beyond what is covered in the BASIC_CONFIGURATION_README
document:

    /etc/postfix/main.cf:
        # Optional: send mail as user@domainname instead of user@hostname.
        #myorigin = $mydomain

        # Optional: specify NAT/proxy external address.
        #proxy_interfaces = 1.2.3.4

        # Alternative 1: don't relay mail from other hosts.
        mynetworks_style = host
        relay_domains =

        # Alternative 2: relay mail from local clients only.
        # mynetworks = 192.168.1.0/28
        # relay_domains =

See also the section "Postfix on hosts without a real Internet hostname" if
this is applicable to your configuration.

P\bPo\bos\bst\btf\bfi\bix\bx o\bon\bn a\ba n\bnu\bul\bll\bl c\bcl\bli\bie\ben\bnt\bt

A null client is a machine that can only send mail. It receives no mail from
the network, and it does not deliver any mail locally. A null client typically
uses POP, IMAP or NFS for mailbox access.

In this example we assume that the Internet domain name is "example.com" and
that the machine is named "nullclient.example.com". As usual, the examples show
only parameters that are not left at their default settings.

    1 /etc/postfix/main.cf:
    2     myorigin = $mydomain
    3     relayhost = $mydomain
    4     inet_interfaces = loopback-only
    5     local_transport = error:local delivery is disabled
    6
    7 /etc/postfix/master.cf:
    8     Comment out the local delivery agent entry

Translation:

  * Line 2: Send mail as "user@example.com" (instead of
    "user@nullclient.example.com"), so that nothing ever has a reason to send
    mail to "user@nullclient.example.com".

  * Line 3: Forward all mail to the mail server that is responsible for the
    "example.com" domain. This prevents mail from getting stuck on the null
    client if it is turned off while some remote destination is unreachable.

  * Line 4: Do not accept mail from the network.

  * Lines 5-8: Disable local mail delivery. All mail goes to the mail server as
    specified in line 3.

P\bPo\bos\bst\btf\bfi\bix\bx o\bon\bn a\ba l\blo\boc\bca\bal\bl n\bne\bet\btw\bwo\bor\brk\bk

This section describes a local area network environment of one main server and
multiple other systems that send and receive email. As usual we assume that the
Internet domain name is "example.com". All systems are configured to send mail
as "user@example.com", and all systems receive mail for
"user@hostname.example.com". The main server also receives mail for
"user@example.com". We call this machine by the name of mailhost.example.com.

A drawback of sending mail as "user@example.com" is that mail for "root" and
other system accounts is also sent to the central mailhost. See the section
"Delivering some but not all accounts locally" below for possible solutions.

As usual, the examples show only parameters that are not left at their default
settings.

First we present the non-mailhost configuration, because it is the simpler one.
This machine sends mail as "user@example.com" and is final destination for
"user@hostname.example.com".

    1 /etc/postfix/main.cf:
    2     myorigin = $mydomain
    3     mynetworks = 127.0.0.0/8 10.0.0.0/24
    4     relay_domains =
    5     # Optional: forward all non-local mail to mailhost
    6     #relayhost = $mydomain

Translation:

  * Line 2: Send mail as "user@example.com".

  * Line 3: Specify the trusted networks.

  * Line 4: This host does not relay mail from untrusted networks.

  * Line 6: This is needed if no direct Internet access is available. See also
    below, "Postfix behind a firewall".

Next we present the mailhost configuration. This machine sends mail as
"user@example.com" and is final destination for "user@hostname.example.com" as
well as "user@example.com".

     1 DNS:
     2     example.com    IN    MX  10 mailhost.example.com.
     3
     4 /etc/postfix/main.cf:
     5     myorigin = $mydomain
     6     mydestination = $myhostname localhost.$mydomain localhost $mydomain
     7     mynetworks = 127.0.0.0/8 10.0.0.0/24
     8     relay_domains =
     9     # Optional: forward all non-local mail to firewall
    10     #relayhost = [firewall.example.com]

Translation:

  * Line 2: Send mail for the domain "example.com" to the machine
    mailhost.example.com. Remember to specify the "." at the end of the line.

  * Line 5: Send mail as "user@example.com".

  * Line 6: This host is the final mail destination for the "example.com"
    domain, in addition to the names of the machine itself.

  * Line 7: Specify the trusted networks.

  * Line 8: This host does not relay mail from untrusted networks.

  * Line 10: This is needed only when the mailhost has to forward non-local
    mail via a mail server on a firewall. The [] forces Postfix to do no MX
    record lookups.

In an environment like this, users access their mailbox in one or more of the
following ways:

  * Mailbox access via NFS or equivalent.

  * Mailbox access via POP or IMAP.

  * Mailbox on the user's preferred machine.

In the latter case, each user has an alias on the mailhost that forwards mail
to her preferred machine:

    /etc/aliases:
        joe:    joe@joes.preferred.machine
        jane:   jane@janes.preferred.machine

On some systems the alias database is not in /etc/aliases. To find out the
location for your system, execute the command "p\bpo\bos\bst\btc\bco\bon\bnf\bf a\bal\bli\bia\bas\bs_\b_m\bma\bap\bps\bs".

Execute the command "n\bne\bew\bwa\bal\bli\bia\bas\bse\bes\bs" whenever you change the aliases file.

P\bPo\bos\bst\btf\bfi\bix\bx e\bem\bma\bai\bil\bl f\bfi\bir\bre\bew\bwa\bal\bll\bl/\b/g\bga\bat\bte\bew\bwa\bay\by

The idea is to set up a Postfix email firewall/gateway that forwards mail for
"example.com" to an inside gateway machine but rejects mail for
"anything.example.com". There is only one problem: with "relay_domains =
example.com", the firewall normally also accepts mail for
"anything.example.com". That would not be right.

Note: this example requires Postfix version 2.0 and later. To find out what
Postfix version you have, execute the command "p\bpo\bos\bst\btc\bco\bon\bnf\bf m\bma\bai\bil\bl_\b_v\bve\ber\brs\bsi\bio\bon\bn".

The solution is presented in multiple parts. This first part gets rid of local
mail delivery on the firewall, making the firewall harder to break.

    1 /etc/postfix/main.cf:
    2     myorigin = example.com
    3     mydestination =
    4     local_recipient_maps =
    5     local_transport = error:local mail delivery is disabled
    6
    7 /etc/postfix/master.cf:
    8     Comment out the local delivery agent

Translation:

  * Line 2: Send mail from this machine as "user@example.com", so that no
    reason exists to send mail to "user@firewall.example.com".

  * Lines 3-8: Disable local mail delivery on the firewall machine.

For the sake of technical correctness the firewall must be able to receive mail
for postmaster@[firewall ip address]. Reportedly, some things actually expect
this ability to exist. The second part of the solution therefore adds support
for postmaster@[firewall ip address], and as a bonus we do abuse@[firewall ip
address] as well. All the mail to these two accounts is forwarded to an inside
address.

    1 /etc/postfix/main.cf:
    2     virtual_alias_maps = hash:/etc/postfix/virtual
    3
    4 /etc/postfix/virtual:
    5     postmaster      postmaster@example.com
    6     abuse           abuse@example.com

Translation:

  * Because mydestination is empty (see the previous example), only address
    literals matching $inet_interfaces or $proxy_interfaces are deemed local.
    So "localpart@[a.d.d.r]" can be matched as simply "localpart" in canonical
    (5) and virtual(5). This avoids the need to specify firewall IP addresses
    into Postfix configuration files.

The last part of the solution does the email forwarding, which is the real
purpose of the firewall email function.

     1 /etc/postfix/main.cf:
     2     mynetworks = 127.0.0.0/8 12.34.56.0/24
     3     relay_domains = example.com
     4     parent_domain_matches_subdomains =
     5         debug_peer_list smtpd_access_maps
     6     smtpd_recipient_restrictions =
     7         permit_mynetworks reject_unauth_destination
     8
     9     relay_recipient_maps = hash:/etc/postfix/relay_recipients
    10     transport_maps = hash:/etc/postfix/transport
    11
    12 /etc/postfix/relay_recipients:
    13     user1@example.com   x
    14     user2@example.com   x
    15      . . .
    16
    17 /etc/postfix/transport:
    18     example.com   smtp:[inside-gateway.example.com]

Translation:

  * Lines 1-7: Accept mail from local systems in $mynetworks, and accept mail
    from outside for "user@example.com" but not for
    "user@anything.example.com". The magic is in lines 4-5.

  * Lines 9, 12-14: Define the list of valid addresses in the "example.com"
    domain that can receive mail from the Internet. This prevents the mail
    queue from filling up with undeliverable MAILER-DAEMON messages. If you
    can't maintain a list of valid recipients then you must specify
    "relay_recipient_maps =" (that is, an empty value), or you must specify an
    "@example.com x" wild-card in the relay_recipients table.

  * Lines 10, 17-18: Route mail for "example.com" to the inside gateway
    machine. The [] forces Postfix to do no MX lookup.

Specify d\bdb\bbm\bm instead of h\bha\bas\bsh\bh if your system uses d\bdb\bbm\bm files instead of d\bdb\bb files.
To find out what lookup tables Postfix supports, use the command "p\bpo\bos\bst\btc\bco\bon\bnf\bf -\b-m\bm".

Execute the command "p\bpo\bos\bst\btm\bma\bap\bp /\b/e\bet\btc\bc/\b/p\bpo\bos\bst\btf\bfi\bix\bx/\b/r\bre\bel\bla\bay\by_\b_r\bre\bec\bci\bip\bpi\bie\ben\bnt\bts\bs" whenever you change
the relay_recipients table.

Execute the command "p\bpo\bos\bst\btm\bma\bap\bp /\b/e\bet\btc\bc/\b/p\bpo\bos\bst\btf\bfi\bix\bx/\b/t\btr\bra\ban\bns\bsp\bpo\bor\brt\bt" whenever you change the
transport table.

In some installations, there may be separate instances of Postfix processing
inbound and outbound mail on a multi-homed firewall. The inbound Postfix
instance has an SMTP server listening on the external firewall interface, and
the outbound Postfix instance has an SMTP server listening on the internal
interface. In such a configuration is it is tempting to configure
$inet_interfaces in each instance with just the corresponding interface
address.

In most cases, using inet_interfaces in this way will not work, because as
documented in the $inet_interfaces reference manual, the smtp(8) delivery agent
will also use the specified interface address as the source address for
outbound connections and will be unable to reach hosts on "the other side" of
the firewall. The symptoms are that the firewall is unable to connect to hosts
that are in fact up. See the inet_interfaces parameter documentation for
suggested work-arounds.

D\bDe\bel\bli\biv\bve\ber\bri\bin\bng\bg s\bso\bom\bme\be b\bbu\but\bt n\bno\bot\bt a\bal\bll\bl a\bac\bcc\bco\bou\bun\bnt\bts\bs l\blo\boc\bca\bal\bll\bly\by

A drawback of sending mail as "user@example.com" (instead of
"user@hostname.example.com") is that mail for "root" and other system accounts
is also sent to the central mailhost. In order to deliver such accounts
locally, you can set up virtual aliases as follows:

    1 /etc/postfix/main.cf:
    2     virtual_alias_maps = hash:/etc/postfix/virtual
    3
    4 /etc/postfix/virtual:
    5     root     root@localhost
    6     . . .

Translation:

  * Line 5: As described in the virtual(5) manual page, the bare name "root"
    matches "root@site" when "site" is equal to $myorigin, when "site" is
    listed in $mydestination, or when it matches $inet_interfaces or
    $proxy_interfaces.

R\bRu\bun\bnn\bni\bin\bng\bg P\bPo\bos\bst\btf\bfi\bix\bx b\bbe\beh\bhi\bin\bnd\bd a\ba f\bfi\bir\bre\bew\bwa\bal\bll\bl

The simplest way to set up Postfix on a host behind a firewalled network is to
send all mail to a gateway host, and to let that mail host take care of
internal and external forwarding. Examples of that are shown in the local area
network section above. A more sophisticated approach is to send only external
mail to the gateway host, and to send intranet mail directly. That's what
Wietse does at work.

Note: this example requires Postfix version 2.0 and later. To find out what
Postfix version you have, execute the command "p\bpo\bos\bst\btc\bco\bon\bnf\bf m\bma\bai\bil\bl_\b_v\bve\ber\brs\bsi\bio\bon\bn".

The following example presents additional configuration. You need to combine
this with basic configuration information as discussed the first half of this
document.

     1 /etc/postfix/main.cf:
     2     transport_maps = hash:/etc/postfix/transport
     3     relayhost =
     4     # Optional for a machine that isn't "always on"
     5     #fallback_relay = [gateway.example.com]
     6
     7 /etc/postfix/transport:
     8     # Internal delivery.
     9     example.com      :
    10     .example.com     :
    11     # External delivery.
    12     *                smtp:[gateway.example.com]

Translation:

  * Lines 2, 7-12: Request that intranet mail is delivered directly, and that
    external mail is given to a gateway. Obviously, this example assumes that
    the organization uses DNS MX records internally. The [] forces Postfix to
    do no MX lookup.

  * Line 3: IMPORTANT: do not specify a relayhost in main.cf.

  * Line 5: This prevents mail from being stuck in the queue when the machine
    is turned off. Postfix tries to deliver mail directly, and gives
    undeliverable mail to a gateway.

Specify d\bdb\bbm\bm instead of h\bha\bas\bsh\bh if your system uses d\bdb\bbm\bm files instead of d\bdb\bb files.
To find out what lookup tables Postfix supports, use the command "p\bpo\bos\bst\btc\bco\bon\bnf\bf -\b-m\bm".

Execute the command "p\bpo\bos\bst\btm\bma\bap\bp /\b/e\bet\btc\bc/\b/p\bpo\bos\bst\btf\bfi\bix\bx/\b/t\btr\bra\ban\bns\bsp\bpo\bor\brt\bt" whenever you edit the
transport table.

C\bCo\bon\bnf\bfi\big\bgu\bur\bri\bin\bng\bg P\bPo\bos\bst\btf\bfi\bix\bx a\bas\bs p\bpr\bri\bim\bma\bar\bry\by o\bor\br b\bba\bac\bck\bku\bup\bp M\bMX\bX h\bho\bos\bst\bt f\bfo\bor\br a\ba r\bre\bem\bmo\bot\bte\be s\bsi\bit\bte\be

This section presents additional configuration. You need to combine this with
basic configuration information as discussed the first half of this document.

When your system is SECONDARY MX host for a remote site this is all you need:

     1 DNS:
     2     the.backed-up.domain.tld        IN      MX 100 your.machine.tld.
     3
     4 /etc/postfix/main.cf:
     5     relay_domains = . . . the.backed-up.domain.tld
     6     smtpd_recipient_restrictions =
     7         permit_mynetworks reject_unauth_destination
     8
     9     # You must specify your NAT/proxy external address.
    10     #proxy_interfaces = 1.2.3.4
    11
    12     relay_recipient_maps = hash:/etc/postfix/relay_recipients
    13
    14 /etc/postfix/relay_recipients:
    15     user1@the.backed-up.domain.tld   x
    16     user2@the.backed-up.domain.tld   x
    17      . . .

When your system is PRIMARY MX host for a remote site you need the above, plus:

    18 /etc/postfix/main.cf:
    19     transport_maps = hash:/etc/postfix/transport
    20
    21 /etc/postfix/transport:
    22     the.backed-up.domain.tld       relay:[their.mail.host.tld]

Important notes:

  * Do not list the.backed-up.domain.tld in mydestination.

  * Do not list the.backed-up.domain.tld in virtual_alias_domains.

  * Do not list the.backed-up.domain.tld in virtual_mailbox_domains.

  * Lines 1-7: Forward mail from the Internet for "the.backed-up.domain.tld" to
    the primary MX host for that domain.

  * Line 10: This is a must if Postfix receives mail via a NAT relay or proxy
    that presents a different IP address to the world than the local machine.

  * Lines 12-16: Define the list of valid addresses in the "the.backed-
    up.domain.tld" domain. This prevents your mail queue from filling up with
    undeliverable MAILER-DAEMON messages. If you can't maintain a list of valid
    recipients then you must specify "relay_recipient_maps =" (that is, an
    empty value), or you must specify an "@the.backed-up.domain.tld x" wild-
    card in the relay_recipients table.

  * Line 22: The [] forces Postfix to do no MX lookup.

Specify d\bdb\bbm\bm instead of h\bha\bas\bsh\bh if your system uses d\bdb\bbm\bm files instead of d\bdb\bb files.
To find out what lookup tables Postfix supports, use the command "p\bpo\bos\bst\btc\bco\bon\bnf\bf -\b-m\bm".

Execute the command "p\bpo\bos\bst\btm\bma\bap\bp /\b/e\bet\btc\bc/\b/p\bpo\bos\bst\btf\bfi\bix\bx/\b/t\btr\bra\ban\bns\bsp\bpo\bor\brt\bt" whenever you change the
transport table.

NOTE for Postfix < 2.2: Do not use the fallback_relay feature when relaying
mail for a backup or primary MX domain. Mail would loop between the Postfix MX
host and the fallback_relay host when the final destination is unavailable.

  * In main.cf specify "relay_transport = relay",
  * In master.cf specify "-o fallback_relay =" at the end of the relay entry.
  * In transport maps, specify "relay:nexthop..." as the right-hand side for
    backup or primary MX domain entries.

These are default settings in Postfix version 2.2 and later.

P\bPo\bos\bst\btf\bfi\bix\bx o\bon\bn a\ba d\bdi\bia\bal\blu\bup\bp m\bma\bac\bch\bhi\bin\bne\be

This section applies to dialup connections that are down most of the time. For
dialup connections that are up 24x7, see the local area network section above.

This section presents additional configuration. You need to combine this with
basic configuration information as discussed the first half of this document.

If you do not have your own hostname and IP address (usually with dialup, cable
TV or DSL connections) then you should also study the section on "Postfix on
hosts without a real Internet hostname".

  * Route all outgoing mail to your network provider.
    If your machine is disconnected most of the time, there isn't a lot of
    opportunity for Postfix to deliver mail to hard-to-reach corners of the
    Internet. It's better to give the mail to a machine that is connected all
    the time. In the example below, the [] prevents Postfix from trying to look
    up DNS MX records.

    /etc/postfix/main.cf:
        relayhost = [smtprelay.someprovider.com]

  * Disable spontaneous SMTP mail delivery (if using on-demand dialup IP only).

    Normally, Postfix attempts to deliver outbound mail at its convenience. If
    your machine uses on-demand dialup IP, this causes your system to place a
    telephone call whenever you submit new mail, and whenever Postfix retries
    to deliver delayed mail. To prevent such telephone calls from being placed,
    disable spontaneous SMTP mail deliveries.

    /etc/postfix/main.cf:
        defer_transports = smtp (Only for on-demand dialup IP hosts)

  * Disable SMTP client DNS lookups (dialup LAN only).

    /etc/postfix/main.cf:
        disable_dns_lookups = yes (Only for on-demand dialup IP hosts)

  * Flush the mail queue whenever the Internet link is established.
    Put the following command into your PPP or SLIP dialup scripts:

    /usr/sbin/sendmail -q (whenever the Internet link is up)

    The exact location of the Postfix sendmail command is system-specific. Use
    the command "p\bpo\bos\bst\btc\bco\bon\bnf\bf s\bse\ben\bnd\bdm\bma\bai\bil\bl_\b_p\bpa\bat\bth\bh" to find out where the Postfix sendmail
    command is located on your machine.

    In order to find out if the mail queue is flushed, use something like:

    #!/bin/sh

    # Start mail deliveries.
    /usr/sbin/sendmail -q

    # Allow deliveries to start.
    sleep 10

    # Loop until all messages have been tried at least once.
    while mailq | grep '^[^ ]*\*' >/dev/null
    do
        sleep 10
    done

    If you have disabled spontaneous SMTP mail delivery, you also need to run
    the "s\bse\ben\bnd\bdm\bma\bai\bil\bl -\b-q\bq" command every now and then while the dialup link is up,
    so that newly-posted mail is flushed from the queue.

P\bPo\bos\bst\btf\bfi\bix\bx o\bon\bn h\bho\bos\bst\bts\bs w\bwi\bit\bth\bho\bou\but\bt a\ba r\bre\bea\bal\bl I\bIn\bnt\bte\ber\brn\bne\bet\bt h\bho\bos\bst\btn\bna\bam\bme\be

This section is for hosts that don't have their own Internet hostname.
Typically these are systems that get a dynamic IP address via DHCP or via
dialup. Postfix will let you send and receive mail just fine between accounts
on a machine with a fantasy name. However, you cannot use a fantasy hostname in
your email address when sending mail into the Internet, because no-one would be
able to reply to your mail. In fact, more and more sites refuse mail addresses
with non-existent domain names.

Note: the following information is Postfix version dependent. To find out what
Postfix version you have, execute the command "p\bpo\bos\bst\btc\bco\bon\bnf\bf m\bma\bai\bil\bl_\b_v\bve\ber\brs\bsi\bio\bon\bn".

S\bSo\bol\blu\but\bti\bio\bon\bn 1\b1:\b: P\bPo\bos\bst\btf\bfi\bix\bx v\bve\ber\brs\bsi\bio\bon\bn 2\b2.\b.2\b2 a\ban\bnd\bd l\bla\bat\bte\ber\br

Postfix 2.2 uses the generic(5) address mapping to replace local fantasy email
addresses by valid Internet addresses. This mapping happens ONLY when mail
leaves the machine; not when you send mail between users on the same machine.

The following example presents additional configuration. You need to combine
this with basic configuration information as discussed the first half of this
document.

    1 /etc/postfix/main.cf:
    2     smtp_generic_maps = hash:/etc/postfix/generic
    3
    4 /etc/postfix/generic:
    5     his@localdomain.local             hisaccount@hisisp.example
    6     her@localdomain.local             heraccount@herisp.example
    7     @localdomain.local                hisaccount+local@hisisp.example

When mail is sent to a remote host via SMTP:

  * Line 5 replaces his@localdomain.local by his ISP mail address,

  * Line 6 replaces her@localdomain.local by her ISP mail address, and

  * Line 7 replaces other local addresses by his ISP account, with an address
    extension of +local (this example assumes that the ISP supports "+" style
    address extensions).

Specify d\bdb\bbm\bm instead of h\bha\bas\bsh\bh if your system uses d\bdb\bbm\bm files instead of d\bdb\bb files.
To find out what lookup tables Postfix supports, use the command "p\bpo\bos\bst\btc\bco\bon\bnf\bf -\b-m\bm".

Execute the command "p\bpo\bos\bst\btm\bma\bap\bp /\b/e\bet\btc\bc/\b/p\bpo\bos\bst\btf\bfi\bix\bx/\b/g\bge\ben\bne\ber\bri\bic\bc" whenever you change the
generic table.

S\bSo\bol\blu\but\bti\bio\bon\bn 2\b2:\b: P\bPo\bos\bst\btf\bfi\bix\bx v\bve\ber\brs\bsi\bio\bon\bn 2\b2.\b.1\b1 a\ban\bnd\bd e\bea\bar\brl\bli\bie\ber\br

The solution with older Postfix systems is to use valid Internet addresses
where possible, and to let Postfix map valid Internet addresses to local
fantasy addresses. With this, you can send mail to the Internet and to local
fantasy addresses, including mail to local fantasy addresses that don't have a
valid Internet address of their own.

The following example presents additional configuration. You need to combine
this with basic configuration information as discussed the first half of this
document.

     1 /etc/postfix/main.cf:
     2     myhostname = hostname.localdomain
     3     mydomain = localdomain
     4
     5     canonical_maps = hash:/etc/postfix/canonical
     6
     7     virtual_alias_maps = hash:/etc/postfix/virtual
     8
     9 /etc/postfix/canonical:
    10     your-login-name    your-account@your-isp.com
    11
    12 /etc/postfix/virtual:
    13     your-account@your-isp.com       your-login-name

Translation:

  * Lines 2-3: Substitute your fantasy hostname here. Do not use a domain name
    that is already in use by real organizations on the Internet. See RFC 2606
    for examples of domain names that are guaranteed not to be owned by anyone.

  * Lines 5, 9, 10: This provides the mapping from "your-login-
    name@hostname.localdomain" to "your-account@your-isp.com". This part is
    required.

  * Lines 7, 12, 13: Deliver mail for "your-account@your-isp.com" locally,
    instead of sending it to the ISP. This part is not required but is
    convenient.

Specify d\bdb\bbm\bm instead of h\bha\bas\bsh\bh if your system uses d\bdb\bbm\bm files instead of d\bdb\bb files.
To find out what lookup tables Postfix supports, use the command "p\bpo\bos\bst\btc\bco\bon\bnf\bf -\b-m\bm".

Execute the command "p\bpo\bos\bst\btm\bma\bap\bp /\b/e\bet\btc\bc/\b/p\bpo\bos\bst\btf\bfi\bix\bx/\b/c\bca\ban\bno\bon\bni\bic\bca\bal\bl" whenever you change the
canonical table.

Execute the command "p\bpo\bos\bst\btm\bma\bap\bp /\b/e\bet\btc\bc/\b/p\bpo\bos\bst\btf\bfi\bix\bx/\b/v\bvi\bir\brt\btu\bua\bal\bl" whenever you change the
virtual table.