Postfix - disable local delivery

4n0nx

Hello,

if the recipient domain is in my virtual_mailbox_domains database, Postfix will always deliver the mail to itself, even if the recipient domain uses a different email hosting provider (-> has different MX record).

How can I disable this?

local_transport = error:local delivery is disabled
local_recipient_maps =

myhostname = mx.example.org
mydomain = $myhostname
myorigin = $mydomain

mydestination =
relayhost =

virtual_transport = lmtp:unix:private/dovecot-lmtp
virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf

Thanks

jar

I don't think it can do this. Ideally one shouldn't have a local user for the purpose of receiving mail if the mail is not to be delivered on that server. Maybe an external script to remove domains that lack a certain MX record, but that seems dangerous.

Mail should be either local or remote, and you're basically wanting it to be both based on the status of a check that might not even be a reliable check 100% of the time.

This is exactly why MXroute emails are sent from a Google Apps hosted domain.

4n0nx

Jar said: I don't think it can do this. Ideally one shouldn't have a local user for the purpose of receiving mail if the mail is not to be delivered on that server. Maybe an external script to remove domains that lack a certain MX record, but that seems dangerous.

Mail should be either local or remote, and you're basically wanting it to be both based on the status of a check that might not even be a reliable check 100% of the time.

This is exactly why MXroute emails are sent from a Google Apps hosted domain.

This will only be the case if a user switches from my server to another and doesn't delete his domain (adding is only possible if the DNS records are correct).

Ah, so postfix can't treat itself as remote? Yeah, I guess then the only thing that is left would be to use a (fault tolerant) DNS check script, or to separate SMTP and inboxes. Assuming I were to set up a separate SMTP server, is there an easy way to add that to my existing solution?

Thanks! I should have asked here much earlier.

jar

Maybe SMTP server A pushes all outgoing mail to server B which then acts as a relay for everything that comes in from the trusted server (A), then simply does it's own lookup and sends mail normally based on the DNS records at that point, as it has no specific restriction on domains it should be delivering to/from.

While I'm not sure how to set that up, I bet someone here may have more insight. Theoretically, it sounds possible to me.

Snape

A remote smarthost would handle the sorting part easily enough. The problem is getting Postfix to treat "everything" as remote.

If the MX record points to another server, what e-mails are getting delivered to yours? Something locally-generated? Or spam that's trying the A record as a fallback MX?

4n0nx

Snape said: A remote smarthost would handle the sorting part easily enough. The problem is getting Postfix to treat "everything" as remote.

If the MX record points to another server, what e-mails are getting delivered to yours? Something locally-generated? Or spam that's trying the A record as a fallback MX?

Example:
Mail server mx.lowendtalk.com has the domains example.com and example.org in its database. However, only the MX records of example.com are delegated to the mail server mx.lowendtalk.com; example.org uses a different mail server.

Nevertheless, when a user from example.com tries to send mail to example.org, the mail server mx.lowendtalk.com tries to deliver it to itself, because example.org is in the virtual_mailbox_domains database table.

Snape

Ah. That's always a pain. There's honestly no elegant way of handling that, systematically, AFAIK. Just amend the local DB to comment out the not-actually-local domain, as it comes up, IMO. You're going to run into huge headaches trying to do anything else, and stuff like that shouldn't come up particularly often.

Falzo

4n0nx said: Mail server mx.lowendtalk.com has the domains example.com and example.org in its database. However, only the MX records of example.com are delegated to the mail server mx.lowendtalk.com; example.org uses a different mail server.

so why should example.org then be in the virtual_mailbox_domains?
this may be related to a control panel you are probably using, which does set up this database entries?

if this is the case you probably want to look for an option in that panel where you can deactivate mail-services for example.org...

4n0nx

Falzo said: so why should example.org then be in the virtual_mailbox_domain? this may be related to a control panel your are probably using, which does set up this database entries?

if this is the case you probably want to look for an option in that panel where you can deactivate mail-services for example.org...

1. client adds domain and uses my mail server for a while
2. client moves to a different mail server but does not remove domain in his account on my server
3. my server continues to deliver mail sent from my server to this domain to itself, instead of the new server

sleddog

Write a script to retrieve the virtual_mailbox_domain list. For each domain in the list, retrieve the MX records. If they don't match your MX records, send an email to yourself, flagging the domain for attention (or remove it from the virtual_mailbox_domain list via the script if you feel confident doing that). Cron the script to run each night.