Send local generated mails via gateway back to LDA Dovecot

Dauser Martin Johannes mdauser at cs.sbg.ac.at
Wed Apr 1 23:33:34 EEST 2020 

Well as you need LDA to deliver emails from postfix to dovecot,  you can't just turn it off. What you need is a second smtp daemon within postfix, which is only responsible for local originating emails and is configured to send any email to your gateway. This way your second smtpd will send local generated mails to your gateway. The gateway will send those mails back to your default smtpd and this one will deliver those mails to dovecot -- or where ever you configured them to go to.

As email addresses like localpart at localhost aren't useful for your gateway, you need to (canonical) rewrite those addresses to an official address.

---------------------------------------------------------------

This means your default smtpd must not listen on localhost anymore.
The default entry in master.cf like "smtp  inet  n  -  n  -  -  smtpd" means that the smtpd listens on any interface on smtp port number 25. Now you need it to listen on the smtp port of your official IP address only. Therefore we will override inet_interfaces from main.cf .

Your second smtpd, newly defined in master.cf, inherits the default values from main.cf too, so you need to adjust only some. Well and this daemon will listen on localhost only.

Note1: This config runs without a chroot environment! If you do, some extra adjustments might be necessary. (I don't know for sure.)

Note2: Lines starting with dash (-) should be removed in your config and those beginning with plus (+) should be added. Angled brackets (<>) indicate a placeholder and they should not be present in your config.


/etc/postfix/master.cf
# ==========================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
# ==========================================================
-smtp       inet  n       -       n       -       -       smtpd
+smtp       inet  n       -       n       -       -       smtpd
+      # Incomming mails only from real IP address
           -o inet_interfaces=<IP mailserver>

+127.0.0.1:25           inet   n      -       n       -       -       smtpd
+      # Incomming mails only from loopback device 
+      # use only if appropriate in your case (postfix version >=2.2) 
+        -o inet_interfaces=loopback-only
+      # Incomming mails only from localhost 
+      # use only if appropriate in your case (postfix version < 2.2)
+        -o inet_interfaces=localhost,127.0.0.1
+      # Empty mydestination to disable local transport
+        -o mydestination=
+      # disable LDA delivery by emptying corresponding config entries
+      # you either use mailbox_command or virtual_mailbox_domains
+        -o mailbox_command=
+        -o virtual_mailbox_domains=
+      # Use this IP address as client to connect to gateway
+        -o smtp_bind_address=<IP mailserver>
+      # Canonical rewrite for sender and recipient addresses with @localhost
+        -o canonical_maps = pcre:/etc/postfix/canonical_localhost.pcre

---------------------------------------------------------------

New file /etc/postfix/canonical_localhost.pcre
# This is a Perl Compatible Regular Expression table,
# so no postmap command is needed.

# Address something at localhost becomes something@<yourmaildomain.tld>
# or 
# address something at localhost becomes root@<yourmaildomain.tld>
# CHOOSE ONLY ONE !
#
#/^(.+)@localhost$/   $1@<yourmaildomain.tld>
/^.+ at localhost$/   root@<yourmaildomain.tld>

---------------------------------------------------------------

Local generated mails, that have no domain information should append the string $mydomain instead of default $myorigin (which normally is the FQDN of your mailserver).

/etc/postfix/main.cf
- append_at_myorigin = yes
+ append_at_myorigin = no

- append_dot_mydomain = no
+ append_dot_mydomain = yes

---------------------------------------------------------------

I guess you already set $relayhost but you can set fallbacks too.

/etc/postfix/main.cf
relayhost = <gateway.domain.tld>

+# Optional list of relay hosts 
+smtp_fallback_relay = <IP of your gateway>,
                      <secondary gateway if available>

---------------------------------------------------------------

Of course you need to restart postfix to apply these changes. 
AND if something breaks don't hold me responsible, use this config at your own risk!

Martin


On Dienstag, 31. März 2020 18:35:07 CEST Adam Raszkiewicz wrote:
> Hi,
> 
> Is there any way to disable Dovecot LDA? I want to always send email via
> postfix and relay server even it will be a local delivery within the
> Dovecot server
 
> Thanks,
> Adam

More information about the dovecot mailing list