Stop (most) local delivery in Postfix

Question

I'm trying to setup a Postfix (2.11.4) configuration so that it does this:

Sends out mail originating from the local server
Accepts incoming mail for a single alias, which actually points to a script
And nothing else

Here's a partial main.cf:

mydomain               = example.com
inet_interfaces        = all
inet_protocols         = all
mydestination          = $myhostname, localhost.$mydomain, localhost
alias_maps             = hash:/etc/postfix/aliases
alias_database         = hash:/etc/postfix/aliases
relayhost              = outbound.example.com
allow_mail_to_commands = alias,forward,include
allow_mail_to_files    = alias,forward,include
luser_relay            = $local@example.com

For #1, mail generated on the server for someone@example.com automatically gets sent to "outbound.example.com" for processing. And for #2, I have this in /etc/postfix/aliases , so messages to "robot@myserver.example.com" can be processed by a Perl script

robot: | "/usr/local/bin/robomail.pl"

So far so good. It's #3 that is giving me trouble.

See, this server used to run Sendmail with domain masquerading turned on. And there are still some apps on this server (which I do not control) that send e-mail to just "george" (for example) and expect the server to convert that automatically to "george@example.com", which then gets routed to "outbound.example.com" for delivery.

I tried to fix this by setting up a luser_relay directive:

luser_relay = $local@example.com

This sort of works - when local delivery to "george" fails, Postfix will rewrite it to george@example.com

But if "george" is actually a valid account on the server (i.e. listed in /etc/passwd), then Postfix will accept the message and deliver it to a local mail directory, instead of rewriting the address and forwarding it.

I can work around this by making another /etc/postfix/aliases entry:

george: george@example.com

But this is obviously not scalable when the server has dozens of local user accounts, with more being added all the time. And as best I can tell from the documentation, there's no wildcard equivalent for /etc/postfix/aliases. Otherwise, I would want to do something like this:

robot: | "/usr/local/bin/robomail.pl"
*: *@example.com

Is there a way in Postfix to do this? Accept mail for "robot", but forward everything else to "outbound.example.com" for delivery (adding the @example.com if necessary)?

UPDATE: Some postconf details, and the log of a message that gets sent from "root" to "george" on the local server:

myhostname = myserver.example.com
myorigin = $myhostname
masquerade_domains = 

Mar 23 14:07:26 myserver postfix/pickup[12851]: D2B4A4763D: uid=0 from=<root>
Mar 23 14:07:26 myserver postfix/cleanup[19630]: D2B4A4763D: message-id=<20150323190726.D2B4A4763D@myserver.example.com>
Mar 23 14:07:26 myserver postfix/qmgr[29583]: D2B4A4763D: from=<root@myserver.example.com>, size=323, nrcpt=1 (queue active)
Mar 23 14:07:26 myserver postfix/local[19632]: D2B4A4763D: to=<george@myserver.example.com>, orig_to=<george>, relay=local, delay=0.04, delays=0.02/0/0/0.02, dsn=2.0.0, status=sent (delivered to mailbox)
Mar 23 14:07:26 myserver postfix/qmgr[29583]: D2B4A4763D: removed

What's the output of `postconf myhostname`, `postconf myorigin` and `postconf masquerade_domains`? — masegaloeh, Mar 23 '15 at 16:32
Also can you post the maillog when email *sendmail* send email to existed user (for example (george*) so we can understand your case better? — masegaloeh, Mar 23 '15 at 16:33

score 2 · Answer 1 · answered Mar 23 '15 at 22:31

From the logs, the domain masquerading process rewrite both sender and recipient from something to something@myserver.example.com. The culprit behind this rewriting is paramater myorigin and append_at_myorigin. As postfix docs said

append_at_myorigin (default: yes)

With locally submitted mail, append the string "@$myorigin" to mail addresses without domain information. With remotely submitted mail, append the string "@$remote_header_rewrite_domain" instead.

Note 1: this feature is enabled by default and must not be turned off. Postfix does not support domain-less addresses.

Note 2: with Postfix version 2.2, message header address rewriting happens only when one of the following conditions is true:

The message is received with the Postfix sendmail(1) command,

The message is received from a network client that matches $local_header_rewrite_clients,

The message is received from the network, and the remote_header_rewrite_domain parameter specifies a non-empty value.

To get the behavior before Postfix version 2.2, specify "local_header_rewrite_clients = static:all".

In your configuration, postfix append $myorigin = $myhostname = myserver.example.com to george.

Because $myhostname (myserver.example.com) listed in `mydestination, then postfix will try to do user existence checking by

Check if the user (george) listed as local user on myserver.example.com
Check if the user (george) defined in alias_maps

If user doesn't match both checking, the email will bounced. Otherwise email will be delivered to local mailbox.

Proposed solution

From the question, looks like you want to rewrite george -> george@example.com instead george -> george@myserver.example.com. Then you can change parameter myorigin become $mydomain. In main.cf

myorigin = $mydomain

Stop (most) local delivery in Postfix

1 Answers1

Proposed solution