.TH VIRTUAL 5
.ad
.fi
.SH NAME
virtual
\-
Postfix virtual alias table format
.SH "SYNOPSIS"
.na
.nf
\fBpostmap /etc/postfix/virtual\fR
\fBpostmap -q "\fIstring\fB" /etc/postfix/virtual\fR
\fBpostmap -q - /etc/postfix/virtual <\fIinputfile\fR
.SH DESCRIPTION
.ad
.fi
The optional \fBvirtual\fR(5) alias table rewrites recipient
addresses for all local, all virtual, and all remote mail
destinations.
This is unlike the \fBaliases\fR(5) table which is used
only for \fBlocal\fR(8) delivery. Virtual aliasing is
recursive, and is implemented by the Postfix \fBcleanup\fR(8)
daemon before mail is queued.
The main applications of virtual aliasing are:
.IP \(bu
To redirect mail for one address to one or more addresses.
.IP \(bu
To implement virtual alias domains where all addresses are aliased
to addresses in other domains.
.sp
Virtual alias domains are not to be confused with the virtual mailbox
domains that are implemented with the Postfix \fBvirtual\fR(8) mail
delivery agent. With virtual mailbox domains, each recipient address
can have its own mailbox.
.PP
Virtual aliasing is applied only to recipient
envelope addresses, and does not affect message headers.
Use \fBcanonical\fR(5)
mapping to rewrite header and envelope addresses in general.
Normally, the \fBvirtual\fR(5) alias table is specified as a text file
that serves as input to the \fBpostmap\fR(1) command.
The result, an indexed file in \fBdbm\fR or \fBdb\fR format,
is used for fast searching by the mail system. Execute the command
"\fBpostmap /etc/postfix/virtual\fR" to rebuild an indexed
file after changing the corresponding text file.
When the table is provided via other means such as NIS, LDAP
or SQL, the same lookups are done as for ordinary indexed files.
Alternatively, the table can be provided as a regular-expression
map where patterns are given as regular expressions, or lookups
can be directed to TCP-based server. In those case, the lookups
are done in a slightly different way as described below under
"REGULAR EXPRESSION TABLES" or "TCP-BASED TABLES".
.SH "CASE FOLDING"
.na
.nf
.ad
.fi
The search string is folded to lowercase before database
lookup. As of Postfix 2.3, the search string is not case
folded with database types such as regexp: or pcre: whose
lookup fields can match both upper and lower case.
.SH "TABLE FORMAT"
.na
.nf
.ad
.fi
The input format for the \fBpostmap\fR(1) command is as follows:
.IP "\fIpattern result\fR"
When \fIpattern\fR matches a mail address, replace it by the
corresponding \fIresult\fR.
.IP "blank lines and comments"
Empty lines and whitespace-only lines are ignored, as
are lines whose first non-whitespace character is a `#'.
.IP "multi-line text"
A logical line starts with non-whitespace text. A line that
starts with whitespace continues a logical line.
.SH "TABLE SEARCH ORDER"
.na
.nf
.ad
.fi
With lookups from indexed files such as DB or DBM, or from networked
tables such as NIS, LDAP or SQL, patterns are tried in the order as
listed below:
.IP "\fIuser\fR@\fIdomain address, address, ...\fR"
Redirect mail for \fIuser\fR@\fIdomain\fR to \fIaddress\fR.
This form has the highest precedence.
.IP "\fIuser address, address, ...\fR"
Redirect mail for \fIuser\fR@\fIsite\fR to \fIaddress\fR when
\fIsite\fR is equal to $\fBmyorigin\fR, when \fIsite\fR is listed in
$\fBmydestination\fR, or when it is listed in $\fBinet_interfaces\fR
or $\fBproxy_interfaces\fR.
.sp
This functionality overlaps with functionality of the local
\fIaliases\fR(5) database. The difference is that \fBvirtual\fR(5)
mapping can be applied to non-local addresses.
.IP "@\fIdomain address, address, ...\fR"
Redirect mail for other users in \fIdomain\fR to \fIaddress\fR.
This form has the lowest precedence.
.sp
Note: @\fIdomain\fR is a wild-card. With this form, the
Postfix SMTP server accepts
mail for any recipient in \fIdomain\fR, regardless of whether
that recipient exists. This may turn your mail system into
a backscatter source: Postfix first accepts mail for
non-existent recipients and then tries to return that mail
as "undeliverable" to the often forged sender address.
.SH "RESULT ADDRESS REWRITING"
.na
.nf
.ad
.fi
The lookup result is subject to address rewriting:
.IP \(bu
When the result has the form @\fIotherdomain\fR, the
result becomes the same \fIuser\fR in \fIotherdomain\fR.
This works only for the first address in a multi-address
lookup result.
.IP \(bu
When "\fBappend_at_myorigin=yes\fR", append "\fB@$myorigin\fR"
to addresses without "@domain".
.IP \(bu
When "\fBappend_dot_mydomain=yes\fR", append
"\fB.$mydomain\fR" to addresses without ".domain".
.SH "ADDRESS EXTENSION"
.na
.nf
.fi
.ad
When a mail address localpart contains the optional recipient delimiter
(e.g., \fIuser+foo\fR@\fIdomain\fR), the lookup order becomes:
\fIuser+foo\fR@\fIdomain\fR, \fIuser\fR@\fIdomain\fR, \fIuser+foo\fR,
\fIuser\fR, and @\fIdomain\fR.
The \fBpropagate_unmatched_extensions\fR parameter controls whether
an unmatched address extension (\fI+foo\fR) is propagated to the
result of table lookup.
.SH "VIRTUAL ALIAS DOMAINS"
.na
.nf
.ad
.fi
Besides virtual aliases, the virtual alias table can also be used
to implement virtual alias domains. With a virtual alias domain, all
recipient addresses are aliased to addresses in other domains.
Virtual alias domains are not to be confused with the virtual mailbox
domains that are implemented with the Postfix \fBvirtual\fR(8) mail
delivery agent. With virtual mailbox domains, each recipient address
can have its own mailbox.
With a virtual alias domain, the virtual domain has its
own user name space. Local (i.e. non-virtual) usernames are not
visible in a virtual alias domain. In particular, local
\fBaliases\fR(5) and local mailing lists are not visible as
\fIlocalname@virtual-alias.domain\fR.
Support for a virtual alias domain looks like:
.nf
/etc/postfix/main.cf:
virtual_alias_maps = hash:/etc/postfix/virtual
.fi
Note: some systems use \fBdbm\fR databases instead of \fBhash\fR.
See the output from "\fBpostconf -m\fR" for available database types.
.nf
/etc/postfix/virtual:
\fIvirtual-alias.domain anything\fR (right-hand content does not matter)
\fIpostmaster@virtual-alias.domain postmaster\fR
\fIuser1@virtual-alias.domain address1\fR
\fIuser2@virtual-alias.domain address2, address3\fR
.fi
.sp
The \fIvirtual-alias.domain anything\fR entry is required for a
virtual alias domain. \fBWithout this entry, mail is rejected
with "relay access denied", or bounces with
"mail loops back to myself".\fR
Do not specify virtual alias domain names in the \fBmain.cf
mydestination\fR or \fBrelay_domains\fR configuration parameters.
With a virtual alias domain, the Postfix SMTP server
accepts mail for \fIknown-user@virtual-alias.domain\fR, and rejects
mail for \fIunknown-user\fR@\fIvirtual-alias.domain\fR as undeliverable.
Instead of specifying the virtual alias domain name via
the \fBvirtual_alias_maps\fR table, you may also specify it via
the \fBmain.cf virtual_alias_domains\fR configuration parameter.
This latter parameter uses the same syntax as the \fBmain.cf
mydestination\fR configuration parameter.
.SH "REGULAR EXPRESSION TABLES"
.na
.nf
.ad
.fi
This section describes how the table lookups change when the table
is given in the form of regular expressions. For a description of
regular expression lookup table syntax, see \fBregexp_table\fR(5)
or \fBpcre_table\fR(5).
Each pattern is a regular expression that is applied to the entire
address being looked up. Thus, \fIuser@domain\fR mail addresses are not
broken up into their \fIuser\fR and \fI@domain\fR constituent parts,
nor is \fIuser+foo\fR broken up into \fIuser\fR and \fIfoo\fR.
Patterns are applied in the order as specified in the table, until a
pattern is found that matches the search string.
Results are the same as with indexed file lookups, with
the additional feature that parenthesized substrings from the
pattern can be interpolated as \fB$1\fR, \fB$2\fR and so on.
.SH "TCP-BASED TABLES"
.na
.nf
.ad
.fi
This section describes how the table lookups change when lookups
are directed to a TCP-based server. For a description of the TCP
client/server lookup protocol, see \fBtcp_table\fR(5).
This feature is not available up to and including Postfix version 2.4.
Each lookup operation uses the entire address once. Thus,
\fIuser@domain\fR mail addresses are not broken up into their
\fIuser\fR and \fI@domain\fR constituent parts, nor is
\fIuser+foo\fR broken up into \fIuser\fR and \fIfoo\fR.
Results are the same as with indexed file lookups.
.SH BUGS
.ad
.fi
The table format does not understand quoting conventions.
.SH "CONFIGURATION PARAMETERS"
.na
.nf
.ad
.fi
The following \fBmain.cf\fR parameters are especially relevant to
this topic. See the Postfix \fBmain.cf\fR file for syntax details
and for default values. Use the "\fBpostfix reload\fR" command after
a configuration change.
.IP \fBvirtual_alias_maps\fR
List of virtual aliasing tables.
.IP \fBvirtual_alias_domains\fR
List of virtual alias domains. This uses the same syntax
as the \fBmydestination\fR parameter.
.IP \fBpropagate_unmatched_extensions\fR
A list of address rewriting or forwarding mechanisms that propagate
an address extension from the original address to the result.
Specify zero or more of \fBcanonical\fR, \fBvirtual\fR, \fBalias\fR,
\fBforward\fR, \fBinclude\fR, or \fBgeneric\fR.
.PP
Other parameters of interest:
.IP \fBinet_interfaces\fR
The network interface addresses that this system receives mail on.
You need to stop and start Postfix when this parameter changes.
.IP \fBmydestination\fR
List of domains that this mail system considers local.
.IP \fBmyorigin\fR
The domain that is appended to any address that does not have a domain.
.IP \fBowner_request_special\fR
Give special treatment to \fBowner-\fIxxx\fR and \fIxxx\fB-request\fR
addresses.
.IP \fBproxy_interfaces\fR
Other interfaces that this machine receives mail on by way of a
proxy agent or network address translator.
.SH "SEE ALSO"
.na
.nf
cleanup(8), canonicalize and enqueue mail
postmap(1), Postfix lookup table manager
postconf(5), configuration parameters
canonical(5), canonical address mapping
.SH "README FILES"
.na
.nf
.ad
.fi
Use "\fBpostconf readme_directory\fR" or
"\fBpostconf html_directory\fR" to locate this information.
.na
.nf
ADDRESS_REWRITING_README, address rewriting guide
DATABASE_README, Postfix lookup table overview
VIRTUAL_README, domain hosting guide
.SH "LICENSE"
.na
.nf
.ad
.fi
The Secure Mailer license must be distributed with this software.
.SH "AUTHOR(S)"
.na
.nf
Wietse Venema
IBM T.J. Watson Research
P.O. Box 704
Yorktown Heights, NY 10598, USA