Configuring Postfix with virtual domains using MySQL

This page is out of date, it has been replaced by a newer version which you can find here.

Configuring Postfix means editing a lot of separate files, I’ll only note the settings that differ from the default settings. Also added you’ll find the files used for configuring the use of the MySQL database we defined earlier.

First you need to know the UID and the GID for the built-in postfix user. This is needed because both the postfix daemon and the Courier daemon need secure access to the virtaul mailbox directory. You can find out how to do this by reading this blogpost on the subject. In the configuration example below I used the value of 27, which was found on all systems I used so far.

Secondly we start by editing the configuration file located in the directory /etc/postfix/ (before you start changing make a copy of the original file for safe keeping). Please note that only the difference from the default settings is documented:
queue_directory = /private/var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
mail_owner = postfix
# The hostname is preferably the hostname you get from your ISP.
# Otherwise take the one from your primary domain
myhostname = server.isp-domain.tld
# Let this point to your primary registered domain
mydomain = domain.tld
# receive mail on all network interfaces.
inet_interfaces = all
# reject all mail for unknown users.
unknown_local_recipient_reject_code = 550
debug_peer_level = 2
# my additions for the virtual domain administration
# to use the MySQL database.
virtual_alias_maps = mysql:/etc/postfix/
virtual_gid_maps = static:27
virtual_mailbox_base = /usr/local/virtual/
virtual_mailbox_domains = mysql:/etc/postfix/
virtual_mailbox_limit = 51200000
virtual_mailbox_maps = mysql:/etc/postfix/
virtual_minimum_uid = 27
virtual_transport = virtual
virtual_uid_maps = static:27
# The settings for the SASL authentication using the autdaemon.
smtpd_recipient_restrictions =

enable_server_options = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl2_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_application_name = smtpd
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes
smtpd_use_pw_server = yes
smtpd_pw_server_security_options = plain,login,cram-md5
server_enabled = 1
smtpd_helo_required = yes
disable_vrfy_command = yes
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_etrn_restrictions = reject

As a last step there are the new files that are to be created to accommodate the MySQL access for the user administration. The are to be created in the directory /etc/postfix.
user = postfix
password = postfix
hosts =
dbname = postfix
query = SELECT goto FROM alias WHERE address='%s' AND active = 1
user = postfix
password = postfix
hosts =
dbname = postfix
query = SELECT domain FROM domain WHERE domain='%s'
#optional query to use when relaying for backup MX
#query = SELECT domain FROM domain WHERE domain='%s' and backupmx = '0' and active = '1'
user = postfix
password = postfix
hosts =
dbname = postfix
query = SELECT maildir FROM mailbox WHERE username='%s' AND active = 1

Next page ->, configuring the authentication module.

Comments are closed, to find out why read this blogpost for the reason and directions to alternatives.