Postfix + Maildrop Howto


This document discusses various options to plug the maildrop delivery agent into Postfix:

Direct delivery without the local delivery agent

Postfix can be configured to deliver mail directly to maildrop, without using the local(8) delivery agent as an intermediate. This means that you do not get local aliases(5) expansion or $HOME/.forward file processing. You would typically do this for hosted domains with recipients that don't have UNIX home directories.

The following example shows how to use maildrop for some.domain and for someother.domain. The example comes in two parts.

Part 1 describes changes to the file:

 1 /etc/postfix/
 2     maildrop_destination_recipient_limit = 1
 3     virtual_mailbox_domains = some.domain someother.domain
 4     virtual_transport = maildrop
 5     virtual_mailbox_maps = hash:/etc/postfix/virtual_mailbox
 6     virtual_alias_maps = hash:/etc/postfix/virtual_alias
 8 /etc/postfix/virtual_mailbox:
 9     user1@some.domain        ...text here does not matter...
10     user2@some.domain        ...text here does not matter...
11     user3@someother.domain   ...text here does not matter...
13 /etc/postfix/virtual_alias:
14     postmaster@some.domain           postmaster
15     postmaster@someother.domain      postmaster

The vmail userid as used below is the user that maildrop should run as. This would be the owner of the virtual mailboxes if they all have the same owner. If maildrop is suid (see maildrop documentation), then maildrop will change to the appropriate owner to deliver the mail.

Note: Do not use the postfix user as the maildrop user.

Part 2 describes changes to the file:

    maildrop  unix  -       n       n       -       -       pipe
      flags=ODRhu user=vmail argv=/path/to/maildrop -d ${recipient}

The pipe(8) manual page gives a detailed description of the above command line arguments, and more.

If you want to support user+extension@domain style addresses, use the following instead:

    maildrop  unix  -       n       n       -       -       pipe
      flags=ODRhu user=vmail argv=/path/to/maildrop 
      -d ${user}@${domain} ${extension} ${recipient} ${user} ${nexthop}

The mail is delivered to ${user}@${domain} (search key for maildrop userdb lookup). The ${extension} and the other address components are available to maildrop rules as $1, $2, $3, ... and can be omitted from or ignored by maildrop when not needed.

With Postfix 2.4 and earlier, use ${nexthop} instead of ${domain}.

Indirect delivery via the local delivery agent

Postfix can be configured to deliver mail to maildrop via the local delivery agent. This is slightly less efficient than the "direct" approach discussed above, but gives you the convenience of local aliases(5) expansion and $HOME/.forward file processing. You would typically use this for domains that are listed in mydestination and that have users with a UNIX system account.

To configure maildrop delivery for all UNIX system accounts:

    mailbox_command = /path/to/maildrop -d ${USER}

Note: ${USER} is spelled in upper case.

To enable maildrop delivery for specific users only, you can use the Postfix local(8) delivery agent's mailbox_command_maps feature:

    mailbox_command_maps = hash:/etc/postfix/mailbox_commands

    you    /path/to/maildrop -d ${USER}

Maildrop delivery for specific users is also possible by invoking it from the user's $HOME/.forward file:

    "|/path/to/maildrop -d ${USER}"