postfix nags about a domain in BOTH relay_domains and virtual_alias_domains, when it isn’t
I’ve been struggling with the following warning in postfix for a while now:
postfix/trivial-rewrite[xxxx]: warning: do not list domain subdomain.blarg.org in BOTH virtual_alias_domains and relay_domains
The problem is, I’m not listing it in both. I swear.
% postconf relay_domains relay_domains = $mydestination % postconf mydestination mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain % postconf virtual_alias_domains virtual_alias_domains = subdomain.blarg.org
I finally tracked it down today to a relatively obscure (to me, anyway) feature in postfix that causes subdomains to be implicitly matched for certain coniguration parameters. From postconf(5):
parent_domain_matches_subdomains (default: see postconf -d output)
What Postfix features match subdomains of “domain.tld” automatically, instead of requiring an explicit “.domain.tld” pattern. This is planned backwards compatibility: eventually, all Postfix features are expected to require explicit “.domain.tld” style patterns when you really want to match subdomains.
This was exactly what was happening in my case. I was being explicit in my relay_domains and mydestinations, but postfix was matching subdomains for relay_domains:
% postconf parent_domain_matches_subdomains parent_domain_matches_subdomains = debug_peer_list,fast_flush_domains,mynetworks,permit_mx_backup_networks,qmqpd_authorized_clients,relay_domains,smtpd_access_maps
Since this is a feature with planned obsolescence that I’m not really using anyway (afaik), I just completely disabled it:
# Fixes the "do not list domain in BOTH" nags, also the future default behavior # To enable subdomain matching, use .domain.com parent_domain_matches_subdomains =
Apparently it’s still possible to explicitly use subdomain matching by specifying the domain as .blarg.org, which makes things a lot more self-evident, anyway.