Virtual users / mailbox aliases and PMG

Lazarus

Member
Apr 26, 2019
19
1
23
124
How does PMG handle virtual users and aliases?

I've got PMG in front of Postfix. Postfix is looking up domains, users and aliases in MySQL. When domain is added in MySQL, I also add the domain in PMG with an API call to /config/domains.

Does/can PMG know about the alias first.lastname@domain.tld pointing at username@domain.tld? I think this is doable if LDAP gets involved, but perhaps that's just my imagination.

If PMG can know about the aliases somehow, it could, I suppose deliver directly to Dovecot's LMTP and never touch Postfix. Is this a correct assumption?
 
How does PMG handle virtual users and aliases?
in it's default configuration - it simply doesn't (apart from the collecting the spamreport for all aliases stored in LDAP)

PMG is meant to be a proxy between the internet and your downstream mail-server (which handles aliases).

You can modify the postfix configuration using the templating system:
https://pmg.proxmox.com/pmg-docs/pmg-admin-guide.html#pmgconfig_template_engine

however given that postfix is not too heavy - I'd suggest keeping it in place on your downstream server to handle aliases.

(you can configure your default-relay to be an lmtp server in the GUI though)

I hope this helps!
 
  • Like
Reactions: Fra
Wouldn't that mean that alias1 and alias2 would each get a spam report sent to them, as PMG has no idea that they're actually the same mailbox?
 
Wouldn't that mean that alias1 and alias2 would each get a spam report sent to them, as PMG has no idea that they're actually the same mailbox?
yes - if you use aliases w/o LDAP, and have configured the spam-quarantine this is the result - the spamreport is generated for each address.
 
Maybe it’s time to look at migrating from MySQL to LDAP then. It can’t be done with API, right? Either have pmg lookup via external api or have internal db/ldap and add/remove aliases via PMG’s API.
 
I am on this, too.

what are the pro/cons of setting the transport protocol to LMTP (with a postfix/dovecot behind the Pmg)? I'm just curious: we have SMTP and everything works well and we are about to go in production: I just want to be sure we are not missing important features/benefits.
 
If you’ve got Postfix or such in between you don’t need LMTP, and will do just fine with SMTP. But you can go direct to Dovecot with LMTP, which also alows for automatic indexing / full text search and scripting/sorting with Sieve.

I’m currently looking at either OpenLDAP with MySQL backend, or a NodeJS-tool that translates between ldap/sql. Either of these tools will allow me to keep the current structure, but merge aliases into the main user account.

I’ll probably keep a Postfix instance aswell, as that opens up other deliver methods and scripting. But primarily, PMG will lookup against LDAP and LMTP-deliver to Dovecot.
 
  • Like
Reactions: Fra

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!