I have a postfix service configured on a linux server to successfully send/receive email, with SPF/DKIM/DMARC all working, however I don't want email kept on the server. Instead I would like email addressed to any local account (e.g. [email protected], [email protected]) whether it is generated locally by something like cron, or whether it is received externally (e.g. by someone replying to a locally generated email from a system account), to be routed to one or more external addresses - [email protected], [email protected]. This is complicated by not wanting a catchall - I have to continue to reject mail received for invalid local addresses (e.g. [email protected]).
regexp alias_maps of /.+/ and luser_relay don't achieve the outcome, as they forward on emails addressed to non-existent accounts. I still need to verify local_recipient_maps via proxy:unix:passwd.byname to determine it is a local account and bounce if it is not, but at that point, I'm struggling to figure out how to tell postfix to just send to a fixed external address. I suspect the answer lies in master.cf but haven't been able to find a way to do it. Any help/advice appreciated.
Update #1
I currently have it doing what I need by replacing the "local" entry in /etc/postfix/master.cf with the following:
local unix - n n - - pipe
flags=R user=nobody argv=/usr/sbin/sendmail [email protected]
however this feels like an inelegant hack as it leaves and then re-enters the mail system. I know using "nobody" as the account is flawed, and if I stick with this I'll create a custom "owns no files" account for it, but I'm hoping there's a postfix expert out there with a more efficient solution.
Anything that requires maintaining a duplicate list of local users (e.g. maintaining a shadow of all accounts in /etc/passwd in the /etc/aliases file) isn't going to be acceptable as it duplicates data and requires an ongoing maintenance activity to resync the list whenever operating system accounts are added/deleted.
