Convert from basic to virtual

Mon Oct 15 07:06:05 EDT 2012

Hi list(s),

A few years ago we setup a simple postfix+Cyrus Mail server in the 
office (running on Ubuntu server). Across the years, we configured it to 
send and access our mails from various sources (in the office with tb, 
on the road though webgui, and recently through smartphones). All is 
well in the best of worlds. It is really basic configuration with its 
own certificate with a single domain name.

Recently, we purchased two new domain names for a new project and wanted 
to include them to our mail server. I went on reading the postfix doc 
for virtual domains and got lost. Our mail users are independant from 
the linux users (virtual users) and I found a configuration description 
that looked like what I wanted. It seems the way to go, especially if we 
want to continue to add more domains in the future. However, I am not 
sure how to convert from our basic setup to a virtual domain setup, 
especially since I cannot find where and how to configure certificates 
per domain on a server with a single public IP.

Does anyone have experience in converting from one to the other, and 
willing to give me pointers in my conversion process. Downtime is not a 
problem, but not losing the mailboxes is.

I am cross posting on both Postfix and Cyrus list, since I am not sure 
where to get the answer from.

My current configuration is as follow:

Postconf -n

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
disable_vrfy_command = yes
inet_interfaces = all
mailbox_size_limit = 0
mailbox_transport = lmtp:unix:/var/run/cyrus/socket/lmtp
message_size_limit = 20480000
mydestination = mail.solipym.com, solipym, localhost.localdomain, localhost
myhostname = mail.solipym.com
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128,192.168.1.0/24
myorigin = /etc/mailname
policyd-spf_time_limit = 3600
readme_directory = no
recipient_delimiter = +
relayhost = smtp.movistar.es
sender_canonical_maps = mysql:/etc/postfix/mysql-canonical.cf
smtp_cname_overrides_servername = no
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
smtp_sasl_type = cyrus
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_client_restrictions = permit_mynetworks, 
permit_sasl_authenticated, check_client_access hash:/etc/postfix/access
smtpd_delay_reject = yes
smtpd_error_sleep_time = 15s
smtpd_hard_error_limit = 20
smtpd_helo_required = yes
smtpd_recipient_restrictions = permit_sasl_authenticated, 
permit_mynetworks, reject_unauth_destination, reject_invalid_hostname, 
reject_non_fqdn_hostname, reject_non_fqdn_sender, 
reject_non_fqdn_recipient, reject_unknown_sender_domain, 
reject_unknown_recipient_domain, reject_unauth_pipelining, 
reject_rbl_client bl.spamcop.net, reject_rbl_client zen.spamhaus.org, 
reject_rbl_client blackholes.easynet.nl, reject_rbl_client 
dnsbl.njabl.org, reject_rbl_client dul.dnsbl.sorbs.net, 
check_policy_service unix:private/policyd-spf
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = smtpd
smtpd_sender_restrictions = reject_non_fqdn_sender, check_sender_access 
hash:/etc/postfix/access, check_sender_mx_access hash:/etc/postfix/access
smtpd_soft_error_limit = 10
smtpd_tls_CAfile = /etc/ssl/certs/root.crt
smtpd_tls_cert_file = /etc/ssl/certs/server_mail_solipym_com.pem
smtpd_tls_key_file = /etc/ssl/private/server.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql-mydestination.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual.cf
virtual_transport = lmtp:unix:/var/run/cyrus/socket/lmtp

Thanks for your help,

Dominique