# cat /etc/postfix/main.cf
myhostname = mail.example.com
relayhost = [127.0.0.1]:12345
+ smtp_generic_maps = regexp:/etc/postfix/generic
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/saslpass
- sender_canonical_maps = hash:/etc/postfix/sender_canonical
+ …
+ # cat /etc/postfix/generic
+ /^jdoe@(.*)$/ jdoe@example.com
+ /^root@(.*)$/ jdoe@example.com
+ # postmap /etc/postfix/generic
# cat /etc/postfix/saslpass
[127.0.0.1]:12345 jdoe@verizon.net:YOURPASS
# postmap /etc/postfix/saslpass
- # cat /etc/postfix/sender_canonical
- root@mail.example.com jdoe@example.com
- root@example.com jdoe@example.com
- root@localhost jdoe@example.com
- jdoe@mail.example.com jdoe@example.com
- jdoe@localhost jdoe@example.com
- # postmap /etc/postfix/sender_canonical
# cat /etc/stunnel/stunnel.conf
[smtp-tls-wrapper]
accept = 12345
Here's what's going on:
* You hand an outgoing message to your local Postfix, which decides to
- send it via port `12345` on your localhost (`127.0.0.1`) (`relayhost`).
+ send it via port `12345` on your localhost (`127.0.0.1`) ([relayhost][]).
* Stunnel picks up the connection from Postfix, encrypts everything,
and forwards the connection to port 465 on `outgoing.verizon.net`
(`stunnel.conf`).
-* Postfix identifies itself as `mail.example.com` (`myhostname`), and
+* Postfix identifies itself as `mail.example.com` ([myhostname][]), and
authenticates using your Verizon credentials (`smtp_sasl_…`).
* Because Verizon is picky about the `From` addresses it will accept,
- we use `sender_canonical` to map addresses to something simple that
- we've tested.
+ we use [smtp_generic_maps][] to map addresses to something simple
+ that we've tested.
And that's it :p. If you're curious, there's more detail about all
-the Postfix config options in the [postconf][] man page, and there's
-good SASL information in the [SASL_README][].
+the Postfix config options in the [postconf][] man page. You might
+also want to look over the [SASL_README][] and
+[ADDRESS_REWRITING_README][].
+
+For the [generic][] mapping, I've used a [regexp table][regexp], that
+way I don't have to map a bunch of possible original addresses by
+hand. By using [smtp_generic_maps][] instead of [canonical_maps][],
+we only remap addresses before they head off into the wider world. If
+we used [canonical_maps][], we would remap all incoming mail, even
+mail destined for local delivery.
There's also a [blog post by Tim White][TW] which I found useful.
Because Verizon lacks [STARTTLS][] support, his approach didn't work
Incoming mail
=============
-In case you have trouble with someone blocking your incoming mail, things are a bit trickier. You can always accept mail on different ports (e.g. the submission port 587), with an entry like
+In case you have trouble with someone blocking your incoming mail,
+things are a bit trickier. You can always accept mail on different
+ports (e.g. the submission port 587), with an entry like
submission inet n - n - - smtpd
site][host].
[Postfix]: http://www.postfix.org/
+[relayhost]: http://www.postfix.org/postconf.5.html#relayhost
+[myhostname]: http://www.postfix.org/postconf.5.html#myhostname
+[smtp_generic_maps]: http://www.postfix.org/postconf.5.html#smtp_generic_maps
[postconf]: http://www.postfix.org/postconf.5.html
[SASL_README]: http://www.postfix.org/SASL_README.html
+[ADDRESS_REWRITING_README]: http://www.postfix.org/ADDRESS_REWRITING_README.html
+[generic]: http://www.postfix.org/generic.5.html
+[regexp]: http://www.postfix.org/regexp_table.5.html
+[canonical_maps]: http://www.postfix.org/postconf.5.html#canonical_maps
[TW]: http://www.zulius.com/how-to/set-up-postfix-with-a-remote-smtp-relay-host/
[STARTTLS]: http://en.wikipedia.org/wiki/STARTTLS
[MX]: http://en.wikipedia.org/wiki/MX_record
projects / blog.git / blobdiff