After following the Postfix, Virtual Users on FC5 howto, do "system" accounts (ie, those in /etc/aliases such as webmaster, abuse, etc) need to be set up manually for each domain? I'm seeing this both ways and not sure which is right. The examples for the forwardings table lookup only show the domain half of the address as an option (for mass-forwarding, that is), which suggests that there must be many accounts and boxes: webmaster@domain1, webamster@domain2, webmaster@domain3, etc. However, looking at the actual SQL code for the forwardings cf lookup, it shows only a generic '%s' for the input. This means I can forward based upon any group of characters, yes? This would mean I can enter a row with 'webmaster@' and 'myAdminAddress@domain' to forward mail for webmaster@anyValidDomain to a single mailbox, doesn't it?. That looks right to me, but I'd like confirmation. Just want to make sure I'm not overlooking something simple. If that's the case, is the webmaster example above the most efficient way to set this up? That is, having the same system account across multiple domains go to the same system account at the primary domain. Or is it better to forward important system accounts from each domain to a single domain_admin@ each?
While I'm at it, here's another question: is forwarding set up so that I can accept mail for a non-existant address and forward it to a real address (or another fake that eventually gets to a real address)? I suppose this question really comes down to the essence of the question of another poster from today: in what order do the checks happen? My point in asking is that if I set up postmaster@someVirtualDomain to forward to postmaster@primaryDomain, does the virtual postmaster need a mailbox on the system, or does the delivery process seek out the true final desination before dropping the message in a box?
I've answered this one for myself through experimentation. I can indeed accept mail for non-existant addresses for listed domains as long as there is a valid final recipient in the forwarding table (and, of course, in the user table). I have a non-user webmaster@domain3 forwarding to a non-user domain_master@domain1 forwarding to a real user somebody@domain1. Maildirs are not created for the non-users in the process.
Well, since no one has an opinion, I'll post what I've done. I set up three different "system" users (webmaster, postmaster, and abuse) in the forwarding table, but not the user table, for each domain. These three fake users are forwarded to fellow fake user domain_master@myPrimaryDomain. Then domain_master is forwarded to the sysadmin - me. I arranged it this way so that when there is staff change (when I leave), the next admin only has to change one address in the forwarding table instead of all. I haven't tried it yet, but I think the forwarding table will work with generic address portions such as "webmaster@". This would allow for a smaller table as then there would only be need for (in my case) system entries, eg webmaster@, postmaster@, and abuse@. I intend to test this. If I'm correct, this would be a better arrangement, I think.
You can create system users (i.e. users, that are listed in /etc/passwd) only for domains that are not listed in the MySQL domains table. The domains of the system users must then be listed in the mydestination line in /etc/postfix/main.cf. But of course, you can make webmaster, postmaster, etc. virtual users.
