From: Wietse Venema Date: Sat, 7 Dec 2002 05:00:00 +0000 (-0500) Subject: postfix-1.1.12-20021207 X-Git-Tag: v2.0.0~10 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=dbed5008eac1ed150771f8b809cdbe2c3a6f771a;p=thirdparty%2Fpostfix.git postfix-1.1.12-20021207 --- diff --git a/postfix/.indent.pro b/postfix/.indent.pro index 1d142f92d..e66ba4755 100644 --- a/postfix/.indent.pro +++ b/postfix/.indent.pro @@ -145,6 +145,7 @@ -TSMTP_STATE -TSOCKADDR_SIZE -TSPAWN_ATTR +-TSTRING_LIST -TSTRING_TABLE -TSYS_EXITS_TABLE -TTOK822 diff --git a/postfix/HISTORY b/postfix/HISTORY index f5f58144a..602d353b2 100644 --- a/postfix/HISTORY +++ b/postfix/HISTORY @@ -7280,6 +7280,61 @@ Apologies for any names omitted. missing reject_rbl_mumble domain names. Patrik Rak. File: smtpd/smtpd_check.c. +20021203 + + Bugfix: the FILTER access table action included the FILTER + command in the filter request, where only the transport+destination + were expected. Noel Jones. File smtpd/smtpd_check.c. + + Cleanup: virtual_maps is now called virtual_alias_maps, in + order to better distinguish it from virtual_mailbox_maps. + The default value is $virtual_maps for backwards compatibility. + + New parameters virtual_alias_domains and virtual_mailbox_domains + for the "domain.tld whatever" lookups. These use the same + syntax as the mydestination parameter. Default settings + are backwards compatible with Postfix 1.1. + + Cleanup: just like $mydestination+$inet_interfaces control + what routes to $local_transport, $virtual_mailbox_domains + now controls what routes to $virtual_transport (default + transport: virtual), and $relay_domains now controls what + routes to $relay_transport (default transport: relay, a + clone of the smtp transport). Everything else routes to + $default_transport as before. This eliminates the need + for transport maps for virtual(8) domains, and avoids + performance problems with inbound relay mail. This was + improvement was suggested by Victor Duchovni. File: + trivial-rewrite/resolve.c. + +20021206 + + Cleanup: do allow regexps in aliases, virtual mailbox maps + but do not allow regular expression substitutions. Files: + util/dict.h, util/dict_regexp.c, util/dict_pcre.c. + +20021207 + + Performance: apparently, RFC 2821 blesses the use of CNAME + domain names in SMTP commands. This speeds things up a bit. + File: smtp/smtp_proto.c. + + Workaround: exclude error mailer destinations from transport + table lookups. File: trivial-rewrite/resolve.c. + + Cleanup: relocated_maps lookups moved to the trivial-rewrite + server. The queue manager no longer does any map lookups, + so it won't restart when maps change. This required that + resolver clients be prepared for the case that the resolver + reports it is unable to access a lookup table. This also + required that trivial-rewrite be running as multiple + processes to reduce the impact of table lookup latencies. + Files: *qmgr/qmgr_message.c, trivial-rewrite/resolve.c, + local/resolve.c, smtpd/smtpd_check.c, master/multi-server.c. + + Workaround: don't discard all DNS lookup results when one + has a malformed name or address. File: dns/dns_lookups.c. + Open problems: Low: revise other local delivery agent duplicate filters. @@ -7324,7 +7379,8 @@ Open problems: Low: postconf -e edits parameters that postconf won't list. - Low: with quoted-printable, perhaps use =46rom instead of >From. + Low: with quoted-printable, perhaps use =46rom instead of + >From. Low: make it easier to have local_recipient_maps turned on by default. This requires documentation of its existence diff --git a/postfix/README_FILES/MAILDROP_README b/postfix/README_FILES/MAILDROP_README new file mode 100644 index 000000000..4a82054b5 --- /dev/null +++ b/postfix/README_FILES/MAILDROP_README @@ -0,0 +1,39 @@ +The following information was kindly provided by Russell Mosemann, +with tips by Victor Duchovni for supporting user+foo@domain addresses. + +In order to use the maildrop transport for some domain, add an entry +to transport_maps for each domain similar to the following. + +/etc/postfix/transport: + some.domain maildrop: + someother.domain maildrop: + +Define the following variable in main.cf so that pipe will provide one +recipient at a time to maildrop. + +/etc/postfix/main.cf: + maildrop_destination_recipient_limit = 1 + +The vmail userid as used below is the user that maildrop should +run as. This would be the owner of the virtual mailboxes if they +all have the same owner. If maildrop is suid (see maildrop +documentation), then maildrop will change to the appropriate owner +to deliver the mail. Do not use the postfix user as the maildrop +user. + +/etc/postfix/master.cf: + maildrop unix - n n - - pipe + flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient} + +If you want to support user+extension@domain style addresses, use +the following instead: + +/etc/postfix/master.cf: + maildrop unix - n n - - pipe + flags=DRhu user=vmail argv=/usr/local/bin/maildrop + -d ${user}@${nexthop} ${extension} ${recipient} ${user} ${nexthop} + +The mail is delivered to ${user}@${nexthop} (match key for maildrop +userdb lookup). The ${extension} and the other address components +are available to maildrop rules as $1, $2, $3, ... and can be +omitted from master.cf or ignored by maildrop when not needed. diff --git a/postfix/README_FILES/VIRTUAL_README b/postfix/README_FILES/VIRTUAL_README index e783d12f6..52e44da86 100644 --- a/postfix/README_FILES/VIRTUAL_README +++ b/postfix/README_FILES/VIRTUAL_README @@ -59,6 +59,11 @@ virtual_mailbox_base litter the filesystem with mailboxes (or worse). While it could be set to "/", this isn't recommended. +virtual_mailbox_domains + + Specifies the list of domains that should be delivered to the + $virtual_transport delivery agent (default: virtual). + virtual_mailbox_maps Recipients are looked up in this map to determine the path to @@ -155,17 +160,20 @@ type. The command "postconf -m" displays possible lookup table types. /etc/postfix/main.cf: - local_transport = virtual + virtual_transport = virtual virtual_mailbox_base = /var/mail/vhosts virtual_mailbox_maps = hash:/etc/postfix/vmailbox virtual_minimum_uid = 100 virtual_uid_maps = hash:/etc/postfix/vuid virtual_gid_maps = hash:/etc/postfix/vgid - # All domains that are listed in $mydestination are delivered - # with $local_transport, which is the virtual delivery agent. + # Don't send mail to the local delivery agent. + mydestination = - mydestination = + # All domains that are listed in $virtual_mailbox_domains + # are delivered via $virtual_transport, which is the virtual + # delivery agent by default. + virtual_mailbox_domains = $myhostname localhost.$mydomain virtual1.domain virtual2.domain Define a virtual delivery agent if the entry doesn't already exist: @@ -213,12 +221,13 @@ type. The command "postconf -m" displays possible lookup table types. /etc/postfix/main.cf: + virtual_transport = virtual virtual_mailbox_base = /var/mail/vhosts virtual_mailbox_maps = hash:/etc/postfix/vmailbox + virtual_mailbox_domains = $virtual_mailbox_maps virtual_minimum_uid = 100 virtual_uid_maps = static:5000 virtual_gid_maps = static:5000 - transport_maps = hash:/etc/postfix/transport # All domains that are delivered by the local delivery agent. @@ -233,20 +242,72 @@ Define a virtual delivery agent if the entry doesn't already exist: /etc/postfix/master.cf: virtual unix - n n - - virtual -Route virtual domains to the virtual delivery agent: - - /etc/postfix/transport: - virtual1.domain virtual - virtual2.domain virtual - Example recipients, one UNIX-style mailbox, one qmail-style maildir: /etc/postfix/vmailbox: + test1@virtual1.domain test1 + test2@virtual2.domain test2/ + + /etc/postfix/vmaildomains: virtual1.domain required to prevent relay access denied errors virtual2.domain required to prevent relay access denied errors + +Execute something like the following commands for each mailbox recipient: + + # touch /var/mail/vhosts/test1 + # chown 5000:5000 /var/mail/vhosts/test1 + +Execute something like the following commands for each maildir recipient: + + # mkdir /var/mail/vhosts/test2 + # chown 5000:5000 /var/mail/vhosts/test2 + +Remember that each domain is required to have a postmaster contact +address. + +Example 3: hosting many virtual users +===================================== + +Example 2 is fine if you host only a few virtual users. With many +users you will want to separate the information that changes often +(the user addresses) from the information that changes rarely (the +names of hosted domains). + +This example is the same as above, but it uses a separate table for +specifying the virtual domain names. + + /etc/postfix/main.cf: + virtual_transport = virtual + virtual_mailbox_base = /var/mail/vhosts + virtual_mailbox_maps = hash:/etc/postfix/vmailbox + virtual_mailbox_domains = hash:/etc/postfix/vmaildomains + virtual_minimum_uid = 100 + virtual_uid_maps = static:5000 + virtual_gid_maps = static:5000 + + # All domains that are delivered by the local delivery agent. + + mydestination = $myhostname $localhost.$mydomain + + # Reject unknown local recipients at the SMTP port. + + local_recipient_maps = unix:passwd.byname $alias_maps + +Define a virtual delivery agent if the entry doesn't already exist: + + /etc/postfix/master.cf: + virtual unix - n n - - virtual + +Example recipients, one UNIX-style mailbox, one qmail-style maildir: + + /etc/postfix/vmailbox: test1@virtual1.domain test1 test2@virtual2.domain test2/ + /etc/postfix/vmaildomains: + virtual1.domain required to prevent relay access denied errors + virtual2.domain required to prevent relay access denied errors + Execute something like the following commands for each mailbox recipient: # touch /var/mail/vhosts/test1 @@ -260,7 +321,7 @@ Execute something like the following commands for each maildir recipient: Remember that each domain is required to have a postmaster contact address. -Example 3: forwarding mail for an old account to a new address +Example 4: forwarding mail for an old account to a new address ============================================================== In order to forward mail for a user who no longer exists, one would @@ -273,7 +334,7 @@ virtual configuration file about virtual domains): /etc/postfix/virtual: old_user@old.domain new_user@new.domain -Example 4: setting up a virtual vacation autoresponder +Example 5: setting up a virtual vacation autoresponder ====================================================== In order to set up an autoreply for virtual recipients while still diff --git a/postfix/conf/main.cf b/postfix/conf/main.cf index 2438eee29..5e7eda712 100644 --- a/postfix/conf/main.cf +++ b/postfix/conf/main.cf @@ -138,8 +138,8 @@ mail_owner = postfix # Specify a list of host or domain names, /file/name or type:table # patterns, separated by commas and/or whitespace. A /file/name # pattern is replaced by its contents; a type:table is matched when -# a name matches a lookup key. Continue long lines by starting the -# next line with whitespace. +# a name matches a lookup key (the right-hand side is ignored). +# Continue long lines by starting the next line with whitespace. # #mydestination = $myhostname, localhost.$mydomain #mydestination = $myhostname, localhost.$mydomain $mydomain @@ -206,8 +206,8 @@ mail_owner = postfix # that Postfix is final destination for: # - destinations that match $inet_interfaces, # - destinations that match $mydestination -# - destinations that match $virtual_maps, -# - destinations that match $virtual_mailbox_maps. +# - destinations that match $virtual_alias_domains, +# - destinations that match $virtual_mailbox_domains. # These destinations do not need to be listed in $relay_domains. # # Specify a list of hosts or domains, /file/name patterns or type:name diff --git a/postfix/conf/master.cf b/postfix/conf/master.cf index 2bcdadb28..82983792d 100644 --- a/postfix/conf/master.cf +++ b/postfix/conf/master.cf @@ -80,6 +80,8 @@ bounce unix - - n - 0 bounce defer unix - - n - 0 bounce flush unix n - n 1000? 0 flush smtp unix - - n - - smtp +relay unix - - n - - smtp +# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5 showq unix n - n - - showq error unix - - n - - error local unix - n n - - local @@ -88,6 +90,12 @@ lmtp unix - - n - - lmtp # # Interfaces to non-Postfix software. Be sure to examine the manual # pages of the non-Postfix software to find out what options it wants. +# +# maildrop. See the Postfix MAILDROP_README file for details. +# +maildrop unix - n n - - pipe + flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient} +# # The Cyrus deliver program has changed incompatibly, multiple times. # old-cyrus unix - n n - - pipe diff --git a/postfix/conf/post-install b/postfix/conf/post-install index b9bdfd368..649b6fc46 100644 --- a/postfix/conf/post-install +++ b/postfix/conf/post-install @@ -460,9 +460,18 @@ test -n "$create" && { test -n "$upgrade_conf" && { + # Add missing relay service to master.cf. + + grep '^relay' $config_directory/master.cf >/dev/null || { + echo Editing $config_directory/master.cf, adding missing entry for relay service + cat >>$config_directory/master.cf </dev/null || { + grep '^flush.*flush' $config_directory/master.cf >/dev/null || { echo Editing $config_directory/master.cf, adding missing entry for flush service cat >>$config_directory/master.cf < local or remote address +# mapping) from information that changes less frequently (the list +# of virtual domain names). +# +# Specify a list of host or domain names, /file/name or type:table +# patterns, separated by commas and/or whitespace. A /file/name +# pattern is replaced by its contents; a type:table is matched when +# a name matches a lookup key (the right-hand side is ignored). +# Continue long lines by starting the next line with whitespace. +# +#virtual_alias_domains = virtual1.tld virtual2.tld +virtual_alias_domains = $virtual_alias_maps diff --git a/postfix/conf/virtual b/postfix/conf/virtual index 8c8d4a292..b524bcdc6 100644 --- a/postfix/conf/virtual +++ b/postfix/conf/virtual @@ -1,7 +1,7 @@ # VIRTUAL(5) VIRTUAL(5) # # NAME -# virtual - format of Postfix virtual table +# virtual - format of Postfix virtual alias table # # SYNOPSIS # postmap /etc/postfix/virtual @@ -11,19 +11,18 @@ # postmap -q - /etc/postfix/virtual virtual_maps + virtual_alias_maps Address mapping lookup table for envelope recipient addresses. diff --git a/postfix/html/faq.html b/postfix/html/faq.html index 39914b3db..be06e3b8f 100644 --- a/postfix/html/faq.html +++ b/postfix/html/faq.html @@ -2223,7 +2223,7 @@ destinations: 
 /etc/postfix/main.cf:
-    virtual_maps = hash:/etc/postfix/virtual
+    virtual_alias_maps = hash:/etc/postfix/virtual
 
 /etc/postfix/virtual:
     root        root@localhost
@@ -2681,7 +2681,7 @@ headers is sufficient to reliably implement a domain in a mailbox.
 
     /etc/postfix/main.cf:
         recipient_delimiter = +
-        virtual_maps = 
+        virtual_alias_maps = 
             ...non-regexp virtual maps...
             regexp:/etc/postfix/virtual_regexp
 
@@ -2734,7 +2734,7 @@ can be expensive if you have many virtual domains.
 

 
 /etc/postfix/main.cf:
-    virtual_maps = regexp:/etc/postfix/virtual_regexp
+    virtual_alias_maps = regexp:/etc/postfix/virtual_regexp
     recipient_delimiter = +
 
 /etc/postfix/virtual_regexp:
diff --git a/postfix/html/nqmgr.8.html b/postfix/html/nqmgr.8.html
index 3c16b5889..aef34e563 100644
--- a/postfix/html/nqmgr.8.html
+++ b/postfix/html/nqmgr.8.html
@@ -18,10 +18,6 @@ NQMGR(8)                                                 NQMGR(8)
        silently discarded.  This stops potential loops caused  by
        undeliverable bounce notifications.
 
-       Mail  addressed to a user listed in the optional relocated
-       database is bounced with a "user has  moved  to  new_loca-
-       tion" message. See relocated(5) for a precise description.
-
 MAIL QUEUES
        The nqmgr daemon maintains the following queues:
 
@@ -29,54 +25,54 @@ NQMGR(8)                                                 NQMGR(8)
               Inbound mail from the network, or mail picked up by
               the local pickup agent from the maildrop directory.
 
-       active Messages that the  queue  manager  has  opened  for
-              delivery.  Only  a  limited  number  of messages is
-              allowed to enter the  active  queue  (leaky  bucket
+       active Messages  that  the  queue  manager  has opened for
+              delivery. Only a  limited  number  of  messages  is
+              allowed  to  enter  the  active queue (leaky bucket
               strategy, for a fixed delivery rate).
 
        deferred
-              Mail  that  could  not  be delivered upon the first
-              attempt. The queue manager  implements  exponential
+              Mail that could not be  delivered  upon  the  first
+              attempt.  The  queue manager implements exponential
               backoff  by  doubling  the  time  between  delivery
               attempts.
 
        corrupt
-              Unreadable or damaged queue files  are  moved  here
+              Unreadable  or  damaged  queue files are moved here
               for inspection.
 
-       hold   Messages  that  are  kept  "on  hold" are kept here
+       hold   Messages that are kept  "on  hold"  are  kept  here
               until someone sets them free.
 
 DELIVERY STATUS REPORTS
        The nqmgr daemon keeps an eye on per-message delivery sta-
-       tus  reports  in  the  following  directories. Each status
+       tus reports in  the  following  directories.  Each  status
        report file has the same name as the corresponding message
        file:
 
-       bounce Per-recipient  status information about why mail is
-              bounced.   These  files  are  maintained   by   the
+       bounce Per-recipient status information about why mail  is
+              bounced.    These   files  are  maintained  by  the
               bounce(8) daemon.
 
-       defer  Per-recipient  status information about why mail is
-              delayed.   These  files  are  maintained   by   the
+       defer  Per-recipient status information about why mail  is
+              delayed.    These   files  are  maintained  by  the
               defer(8) daemon.
 
-       The  nqmgr  daemon is responsible for asking the bounce(8)
+       The nqmgr daemon is responsible for asking  the  bounce(8)
        or defer(8) daemons to send non-delivery reports.
 
 STRATEGIES
-       The queue manager implements a variety of  strategies  for
+       The  queue  manager implements a variety of strategies for
        either opening queue files (input) or for message delivery
        (output).
 
        leaky bucket
-              This strategy limits the number of messages in  the
-              active  queue  and  prevents the queue manager from
+              This  strategy limits the number of messages in the
+              active queue and prevents the  queue  manager  from
               running out of memory under heavy load.
 
        fairness
-              When the active queue has room, the  queue  manager
-              takes  one  message from the incoming queue and one
+              When  the  active queue has room, the queue manager
+              takes one message from the incoming queue  and  one
               from the deferred queue. This prevents a large mail
               backlog from blocking the delivery of new mail.
 
@@ -87,42 +83,42 @@ NQMGR(8)                                                 NQMGR(8)
 
        round robin
               The queue manager sorts delivery requests by desti-
-              nation.  Round-robin selection prevents one  desti-
+              nation.   Round-robin selection prevents one desti-
               nation from dominating deliveries to other destina-
               tions.
 
        exponential backoff
               Mail  that  cannot  be  delivered  upon  the  first
-              attempt  is  deferred.   The  time interval between
+              attempt is deferred.   The  time  interval  between
               delivery attempts is doubled after each attempt.
 
        destination status cache
-              The  queue  manager  avoids  unnecessary   delivery
-              attempts  by  maintaining  a  short-term, in-memory
+              The   queue  manager  avoids  unnecessary  delivery
+              attempts by  maintaining  a  short-term,  in-memory
               list of unreachable destinations.
 
        preemptive message scheduling
-              The queue manager attempts to minimize the  average
+              The  queue manager attempts to minimize the average
               per-recipient delay while still preserving the cor-
               rect per-message delays, using a sophisticated pre-
               emptive message scheduling.
 
 TRIGGERS
        On an idle system, the queue manager waits for the arrival
-       of trigger events, or it waits for a timer to  go  off.  A
-       trigger  is  a one-byte message.  Depending on the message
-       received, the queue manager performs one of the  following
-       actions  (the message is followed by the symbolic constant
+       of  trigger  events,  or it waits for a timer to go off. A
+       trigger is a one-byte message.  Depending on  the  message
+       received,  the queue manager performs one of the following
+       actions (the message is followed by the symbolic  constant
        used internally by the software):
 
        D (QMGR_REQ_SCAN_DEFERRED)
-              Start a deferred queue scan.  If a  deferred  queue
-              scan  is  already  in  progress,  that scan will be
+              Start  a  deferred queue scan.  If a deferred queue
+              scan is already in  progress,  that  scan  will  be
               restarted as soon as it finishes.
 
        I (QMGR_REQ_SCAN_INCOMING)
-              Start an incoming queue scan. If an incoming  queue
-              scan  is  already  in  progress,  that scan will be
+              Start  an incoming queue scan. If an incoming queue
+              scan is already in  progress,  that  scan  will  be
               restarted as soon as it finishes.
 
        A (QMGR_REQ_SCAN_ALL)
@@ -130,32 +126,32 @@ NQMGR(8)                                                 NQMGR(8)
               affects the next deferred queue scan.
 
        F (QMGR_REQ_FLUSH_DEAD)
-              Purge  all  information  about  dead transports and
+              Purge all information  about  dead  transports  and
               destinations.
 
        W (TRIGGER_REQ_WAKEUP)
-              Wakeup call, This is used by the master  server  to
-              instantiate  servers  that  should not go away for-
-              ever. The action is  to  start  an  incoming  queue
+              Wakeup  call,  This is used by the master server to
+              instantiate servers that should not  go  away  for-
+              ever.  The  action  is  to  start an incoming queue
               scan.
 
        The nqmgr daemon reads an entire buffer worth of triggers.
-       Multiple identical trigger  requests  are  collapsed  into
-       one,  and trigger requests are sorted so that A and F pre-
-       cede D and I. Thus, in order to  force  a  deferred  queue
+       Multiple  identical  trigger  requests  are collapsed into
+       one, and trigger requests are sorted so that A and F  pre-
+       cede  D  and  I.  Thus, in order to force a deferred queue
        run, one would request A F D; in order to notify the queue
        manager of the arrival of new mail one would request I.
 
 STANDARDS
-       None. The nqmgr daemon does not interact with the  outside
+       None.  The nqmgr daemon does not interact with the outside
        world.
 
 SECURITY
-       The  nqmgr daemon is not security sensitive. It reads sin-
-       gle-character messages from  untrusted  local  users,  and
-       thus  may be susceptible to denial of service attacks. The
-       nqmgr daemon does not talk to the outside  world,  and  it
-       can  be  run at fixed low privilege in a chrooted environ-
+       The nqmgr daemon is not security sensitive. It reads  sin-
+       gle-character  messages  from  untrusted  local users, and
+       thus may be susceptible to denial of service attacks.  The
+       nqmgr  daemon  does  not talk to the outside world, and it
+       can be run at fixed low privilege in a  chrooted  environ-
        ment.
 
 DIAGNOSTICS
@@ -163,31 +159,27 @@ NQMGR(8)                                                 NQMGR(8)
        Corrupted message files are saved to the corrupt queue for
        further inspection.
 
-       Depending on the setting of the notify_classes  parameter,
-       the  postmaster  is notified of bounces and of other trou-
+       Depending  on the setting of the notify_classes parameter,
+       the postmaster is notified of bounces and of  other  trou-
        ble.
 
 BUGS
-       A single queue manager process has  to  compete  for  disk
-       access  with multiple front-end processes such as smtpd. A
-       sudden burst of inbound mail can  negatively  impact  out-
+       A  single  queue  manager  process has to compete for disk
+       access with multiple front-end processes such as smtpd.  A
+       sudden  burst  of  inbound mail can negatively impact out-
        bound delivery rates.
 
 CONFIGURATION PARAMETERS
-       The  following  main.cf parameters are especially relevant
-       to this program. See the Postfix main.cf file  for  syntax
-       details  and  for  default  values. Use the postfix reload
+       The following main.cf parameters are  especially  relevant
+       to  this  program. See the Postfix main.cf file for syntax
+       details and for default values.  Use  the  postfix  reload
        command after a configuration change.
 
 Miscellaneous
        allow_min_user
-              Do not bounce recipient addresses that  begin  with
+              Do  not  bounce recipient addresses that begin with
               '-'.
 
-       relocated_maps
-              Tables with contact information for users, hosts or
-              domains that no longer exist. See relocated(5).
-
        queue_directory
               Top-level directory of the Postfix queue.
 
@@ -326,7 +318,6 @@ NQMGR(8)                                                 NQMGR(8)
 
 SEE ALSO
        master(8), process manager
-       relocated(5), format of the "user has moved" table
        syslogd(8) system logging
        trivial-rewrite(8), address routing
 
diff --git a/postfix/html/qmgr.8.html b/postfix/html/qmgr.8.html
index 6dc1e6f53..48c8b188f 100644
--- a/postfix/html/qmgr.8.html
+++ b/postfix/html/qmgr.8.html
@@ -18,10 +18,6 @@ QMGR(8)                                                   QMGR(8)
        silently discarded.  This stops potential loops caused  by
        undeliverable bounce notifications.
 
-       Mail  addressed to a user listed in the optional relocated
-       database is bounced with a "user has  moved  to  new_loca-
-       tion" message. See relocated(5) for a precise description.
-
 MAIL QUEUES
        The qmgr daemon maintains the following queues:
 
@@ -29,54 +25,54 @@ QMGR(8)                                                   QMGR(8)
               Inbound mail from the network, or mail picked up by
               the local pickup agent from the maildrop directory.
 
-       active Messages that the  queue  manager  has  opened  for
-              delivery.  Only  a  limited  number  of messages is
-              allowed to enter the  active  queue  (leaky  bucket
+       active Messages  that  the  queue  manager  has opened for
+              delivery. Only a  limited  number  of  messages  is
+              allowed  to  enter  the  active queue (leaky bucket
               strategy, for a fixed delivery rate).
 
        deferred
-              Mail  that  could  not  be delivered upon the first
-              attempt. The queue manager  implements  exponential
+              Mail that could not be  delivered  upon  the  first
+              attempt.  The  queue manager implements exponential
               backoff  by  doubling  the  time  between  delivery
               attempts.
 
        corrupt
-              Unreadable or damaged queue files  are  moved  here
+              Unreadable  or  damaged  queue files are moved here
               for inspection.
 
-       hold   Messages  that  are  kept  "on  hold" are kept here
+       hold   Messages that are kept  "on  hold"  are  kept  here
               until someone sets them free.
 
 DELIVERY STATUS REPORTS
-       The qmgr daemon keeps an eye on per-message delivery  sta-
-       tus  reports  in  the  following  directories. Each status
+       The  qmgr daemon keeps an eye on per-message delivery sta-
+       tus reports in  the  following  directories.  Each  status
        report file has the same name as the corresponding message
        file:
 
-       bounce Per-recipient  status information about why mail is
-              bounced.   These  files  are  maintained   by   the
+       bounce Per-recipient status information about why mail  is
+              bounced.    These   files  are  maintained  by  the
               bounce(8) daemon.
 
-       defer  Per-recipient  status information about why mail is
-              delayed.   These  files  are  maintained   by   the
+       defer  Per-recipient status information about why mail  is
+              delayed.    These   files  are  maintained  by  the
               defer(8) daemon.
 
        The qmgr daemon is responsible for asking the bounce(8) or
        defer(8) daemons to send non-delivery reports.
 
 STRATEGIES
-       The queue manager implements a variety of  strategies  for
+       The  queue  manager implements a variety of strategies for
        either opening queue files (input) or for message delivery
        (output).
 
        leaky bucket
-              This strategy limits the number of messages in  the
-              active  queue  and  prevents the queue manager from
+              This  strategy limits the number of messages in the
+              active queue and prevents the  queue  manager  from
               running out of memory under heavy load.
 
        fairness
-              When the active queue has room, the  queue  manager
-              takes  one  message from the incoming queue and one
+              When  the  active queue has room, the queue manager
+              takes one message from the incoming queue  and  one
               from the deferred queue. This prevents a large mail
               backlog from blocking the delivery of new mail.
 
@@ -87,36 +83,36 @@ QMGR(8)                                                   QMGR(8)
 
        round robin
               The queue manager sorts delivery requests by desti-
-              nation.  Round-robin selection prevents one  desti-
+              nation.   Round-robin selection prevents one desti-
               nation from dominating deliveries to other destina-
               tions.
 
        exponential backoff
               Mail  that  cannot  be  delivered  upon  the  first
-              attempt  is  deferred.   The  time interval between
+              attempt is deferred.   The  time  interval  between
               delivery attempts is doubled after each attempt.
 
        destination status cache
-              The  queue  manager  avoids  unnecessary   delivery
-              attempts  by  maintaining  a  short-term, in-memory
+              The   queue  manager  avoids  unnecessary  delivery
+              attempts by  maintaining  a  short-term,  in-memory
               list of unreachable destinations.
 
 TRIGGERS
        On an idle system, the queue manager waits for the arrival
-       of  trigger  events,  or it waits for a timer to go off. A
-       trigger is a one-byte message.  Depending on  the  message
-       received,  the queue manager performs one of the following
-       actions (the message is followed by the symbolic  constant
+       of trigger events, or it waits for a timer to  go  off.  A
+       trigger  is  a one-byte message.  Depending on the message
+       received, the queue manager performs one of the  following
+       actions  (the message is followed by the symbolic constant
        used internally by the software):
 
        D (QMGR_REQ_SCAN_DEFERRED)
-              Start  a  deferred queue scan.  If a deferred queue
-              scan is already in  progress,  that  scan  will  be
+              Start a deferred queue scan.  If a  deferred  queue
+              scan  is  already  in  progress,  that scan will be
               restarted as soon as it finishes.
 
        I (QMGR_REQ_SCAN_INCOMING)
-              Start  an incoming queue scan. If an incoming queue
-              scan is already in  progress,  that  scan  will  be
+              Start an incoming queue scan. If an incoming  queue
+              scan  is  already  in  progress,  that scan will be
               restarted as soon as it finishes.
 
        A (QMGR_REQ_SCAN_ALL)
@@ -124,30 +120,30 @@ QMGR(8)                                                   QMGR(8)
               affects the next deferred queue scan.
 
        F (QMGR_REQ_FLUSH_DEAD)
-              Purge all information  about  dead  transports  and
+              Purge  all  information  about  dead transports and
               destinations.
 
        W (TRIGGER_REQ_WAKEUP)
-              Wakeup  call,  This is used by the master server to
-              instantiate servers that should not  go  away  for-
-              ever.  The  action  is  to  start an incoming queue
+              Wakeup call, This is used by the master  server  to
+              instantiate  servers  that  should not go away for-
+              ever. The action is  to  start  an  incoming  queue
               scan.
 
-       The qmgr daemon reads an entire buffer worth of  triggers.
-       Multiple  identical  trigger  requests  are collapsed into
-       one, and trigger requests are sorted so that A and F  pre-
-       cede  D  and  I.  Thus, in order to force a deferred queue
+       The  qmgr daemon reads an entire buffer worth of triggers.
+       Multiple identical trigger  requests  are  collapsed  into
+       one,  and trigger requests are sorted so that A and F pre-
+       cede D and I. Thus, in order to  force  a  deferred  queue
        run, one would request A F D; in order to notify the queue
        manager of the arrival of new mail one would request I.
 
 STANDARDS
-       None.  The  qmgr daemon does not interact with the outside
+       None. The qmgr daemon does not interact with  the  outside
        world.
 
 SECURITY
-       The qmgr daemon is not security sensitive. It  reads  sin-
-       gle-character  messages  from  untrusted  local users, and
-       thus may be susceptible to denial of service attacks.  The
+       The  qmgr  daemon is not security sensitive. It reads sin-
+       gle-character messages from  untrusted  local  users,  and
+       thus  may be susceptible to denial of service attacks. The
        qmgr daemon does not talk to the outside world, and it can
        be run at fixed low privilege in a chrooted environment.
 
@@ -156,31 +152,27 @@ QMGR(8)                                                   QMGR(8)
        Corrupted message files are saved to the corrupt queue for
        further inspection.
 
-       Depending on the setting of the notify_classes  parameter,
-       the  postmaster  is notified of bounces and of other trou-
+       Depending  on the setting of the notify_classes parameter,
+       the postmaster is notified of bounces and of  other  trou-
        ble.
 
 BUGS
-       A single queue manager process has  to  compete  for  disk
-       access  with multiple front-end processes such as smtpd. A
-       sudden burst of inbound mail can  negatively  impact  out-
+       A  single  queue  manager  process has to compete for disk
+       access with multiple front-end processes such as smtpd.  A
+       sudden  burst  of  inbound mail can negatively impact out-
        bound delivery rates.
 
 CONFIGURATION PARAMETERS
-       The  following  main.cf parameters are especially relevant
-       to this program. See the Postfix main.cf file  for  syntax
-       details  and  for  default  values. Use the postfix reload
+       The following main.cf parameters are  especially  relevant
+       to  this  program. See the Postfix main.cf file for syntax
+       details and for default values.  Use  the  postfix  reload
        command after a configuration change.
 
 Miscellaneous
        allow_min_user
-              Do not bounce recipient addresses that  begin  with
+              Do  not  bounce recipient addresses that begin with
               '-'.
 
-       relocated_maps
-              Tables with contact information for users, hosts or
-              domains that no longer exist. See relocated(5).
-
        queue_directory
               Top-level directory of the Postfix queue.
 
@@ -268,7 +260,6 @@ QMGR(8)                                                   QMGR(8)
 
 SEE ALSO
        master(8), process manager
-       relocated(5), format of the "user has moved" table
        syslogd(8) system logging
        trivial-rewrite(8), address routing
 
diff --git a/postfix/html/rate.html b/postfix/html/rate.html
index aa1cffff5..f5b3b2a89 100644
--- a/postfix/html/rate.html
+++ b/postfix/html/rate.html
@@ -359,7 +359,7 @@ client. The behavior is controlled by the following parameters:
 
 

 
-
+
 
 
 smtpd_error_sleep_time (default: 1 second) 
 When
 the per-session error count is small, the SMTP server pauses only
@@ -369,7 +369,7 @@ loop.
 
 

 
-
+
 
 
 smtpd_soft_error_limit (default: 10) 
 When the
 per-session error count exceeds this value, the SMTP server sleeps
@@ -377,7 +377,7 @@ per-session error count exceeds this value, the SMTP server sleeps
 
 

 
-
+
 
 
 smtpd_hard_error_limit (default: 20) 
 When
 the per-session error count exceeds this value, the SMTP server
diff --git a/postfix/html/rewrite.html b/postfix/html/rewrite.html
index 3d8b94ddd..5f839fa6c 100644
--- a/postfix/html/rewrite.html
+++ b/postfix/html/rewrite.html
@@ -303,38 +303,38 @@ header_sender, header_recipient
 If you do this, Postfix will no longer be able to send mail to
 individual machines.
 
- 
 Virtual address mapping

+ 
 Virtual address aliasing

 
 After applying the canonical and masquerade mappings, the cleanup daemon uses the virtual table to redirect mail for all
 recipients, local or remote.  The mapping affects only envelope
 recipients; it has no effect on message headers or envelope senders.
-Virtual lookups are useful to redirect mail for virtual domains to
-real user mailboxes, and to redirect mail for domains that no longer
-exist.  Virtual lookups can also be used to transform 
-Firstname.Lastname  back into UNIX login names, although it
-seems that local aliases are a more appropriate
-vehicle.
+Virtual alias lookups are useful to redirect mail for simulated
+virtual domains to real user mailboxes, and to redirect mail for
+domains that no longer exist.  Virtual alias lookups can also be
+used to transform  Firstname.Lastname  back into UNIX login
+names, although it seems that local aliases
+are a more appropriate vehicle.
 
 

 
-Virtual mapping is disabled by default. To enable, edit the 
-virtual_maps parameter in the main.cf file and
+Virtual aliasing is disabled by default. To enable, edit the 
+virtual_alias_maps parameter in the main.cf file and
 specify one or more lookup tables, separated by whitespace or
 commas. For example:
 
 

 
-
virtual_maps = hash:/etc/postfix/virtual
+
virtual_alias_maps = hash:/etc/postfix/virtual
 
 

 
 

 
-Addresses found in virtual maps are subjected to another iteration
-of virtual mapping, but are not subjected to canonical mapping, in
-order to avoid loops.
+Addresses found in virtual alias maps are subjected to another
+iteration of virtual aliasing, but are not subjected to canonical
+mapping, in order to avoid loops.
 
  
 Relocated users table

 
diff --git a/postfix/html/smtpd.8.html b/postfix/html/smtpd.8.html
index 77245cdc7..36109d05e 100644
--- a/postfix/html/smtpd.8.html
+++ b/postfix/html/smtpd.8.html
@@ -337,8 +337,8 @@ SMTPD(8)                                                 SMTPD(8)
 
        unknown_client_reject_code
               Response code when a client without address to name
-              mapping   violates    the    reject_unknown_clients
-              restriction.
+              mapping violates the reject_unknown_client restric-
+              tion.
 
        unknown_hostname_reject_code
               Response   code   when   a   client   violates  the
diff --git a/postfix/html/trivial-rewrite.8.html b/postfix/html/trivial-rewrite.8.html
index 008a7debf..b1c3d4836 100644
--- a/postfix/html/trivial-rewrite.8.html
+++ b/postfix/html/trivial-rewrite.8.html
@@ -73,64 +73,109 @@ TRIVIAL-REWRITE(8)                             TRIVIAL-REWRITE(8)
               remote.
 
        mydestination
-              List  of domains that this machine considers local.
+              List of domains that are given to the $local_trans-
+              port.
 
-       myorigin
-              The domain that locally-posted mail appears to come
-              from.
+       virtual_alias_domains
+              List of simulated virtual domains (domains with all
+              recipients  aliased  to  some other local or remote
+              domain).
+
+       virtual_mailbox_domains
+              List  of  domains  that  are  given  to  the  $vir-
+              tual_transport.
+
+       relay_domains
+              List of domains that are given to the $relay_trans-
+              port.
 
        resolve_unquoted_address
               When resolving an address, do not quote the address
-              localpart as per RFC 822, so that additional  @,  %
-              or  !   characters  remain visible. This is techni-
+              localpart  as  per RFC 822, so that additional @, %
+              or !  characters remain visible.  This  is  techni-
               cally  incorrect,  but  allows  us  to  stop  relay
-              attacks  when forwarding mail to a Sendmail primary
+              attacks when forwarding mail to a Sendmail  primary
               MX host.
 
+       relocated_maps
+              Tables with contact information for users, hosts or
+              domains that no longer exist. See relocated(5).
+
 Rewriting
+       myorigin
+              The domain that locally-posted mail appears to come
+              from.
+
        allow_percent_hack
               Rewrite user%domain to user@domain.
 
        append_at_myorigin
-              Rewrite user to user@$myorigin.
+              Rewrite user to user@$myorigin.
 
        append_dot_mydomain
-              Rewrite user@host to user@host.$mydomain.
+              Rewrite user@host to user@host.$mydomain.
 
        swap_bangpath
               Rewrite site!user to user@site.
 
 Routing
        local_transport
-              Where to deliver mail for destinations  that  match
-              $mydestination  or  $inet_interfaces.   The default
+              Where  to  deliver mail for destinations that match
+              $mydestination or  $inet_interfaces.   The  default
               transport is local.
 
+              Syntax  is  transport:nexthop; see transport(5) for
+              details. The :nexthop part is optional.
+
+       error_transport
+              Where to deliver mail for  non-existent  recipients
+              in  domains  that  match virtual_alias_domains (all
+              recipients in simulated  virtual  domains  must  be
+              aliased  to  some other local or remote domain), or
+              for recipients that have moved.  The default trans-
+              port is error.
+
+              Syntax  is  transport:nexthop; see transport(5) for
+              details. The :nexthop part is optional.
+
+       virtual_transport
+              Where to deliver mail for  non-local  domains  that
+              match $virtual_mailbox_domains.  The default trans-
+              port is virtual.
+
+              Syntax is transport:nexthop; see  transport(5)  for
+              details. The :nexthop part is optional.
+
+       relay_transport
+              Where  to  deliver  mail for non-local domains that
+              match $relay_domains.   The  default  transport  is
+              relay (which normally is a clone of the smtp trans-
+              port).
+
               Syntax is transport:nexthop; see  transport(5)  for
               details. The :nexthop part is optional.
 
        default_transport
-              Where to deliver non-local mail when no information
-              is explicitly given in the transport(5) table.  The
+              Where  to  deliver  all  other non-local mail.  The
               default transport is smtp.
 
-              Syntax  is  transport:nexthop; see transport(5) for
+              Syntax is transport:nexthop; see  transport(5)  for
               details. The :nexthop part is optional.
 
        parent_domain_matches_subdomains
-              List of Postfix features that use  domain.tld  pat-
-              terns   to  match  sub.domain.tld  (as  opposed  to
+              List  of  Postfix features that use domain.tld pat-
+              terns  to  match  sub.domain.tld  (as  opposed   to
               requiring .domain.tld patterns).
 
        relayhost
-              The default host to send non-local mail to when  no
+              The  default host to send non-local mail to when no
               entry is matched in the transport(5) table.
 
-              When  no  relayhost  is  specified,  mail is routed
+              When no relayhost  is  specified,  mail  is  routed
               directly to the destination's mail exchanger.
 
        transport_maps
-              List of tables with domain to (transport,  nexthop)
+              List  of tables with domain to (transport, nexthop)
               mappings.
 
        transport_null_address_lookup_key
@@ -142,7 +187,7 @@ TRIVIAL-REWRITE(8)                             TRIVIAL-REWRITE(8)
        transport(5) transport table format
 
 LICENSE
-       The  Secure  Mailer  license must be distributed with this
+       The Secure Mailer license must be  distributed  with  this
        software.
 
 AUTHOR(S)
diff --git a/postfix/html/uce.html b/postfix/html/uce.html
index cb3e970e7..8c0bdc944 100644
--- a/postfix/html/uce.html
+++ b/postfix/html/uce.html
@@ -803,10 +803,10 @@ href="basic.html#inet_interfaces">$inet_interfaces,
 
  • to destinations that match $mydestination,
 
-
  • to destinations that match $virtual_maps,
+
  • to destinations that match $virtual_alias_domains,
 
 
  • to destinations that match $virtual_mailbox_maps.
+href="virtual.8.html">$virtual_mailbox_domains.
 
 
 
@@ -863,8 +863,8 @@ and the address contains no sender-specified routing
 
  • Postfix is the final destination:  any destination that matches
 $mydestination, $inet_interfaces, $virtual_maps, or
-href="virtual.8.html">$virtual_mailbox_maps.
+href="virtual.5.html">$virtual_alias_domains, or
+href="virtual.8.html">$virtual_mailbox_domains.
 
 
 
@@ -887,8 +887,8 @@ and the address contains no sender-specified routing
 
  • Postfix is the final destination:  any destination that matches
 $mydestination, $inet_interfaces, $virtual_maps, or $virtual_mailbox_maps.
+href="virtual.5.html">$virtual_alias_domains, or $virtual_mailbox_domains.
 
 
 
diff --git a/postfix/html/virtual.5.html b/postfix/html/virtual.5.html
index 6086e836a..96219ceb5 100644
--- a/postfix/html/virtual.5.html
+++ b/postfix/html/virtual.5.html
@@ -2,7 +2,7 @@
 VIRTUAL(5)                                             VIRTUAL(5)
 
 NAME
-       virtual - format of Postfix virtual table
+       virtual - format of Postfix virtual alias table
 
 SYNOPSIS
        postmap /etc/postfix/virtual
@@ -12,19 +12,18 @@ VIRTUAL(5)                                             VIRTUAL(5)
        postmap -q - /etc/postfix/virtual <inputfile
 
 DESCRIPTION
-       The  optional virtual table specifies address redirections
-       for local and non-local recipients or domains.  The  redi-
-       rections  are  used by the cleanup(8) daemon. The redirec-
-       tions are recursive.
-
-       The virtual redirection is applied only to recipient enve-
-       lope  addresses,  and  does  not  affect  message headers.
-       Think Sendmail rule set S0, if you like. Use  canonical(5)
-       mapping  to  rewrite header and envelope addresses in gen-
-       eral.
-
-       Normally, the virtual table is specified as  a  text  file
-       that  serves  as  input  to  the  postmap(1) command.  The
+       The  optional virtual alias table specifies address alias-
+       ing for local and non-local recipients.  Virtual  aliasing
+       is  used  by  the  cleanup(8)  daemon. Virtual aliasing is
+       recursive.
+
+       Virtual aliasing is applied  only  to  recipient  envelope
+       addresses,  and  does  not  affect message headers.  Think
+       Sendmail rule set S0, if you like. Use  canonical(5)  map-
+       ping  to rewrite header and envelope addresses in general.
+
+       Normally, the virtual alias table is specified as  a  text
+       file  that serves as input to the postmap(1) command.  The
        result, an indexed file in dbm or db format, is  used  for
        fast  searching  by  the  mail system. Execute the command
        postmap  /etc/postfix/virtual  in  order  to  rebuild  the
@@ -39,69 +38,55 @@ VIRTUAL(5)                                             VIRTUAL(5)
        sions.  In  that  case, the lookups are done in a slightly
        different way as described below.
 
-POSTFIX-STYLE VIRTUAL DOMAINS
-       With a Postfix-style virtual domain,  the  virtual  domain
-       has  its  own  user  name  space. Local (i.e. non-virtual)
-       usernames are  not  visible  in  a  Postfix-style  virtual
-       domain.  In particular, local aliases(5) and mailing lists
-       are not visible as localname@virtual.domain.
+SIMULATED VIRTUAL DOMAINS
+       Besides virtual aliases, the virtual alias table can  also
+       be used to simulate virtual domains. With a simulated vir-
+       tual domain, all recipient addresses are aliased  to  non-
+       virtual  addresses.   These  non-virtual  addresses may be
+       either local or remote.
 
-       Use a Sendmail-style virtual domain (see below)  if  local
-       usernames,  aliases(5)  or mailing lists should be visible
-       as localname@virtual.domain.
+       Simulated virtual domains are not to be confused with  the
+       true virtual domains that are implemented with the Postfix
+       virtual(8) mail delivery agent. With true virtual domains,
+       each recipient address can have its own mailbox.
 
-       Support for a Postfix-style virtual domain looks like:
+       With  a  simulated  virtual domain, the virtual domain has
+       its own user name space. Local  (i.e.  non-virtual)  user-
+       names  are  not  visible in a simulated virtual domain. In
+       particular, local aliases(5) and  mailing  lists  are  not
+       visible as localname@virtual.domain.
 
-       /etc/postfix/virtual:
-           virtual.domain       anything (right-hand content does not matter)
-           postmaster@virtual.domain    postmaster
-           user1@virtual.domain address1
-           user2@virtual.domain address2, address3
-
-       The virtual.domain anything entry is required for a  Post-
-       fix-style virtual domain.
-
-       Do  not list a Postfix-style virtual domain in the main.cf
-       mydestination configuration parameter.  Such an  entry  is
-       required only for a Sendmail-style virtual domain.
-
-       With  a  Postfix-style  virtual  domain,  the Postfix SMTP
-       server  accepts  mail  for  known-user@virtual.domain  and
-       rejects mail for unknown-user@virtual.domain as undeliver-
-       able.
-
-SENDMAIL-STYLE VIRTUAL DOMAINS
-       With a Sendmail-style virtual domain,  every  local  (i.e.
-       non-virtual) username is visible in the virtual domain. In
-       particular, every local alias and mailing list is  visible
-       as localname@virtual.domain.
-
-       Use  a  Postfix-style  virtual domain (see above) if local
-       usernames, aliases(5) or mailing lists should not be visi-
-       ble as localname@virtual.domain.
-
-       Support for a Sendmail-style virtual domain looks like:
+       Support for a simulated virtual domain looks like:
 
        /etc/postfix/main.cf:
-           mydestination = $myhostname localhost.$mydomain $mydomain
-               virtual.domain
+           virtual_alias_maps = hash:/etc/postfix/virtual
+
+           Note:  some systems use dbm databases instead of hash.
+           See the output from postconf -m for available database
+           types.
 
        /etc/postfix/virtual:
+           virtual.domain       anything (right-hand content does not matter)
+           postmaster@virtual.domain    postmaster
            user1@virtual.domain address1
            user2@virtual.domain address2, address3
 
-       The  main.cf  mydestination  entry is required for a Send-
-       mail-style virtual domain.
+       The  virtual.domain anything entry is required for a simu-
+       lated virtual domain. Without this  entry,  mail  will  be
+       rejected with a "relay access denied" error condition.
 
-       Do not specify a virtual.domain anything virtual map entry
-       for  a  Sendmail-style  virtual  domain.  Such an entry is
-       required only with a Postfix-style virtual domain.
+       Do not list a simulated virtual domain name in the main.cf
+       mydestination configuration parameter.
 
-       With a Sendmail-style virtual domain,  the  Postfix  local
-       delivery  agent  delivers  mail  for  an unknown user@vir-
-       tual.domain to a local (i.e.  non-virtual) user  that  has
-       the  same  name;  if no such recipient exists, the Postfix
-       local delivery agent bounces the mail to the sender.
+       With a simulated virtual domain, the Postfix  SMTP  server
+       accepts  mail  for  known-user@virtual.domain, and rejects
+       mail for unknown-user@virtual.domain as undeliverable.
+
+       Instead of specifying the simulated  virtual  domain  name
+       via  the virtual_alias_maps table, you may also specify it
+       via the main.cf virtual_alias_domains configuration param-
+       eter.   This  latter parameter uses the same syntax as the
+       main.cf mydestination configuration parameter.
 
 TABLE FORMAT
        The format of the virtual table is  as  follows,  mappings
@@ -184,18 +169,22 @@ VIRTUAL(5)                                             VIRTUAL(5)
        details and for default values.  Use  the  postfix  reload
        command after a configuration change.
 
-       virtual_maps
-              List of virtual mapping tables.
+       virtual_alias_maps
+              List of virtual aliasing tables.
+
+       virtual_alias_domains
+              List  of  simulated  virtual domains. This uses the
+              same syntax as the mydestination parameter.
 
        Other parameters of interest:
 
        inet_interfaces
-              The  network  interface  addresses that this system
+              The network interface addresses  that  this  system
               receives mail on.  You need to stop and start Post-
               fix when this parameter changes.
 
        mydestination
-              List  of  domains  that  this mail system considers
+              List of domains that  this  mail  system  considers
               local.
 
        myorigin
@@ -212,7 +201,7 @@ VIRTUAL(5)                                             VIRTUAL(5)
        regexp_table(5) format of POSIX regular expression tables
 
 LICENSE
-       The Secure Mailer license must be  distributed  with  this
+       The  Secure  Mailer  license must be distributed with this
        software.
 
 AUTHOR(S)
diff --git a/postfix/html/virtual.8.html b/postfix/html/virtual.8.html
index fd7d8ca04..7050e88d6 100644
--- a/postfix/html/virtual.8.html
+++ b/postfix/html/virtual.8.html
@@ -134,96 +134,102 @@ VIRTUAL(8)                                             VIRTUAL(8)
               Note  that  virtual_mailbox_base is unconditionally
               prepended to this path.
 
+       virtual_mailbox_domains
+              The list of domains that should  be  delivered  via
+              the  Postfix  virtual delivery agent. This uses the
+              same  syntax  as  the  mydestination  configuration
+              parameter.
+
        virtual_minimum_uid
-              Specifies a minimum uid that will be accepted as  a
-              return    from   a   virtual_owner_maps   or   vir-
-              tual_uid_maps lookup.  Returned  values  less  than
-              this  will  be  rejected,  and  the message will be
+              Specifies  a minimum uid that will be accepted as a
+              return   from   a   virtual_owner_maps   or    vir-
+              tual_uid_maps  lookup.   Returned  values less than
+              this will be rejected,  and  the  message  will  be
               deferred.
 
        virtual_uid_maps (regexp maps disallowed)
               Recipients are looked up in these maps to determine
-              the  user  ID to be used when writing to the target
+              the user ID to be used when writing to  the  target
               mailbox.
 
-              While searching a lookup table, an  address  exten-
+              While  searching  a lookup table, an address exten-
               sion (user+foo@domain.tld) is ignored.
 
-              In  a  lookup  table,  specify  a left-hand side of
-              @domain.tld to match  any  user  in  the  specified
-              domain    that    does    not   have   a   specific
+              In a lookup table,  specify  a  left-hand  side  of
+              @domain.tld  to  match  any  user  in the specified
+              domain   that   does   not    have    a    specific
               user@domain.tld entry.
 
        virtual_gid_maps (regexp maps disallowed)
               Recipients are looked up in these maps to determine
-              the  group ID to be used when writing to the target
+              the group ID to be used when writing to the  target
               mailbox.
 
-              While searching a lookup table, an  address  exten-
+              While  searching  a lookup table, an address exten-
               sion (user+foo@domain.tld) is ignored.
 
-              In  a  lookup  table,  specify  a left-hand side of
-              @domain.tld to match  any  user  in  the  specified
-              domain    that    does    not   have   a   specific
+              In a lookup table,  specify  a  left-hand  side  of
+              @domain.tld  to  match  any  user  in the specified
+              domain   that   does   not    have    a    specific
               user@domain.tld entry.
 
 Locking controls
        virtual_mailbox_lock
-              How to lock UNIX-style mailboxes: one  or  more  of
-              flock,   fcntl   or  dotlock.  The  dotlock  method
-              requires that the recipient UID or  GID  has  write
+              How  to  lock  UNIX-style mailboxes: one or more of
+              flock,  fcntl  or  dotlock.  The   dotlock   method
+              requires  that  the  recipient UID or GID has write
               access to the parent directory of the mailbox file.
 
-              This setting is ignored with maildir  style  deliv-
+              This  setting  is ignored with maildir style deliv-
               ery,  because  such  deliveries  are  safe  without
               explicit locks.
 
-              Use the command postconf -l to find out what  lock-
+              Use  the command postconf -l to find out what lock-
               ing methods are available on your system.
 
        deliver_lock_attempts
-              Limit  the  number of attempts to acquire an exclu-
+              Limit the number of attempts to acquire  an  exclu-
               sive lock on a UNIX-style mailbox file.
 
        deliver_lock_delay
               Time (default: seconds) between successive attempts
-              to  acquire an exclusive lock on a UNIX-style mail-
-              box file. The actual delay is slightly  randomized.
+              to acquire an exclusive lock on a UNIX-style  mail-
+              box  file. The actual delay is slightly randomized.
 
        stale_lock_time
-              Limit  the  time  after  which  a stale lockfile is
-              removed (applicable to UNIX-style mailboxes  only).
+              Limit the time after  which  a  stale  lockfile  is
+              removed  (applicable to UNIX-style mailboxes only).
 
 Resource controls
        virtual_destination_concurrency_limit
               Limit the number of parallel deliveries to the same
               domain via the virtual delivery agent.  The default
               limit is taken from the default_destination_concur-
-              rency_limit parameter.  The limit  is  enforced  by
+              rency_limit  parameter.   The  limit is enforced by
               the Postfix queue manager.
 
        virtual_destination_recipient_limit
               Limit the number of recipients per message delivery
-              via the virtual delivery agent.  The default  limit
-              is   taken   from  the  default_destination_recipi-
-              ent_limit parameter.  The limit is enforced by  the
+              via  the virtual delivery agent.  The default limit
+              is  taken  from   the   default_destination_recipi-
+              ent_limit  parameter.  The limit is enforced by the
               Postfix queue manager.
 
        virtual_mailbox_limit
-              The  maximal  size in bytes of a mailbox or maildir
+              The maximal size in bytes of a mailbox  or  maildir
               file.  Set to zero to disable the limit.
 
 HISTORY
-       This agent was  originally  based  on  the  Postfix  local
+       This  agent  was  originally  based  on  the Postfix local
        delivery agent. Modifications mainly consisted of removing
-       code that either was not applicable or that was  not  safe
-       in  this  context: aliases, ~user/.forward files, delivery
+       code  that  either was not applicable or that was not safe
+       in this context: aliases, ~user/.forward  files,  delivery
        to "|command" or to /file/name.
 
-       The Delivered-To: header appears in the  qmail  system  by
+       The  Delivered-To:  header  appears in the qmail system by
        Daniel Bernstein.
 
-       The  maildir  structure  appears  in  the  qmail system by
+       The maildir structure  appears  in  the  qmail  system  by
        Daniel Bernstein.
 
 SEE ALSO
@@ -232,7 +238,7 @@ VIRTUAL(8)                                             VIRTUAL(8)
        qmgr(8) queue manager
 
 LICENSE
-       The Secure Mailer license must be  distributed  with  this
+       The  Secure  Mailer  license must be distributed with this
        software.
 
 AUTHOR(S)
diff --git a/postfix/man/man5/virtual.5 b/postfix/man/man5/virtual.5
index 9d2566f88..f58126800 100644
--- a/postfix/man/man5/virtual.5
+++ b/postfix/man/man5/virtual.5
@@ -4,7 +4,7 @@
 .SH NAME
 virtual
 \-
-format of Postfix virtual table
+format of Postfix virtual alias table
 .SH SYNOPSIS
 .na
 .nf
@@ -16,17 +16,17 @@ format of Postfix virtual table
 .SH DESCRIPTION
 .ad
 .fi
-The optional \fBvirtual\fR table specifies address redirections for
-local and non-local recipients or domains. The redirections are used
-by the \fBcleanup\fR(8) daemon. The redirections are recursive.
+The optional \fBvirtual\fR alias table specifies address aliasing
+for local and non-local recipients. Virtual aliasing is used
+by the \fBcleanup\fR(8) daemon. Virtual aliasing is recursive.
 
-The \fBvirtual\fR redirection is applied only to recipient
+Virtual aliasing is applied only to recipient
 envelope addresses, and does not affect message headers.
 Think Sendmail rule set \fBS0\fR, if you like. Use \fBcanonical\fR(5)
 mapping to rewrite header and envelope addresses in general.
 
-Normally, the \fBvirtual\fR table is specified as a text file that
-serves as input to the \fBpostmap\fR(1) command.
+Normally, the \fBvirtual\fR alias table is specified as a text file
+that serves as input to the \fBpostmap\fR(1) command.
 The result, an indexed file in \fBdbm\fR or \fBdb\fR format,
 is used for fast searching by the mail system. Execute the command
 \fBpostmap /etc/postfix/virtual\fR in order to rebuild the indexed
@@ -38,87 +38,65 @@ or SQL, the same lookups are done as for ordinary indexed files.
 Alternatively, the table can be provided as a regular-expression
 map where patterns are given as regular expressions. In that case,
 the lookups are done in a slightly different way as described below.
-.SH POSTFIX-STYLE VIRTUAL DOMAINS
+.SH SIMULATED VIRTUAL DOMAINS
 .na
 .nf
 .ad
 .fi
-With a Postfix-style virtual domain, the virtual domain has its
+Besides virtual aliases, the virtual alias table can also be used
+to simulate virtual domains. With a simulated virtual domain, all
+recipient addresses are aliased to non-virtual addresses.  These
+non-virtual addresses may be either local or remote.
+
+Simulated virtual domains are not to be confused with the true virtual
+domains that are implemented with the Postfix \fBvirtual\fR(8) mail
+delivery agent. With true virtual domains, each recipient address can
+have its own mailbox.
+
+With a simulated virtual domain, the virtual domain has its
 own user name space. Local (i.e. non-virtual) usernames are not
-visible in a Postfix-style virtual domain. In particular, local
+visible in a simulated virtual domain. In particular, local
 \fBaliases\fR(5) and mailing lists are not visible as
 \fIlocalname@virtual.domain\fR.
 
-Use a Sendmail-style virtual domain (see below) if local usernames,
-\fBaliases\fR(5) or mailing lists should be visible as
-\fIlocalname@virtual.domain\fR.
+Support for a simulated virtual domain looks like:
 
-Support for a Postfix-style virtual domain looks like:
-.sp
-/etc/postfix/virtual:
+/etc/postfix/main.cf:
 .in +4
+virtual_alias_maps = hash:/etc/postfix/virtual
+
+Note: some systems use \fBdbm\fR databases instead of \fBhash\fR.
+See the output from \fBpostconf -m\fR for available database types.
+
+.ti -4
+/etc/postfix/virtual:
 .nf
+.na
 \fIvirtual.domain       anything\fR (right-hand content does not matter)
 \fIpostmaster@virtual.domain    postmaster\fR
 \fIuser1@virtual.domain address1\fR
 \fIuser2@virtual.domain address2, address3\fR
 .fi
 .in -4
-
-The \fIvirtual.domain anything\fR entry is required for a
-Postfix-style virtual domain.
-
-Do not list a Postfix-style virtual domain in the \fBmain.cf
-mydestination\fR configuration parameter.
-Such an entry is required only for a Sendmail-style virtual domain.
-
-With a Postfix-style virtual domain, the Postfix SMTP server
-accepts mail for \fIknown-user@virtual.domain\fR and rejects
-mail for \fIunknown-user\fR@\fIvirtual.domain\fR as undeliverable.
-.SH SENDMAIL-STYLE VIRTUAL DOMAINS
-.na
-.nf
 .ad
 .fi
-With a Sendmail-style virtual domain, every local (i.e. non-virtual)
-username is visible in the virtual domain. In particular, every local
-alias and mailing list is visible as \fIlocalname@virtual.domain\fR.
-
-Use a Postfix-style virtual domain (see above) if local usernames,
-\fBaliases\fR(5) or mailing lists should not be visible as
-\fIlocalname@virtual.domain\fR.
-
-Support for a Sendmail-style virtual domain looks like:
-.sp
-/etc/postfix/main.cf:
-.in +4
-.nf
-mydestination = $myhostname localhost.$mydomain $mydomain
-.ti +4
-\fIvirtual.domain\fR
-.fi
-.in -4
 .sp
-/etc/postfix/virtual:
-.in +4
-.nf
-\fIuser1@virtual.domain address1\fR
-\fIuser2@virtual.domain address2, address3\fR
-.fi
-.in -4
+The \fIvirtual.domain anything\fR entry is required for a
+simulated virtual domain. Without this entry, mail will
+be rejected with a "relay access denied" error condition.
 
-The \fBmain.cf mydestination\fR entry is required for a Sendmail-style
-virtual domain.
+Do not list a simulated virtual domain name in the \fBmain.cf
+mydestination\fR configuration parameter.
 
-Do not specify a \fIvirtual.domain anything\fR virtual map entry
-for a Sendmail-style virtual domain.
-Such an entry is required only with a Postfix-style virtual domain.
+With a simulated virtual domain, the Postfix SMTP server
+accepts mail for \fIknown-user@virtual.domain\fR, and rejects
+mail for \fIunknown-user\fR@\fIvirtual.domain\fR as undeliverable.
 
-With a Sendmail-style virtual domain, the Postfix local delivery
-agent delivers mail for an unknown \fIuser\fR@\fIvirtual.domain\fR
-to a local (i.e.  non-virtual) user that has the same name; if no
-such recipient exists, the Postfix local delivery agent bounces the
-mail to the sender.
+Instead of specifying the simulated virtual domain name via
+the \fBvirtual_alias_maps\fR table, you may also specify it via
+the \fBmain.cf virtual_alias_domains\fR configuration parameter.
+This latter parameter uses the same syntax as the \fBmain.cf
+mydestination\fR configuration parameter.
 .SH TABLE FORMAT
 .na
 .nf
@@ -201,8 +179,11 @@ The following \fBmain.cf\fR parameters are especially relevant to
 this topic. See the Postfix \fBmain.cf\fR file for syntax details
 and for default values. Use the \fBpostfix reload\fR command after
 a configuration change.
-.IP \fBvirtual_maps\fR
-List of virtual mapping tables.
+.IP \fBvirtual_alias_maps\fR
+List of virtual aliasing tables.
+.IP \fBvirtual_alias_domains\fR
+List of simulated virtual domains. This uses the same syntax
+as the \fBmydestination\fR parameter.
 .PP
 Other parameters of interest:
 .IP \fBinet_interfaces\fR
diff --git a/postfix/man/man8/cleanup.8 b/postfix/man/man8/cleanup.8
index 2eb98b2ea..23a94f409 100644
--- a/postfix/man/man8/cleanup.8
+++ b/postfix/man/man8/cleanup.8
@@ -158,7 +158,7 @@ more of \fBenvelope_sender\fR, \fBenvelope_recipient\fR,
 List of domains that hide their subdomain structure.
 .IP \fBmasquerade_exceptions\fR
 List of user names that are not subject to address masquerading.
-.IP \fBvirtual_maps\fR
+.IP \fBvirtual_alias_maps\fR
 Address mapping lookup table for envelope recipient addresses.
 .SH "Resource controls"
 .ad
diff --git a/postfix/man/man8/nqmgr.8 b/postfix/man/man8/nqmgr.8
index a343f92a2..c57d03413 100644
--- a/postfix/man/man8/nqmgr.8
+++ b/postfix/man/man8/nqmgr.8
@@ -22,10 +22,6 @@ manager.
 Mail addressed to the local \fBdouble-bounce\fR address is silently
 discarded.  This stops potential loops caused by undeliverable
 bounce notifications.
-
-Mail addressed to a user listed in the optional \fBrelocated\fR
-database is bounced with a "user has moved to \fInew_location\fR"
-message. See \fBrelocated\fR(5) for a precise description.
 .SH MAIL QUEUES
 .na
 .nf
@@ -178,9 +174,6 @@ a configuration change.
 .fi
 .IP \fBallow_min_user\fR
 Do not bounce recipient addresses that begin with '-'.
-.IP \fBrelocated_maps\fR
-Tables with contact information for users, hosts or domains
-that no longer exist. See \fBrelocated\fR(5).
 .IP \fBqueue_directory\fR
 Top-level directory of the Postfix queue.
 .SH "Active queue controls"
@@ -290,7 +283,6 @@ Default values for the transport specific parameters described above.
 .na
 .nf
 master(8), process manager
-relocated(5), format of the "user has moved" table
 syslogd(8) system logging
 trivial-rewrite(8), address routing
 .SH LICENSE
diff --git a/postfix/man/man8/qmgr.8 b/postfix/man/man8/qmgr.8
index f54801953..039112b61 100644
--- a/postfix/man/man8/qmgr.8
+++ b/postfix/man/man8/qmgr.8
@@ -22,10 +22,6 @@ manager.
 Mail addressed to the local \fBdouble-bounce\fR address is silently
 discarded.  This stops potential loops caused by undeliverable
 bounce notifications.
-
-Mail addressed to a user listed in the optional \fBrelocated\fR
-database is bounced with a "user has moved to \fInew_location\fR"
-message. See \fBrelocated\fR(5) for a precise description.
 .SH MAIL QUEUES
 .na
 .nf
@@ -174,9 +170,6 @@ a configuration change.
 .fi
 .IP \fBallow_min_user\fR
 Do not bounce recipient addresses that begin with '-'.
-.IP \fBrelocated_maps\fR
-Tables with contact information for users, hosts or domains
-that no longer exist. See \fBrelocated\fR(5).
 .IP \fBqueue_directory\fR
 Top-level directory of the Postfix queue.
 .SH "Active queue controls"
@@ -250,7 +243,6 @@ named message \fItransport\fR.
 .na
 .nf
 master(8), process manager
-relocated(5), format of the "user has moved" table
 syslogd(8) system logging
 trivial-rewrite(8), address routing
 .SH LICENSE
diff --git a/postfix/man/man8/smtpd.8 b/postfix/man/man8/smtpd.8
index fe5ab654a..3ba9a76bd 100644
--- a/postfix/man/man8/smtpd.8
+++ b/postfix/man/man8/smtpd.8
@@ -272,7 +272,7 @@ Response code when a client violates the \fBreject_unknown_address\fR
 restriction.
 .IP \fBunknown_client_reject_code\fR
 Response code when a client without address to name mapping
-violates the \fBreject_unknown_clients\fR restriction.
+violates the \fBreject_unknown_client\fR restriction.
 .IP \fBunknown_hostname_reject_code\fR
 Response code when a client violates the \fBreject_unknown_hostname\fR
 restriction.
diff --git a/postfix/man/man8/trivial-rewrite.8 b/postfix/man/man8/trivial-rewrite.8
index 1737acfdb..2bf08c72d 100644
--- a/postfix/man/man8/trivial-rewrite.8
+++ b/postfix/man/man8/trivial-rewrite.8
@@ -77,39 +77,72 @@ The network interfaces that this mail system receives mail on.
 This information is used to determine if
 \fIuser\fR@[\fInet.work.addr.ess\fR] is local or remote.
 .IP \fBmydestination\fR
-List of domains that this machine considers local.
-.IP \fBmyorigin\fR
-The domain that locally-posted mail appears to come from.
+List of domains that are given to the \fB$local_transport\fR.
+.IP \fBvirtual_alias_domains\fT
+List of simulated virtual domains (domains with all recipients
+aliased to some other local or remote domain).
+.IP \fBvirtual_mailbox_domains\fT
+List of domains that are given to the \fB$virtual_transport\fR.
+.IP \fBrelay_domains\fT
+List of domains that are given to the \fB$relay_transport\fR.
 .IP \fBresolve_unquoted_address\fR
 When resolving an address, do not quote the address localpart as
 per RFC 822, so that additional \fB@\fR, \fB%\fR or \fB!\fR
 characters remain visible. This is technically incorrect, but
 allows us to stop relay attacks when forwarding mail to a Sendmail
 primary MX host.
+.IP \fBrelocated_maps\fR
+Tables with contact information for users, hosts or domains
+that no longer exist. See \fBrelocated\fR(5).
 .SH Rewriting
 .ad
 .fi
+.IP \fBmyorigin\fR
+The domain that locally-posted mail appears to come from.
 .IP \fBallow_percent_hack\fR
 Rewrite \fIuser\fR%\fIdomain\fR to \fIuser\fR@\fIdomain\fR.
 .IP \fBappend_at_myorigin\fR
-Rewrite \fIuser\fR to \fIuser\fR@$\fBmyorigin\fR.
+Rewrite \fIuser\fR to \fIuser\fR@\fB$myorigin\fR.
 .IP \fBappend_dot_mydomain\fR
-Rewrite \fIuser\fR@\fIhost\fR to \fIuser\fR@\fIhost\fR.$\fBmydomain\fR.
+Rewrite \fIuser\fR@\fIhost\fR to \fIuser\fR@\fIhost\fR.\fB$mydomain\fR.
 .IP \fBswap_bangpath\fR
 Rewrite \fIsite\fR!\fIuser\fR to \fIuser\fR@\fIsite\fR.
 .SH Routing
 .ad
 .fi
 .IP \fBlocal_transport\fR
-Where to deliver mail for destinations that match $\fBmydestination\fR
-or $\fBinet_interfaces\fR.
+Where to deliver mail for destinations that match \fB$mydestination\fR
+or \fB$inet_interfaces\fR.
 The default transport is \fBlocal\fR.
 .sp
 Syntax is \fItransport\fR:\fInexthop\fR; see \fBtransport\fR(5)
 for details. The :\fInexthop\fR part is optional.
+.IP \fBerror_transport\fR
+Where to deliver mail for non-existent recipients in domains
+that match \fBvirtual_alias_domains\fR (all recipients
+in simulated virtual domains must be aliased to some other
+local or remote domain), or for recipients that have moved.
+The default transport is \fBerror\fR.
+.sp
+Syntax is \fItransport\fR:\fInexthop\fR; see \fBtransport\fR(5)
+for details. The :\fInexthop\fR part is optional.
+.IP \fBvirtual_transport\fR
+Where to deliver mail for non-local domains that match
+\fB$virtual_mailbox_domains\fR.
+The default transport is \fBvirtual\fR.
+.sp
+Syntax is \fItransport\fR:\fInexthop\fR; see \fBtransport\fR(5)
+for details. The :\fInexthop\fR part is optional.
+.IP \fBrelay_transport\fR
+Where to deliver mail for non-local domains that match
+\fB$relay_domains\fR.
+The default transport is \fBrelay\fR (which normally is a clone
+of the \fBsmtp\fR transport).
+.sp
+Syntax is \fItransport\fR:\fInexthop\fR; see \fBtransport\fR(5)
+for details. The :\fInexthop\fR part is optional.
 .IP \fBdefault_transport\fR
-Where to deliver non-local mail when no information is explicitly
-given in the \fBtransport\fR(5) table.
+Where to deliver all other non-local mail.
 The default transport is \fBsmtp\fR.
 .sp
 Syntax is \fItransport\fR:\fInexthop\fR; see \fBtransport\fR(5)
diff --git a/postfix/man/man8/virtual.8 b/postfix/man/man8/virtual.8
index 55c62f514..0111b3cae 100644
--- a/postfix/man/man8/virtual.8
+++ b/postfix/man/man8/virtual.8
@@ -150,6 +150,10 @@ specific \fIuser@domain.tld\fR entry.
 
 Note that \fBvirtual_mailbox_base\fR is unconditionally prepended
 to this path.
+.IP \fBvirtual_mailbox_domains\fR
+The list of domains that should be delivered via the Postfix virtual
+delivery agent. This uses the same syntax as the \fBmydestination\fR
+configuration parameter.
 .IP \fBvirtual_minimum_uid\fR
 Specifies a minimum uid that will be accepted as a return from
 a \fBvirtual_owner_maps\fR or \fBvirtual_uid_maps\fR lookup.
diff --git a/postfix/proto/virtual b/postfix/proto/virtual
index 509415478..c1b4a6525 100644
--- a/postfix/proto/virtual
+++ b/postfix/proto/virtual
@@ -2,7 +2,7 @@
 # NAME
 #	virtual 5
 # SUMMARY
-#	format of Postfix virtual table
+#	format of Postfix virtual alias table
 # SYNOPSIS
 #	\fBpostmap /etc/postfix/virtual\fR
 #
@@ -10,17 +10,17 @@
 #
 #	\fBpostmap -q - /etc/postfix/virtual <\fIinputfile\fR
 # DESCRIPTION
-#	The optional \fBvirtual\fR table specifies address redirections for
-#	local and non-local recipients or domains. The redirections are used
-#	by the \fBcleanup\fR(8) daemon. The redirections are recursive.
+#	The optional \fBvirtual\fR alias table specifies address aliasing
+#	for local and non-local recipients. Virtual aliasing is used
+#	by the \fBcleanup\fR(8) daemon. Virtual aliasing is recursive.
 #
-#	The \fBvirtual\fR redirection is applied only to recipient
+#	Virtual aliasing is applied only to recipient
 #	envelope addresses, and does not affect message headers.
 #	Think Sendmail rule set \fBS0\fR, if you like. Use \fBcanonical\fR(5)
 #	mapping to rewrite header and envelope addresses in general.
 #
-#	Normally, the \fBvirtual\fR table is specified as a text file that
-#	serves as input to the \fBpostmap\fR(1) command.
+#	Normally, the \fBvirtual\fR alias table is specified as a text file
+#	that serves as input to the \fBpostmap\fR(1) command.
 #	The result, an indexed file in \fBdbm\fR or \fBdb\fR format,
 #	is used for fast searching by the mail system. Execute the command
 #	\fBpostmap /etc/postfix/virtual\fR in order to rebuild the indexed
@@ -32,83 +32,63 @@
 #	Alternatively, the table can be provided as a regular-expression
 #	map where patterns are given as regular expressions. In that case,
 #	the lookups are done in a slightly different way as described below.
-# POSTFIX-STYLE VIRTUAL DOMAINS
+# SIMULATED VIRTUAL DOMAINS
 # .ad
 # .fi
-#	With a Postfix-style virtual domain, the virtual domain has its
+#	Besides virtual aliases, the virtual alias table can also be used
+#	to simulate virtual domains. With a simulated virtual domain, all
+#	recipient addresses are aliased to non-virtual addresses.  These
+#	non-virtual addresses may be either local or remote.
+#
+#	Simulated virtual domains are not to be confused with the true virtual
+#	domains that are implemented with the Postfix \fBvirtual\fR(8) mail
+#	delivery agent. With true virtual domains, each recipient address can
+#	have its own mailbox.
+#
+#	With a simulated virtual domain, the virtual domain has its
 #	own user name space. Local (i.e. non-virtual) usernames are not
-#	visible in a Postfix-style virtual domain. In particular, local
+#	visible in a simulated virtual domain. In particular, local
 #	\fBaliases\fR(5) and mailing lists are not visible as
 #	\fIlocalname@virtual.domain\fR.
 #
-#	Use a Sendmail-style virtual domain (see below) if local usernames,
-#	\fBaliases\fR(5) or mailing lists should be visible as
-#	\fIlocalname@virtual.domain\fR.
+#	Support for a simulated virtual domain looks like:
 #
-#	Support for a Postfix-style virtual domain looks like:
-# .sp
-#	/etc/postfix/virtual:
+#	/etc/postfix/main.cf:
 # .in +4
+#	virtual_alias_maps = hash:/etc/postfix/virtual
+#
+#	Note: some systems use \fBdbm\fR databases instead of \fBhash\fR.
+#	See the output from \fBpostconf -m\fR for available database types.
+#
+# .ti -4
+#	/etc/postfix/virtual:
 # .nf
+# .na
 #	\fIvirtual.domain	anything\fR (right-hand content does not matter)
 #	\fIpostmaster@virtual.domain	postmaster\fR
 #	\fIuser1@virtual.domain	address1\fR
 #	\fIuser2@virtual.domain	address2, address3\fR
 # .fi
 # .in -4
-#
-#	The \fIvirtual.domain anything\fR entry is required for a
-#	Postfix-style virtual domain.
-#
-#	Do not list a Postfix-style virtual domain in the \fBmain.cf
-#	mydestination\fR configuration parameter.
-#	Such an entry is required only for a Sendmail-style virtual domain.
-#
-#	With a Postfix-style virtual domain, the Postfix SMTP server
-#	accepts mail for \fIknown-user@virtual.domain\fR and rejects
-#	mail for \fIunknown-user\fR@\fIvirtual.domain\fR as undeliverable.
-# SENDMAIL-STYLE VIRTUAL DOMAINS
 # .ad
 # .fi
-#	With a Sendmail-style virtual domain, every local (i.e. non-virtual)
-#	username is visible in the virtual domain. In particular, every local
-#	alias and mailing list is visible as \fIlocalname@virtual.domain\fR.
-#
-#	Use a Postfix-style virtual domain (see above) if local usernames,
-#	\fBaliases\fR(5) or mailing lists should not be visible as
-#	\fIlocalname@virtual.domain\fR.
-#
-#	Support for a Sendmail-style virtual domain looks like:
 # .sp
-#	/etc/postfix/main.cf:
-# .in +4
-# .nf
-#	mydestination = $myhostname localhost.$mydomain $mydomain
-# .ti +4
-#	\fIvirtual.domain\fR
-# .fi
-# .in -4
-# .sp
-#	/etc/postfix/virtual:
-# .in +4
-# .nf
-#	\fIuser1@virtual.domain	address1\fR
-#	\fIuser2@virtual.domain	address2, address3\fR
-# .fi
-# .in -4
+#	The \fIvirtual.domain anything\fR entry is required for a
+#	simulated virtual domain. Without this entry, mail will
+#	be rejected with a "relay access denied" error condition.
 #
-#	The \fBmain.cf mydestination\fR entry is required for a Sendmail-style
-#	virtual domain.
+#	Do not list a simulated virtual domain name in the \fBmain.cf
+#	mydestination\fR configuration parameter.
 #
-#	Do not specify a \fIvirtual.domain anything\fR virtual map entry
-#	for a Sendmail-style virtual domain.
-#	Such an entry is required only with a Postfix-style virtual domain.
+#	With a simulated virtual domain, the Postfix SMTP server
+#	accepts mail for \fIknown-user@virtual.domain\fR, and rejects
+#	mail for \fIunknown-user\fR@\fIvirtual.domain\fR as undeliverable.
 #
-#	With a Sendmail-style virtual domain, the Postfix local delivery
-#	agent delivers mail for an unknown \fIuser\fR@\fIvirtual.domain\fR
-#	to a local (i.e.  non-virtual) user that has the same name; if no
-#	such recipient exists, the Postfix local delivery agent bounces the
-#	mail to the sender.
+#	Instead of specifying the simulated virtual domain name via
+#	the \fBvirtual_alias_maps\fR table, you may also specify it via
+#	the \fBmain.cf virtual_alias_domains\fR configuration parameter.
+#	This latter parameter uses the same syntax as the \fBmain.cf
+#	mydestination\fR configuration parameter.
 # TABLE FORMAT
 # .ad
 # .fi
@@ -181,8 +161,11 @@
 #	this topic. See the Postfix \fBmain.cf\fR file for syntax details
 #	and for default values. Use the \fBpostfix reload\fR command after
 #	a configuration change.
-# .IP \fBvirtual_maps\fR
-#	List of virtual mapping tables.
+# .IP \fBvirtual_alias_maps\fR
+#	List of virtual aliasing tables.
+# .IP \fBvirtual_alias_domains\fR
+#	List of simulated virtual domains. This uses the same syntax
+#	as the \fBmydestination\fR parameter.
 # .PP
 #	Other parameters of interest:
 # .IP \fBinet_interfaces\fR
diff --git a/postfix/src/cleanup/cleanup.c b/postfix/src/cleanup/cleanup.c
index 5eba3cf49..ced120f2a 100644
--- a/postfix/src/cleanup/cleanup.c
+++ b/postfix/src/cleanup/cleanup.c
@@ -144,7 +144,7 @@
 /*	List of domains that hide their subdomain structure.
 /* .IP \fBmasquerade_exceptions\fR
 /*	List of user names that are not subject to address masquerading.
-/* .IP \fBvirtual_maps\fR
+/* .IP \fBvirtual_alias_maps\fR
 /*	Address mapping lookup table for envelope recipient addresses.
 /* .SH "Resource controls"
 /* .ad
diff --git a/postfix/src/cleanup/cleanup.h b/postfix/src/cleanup/cleanup.h
index 92fb6bb62..8a4083d3c 100644
--- a/postfix/src/cleanup/cleanup.h
+++ b/postfix/src/cleanup/cleanup.h
@@ -79,7 +79,7 @@ extern MAPS *cleanup_header_checks;
 extern MAPS *cleanup_mimehdr_checks;
 extern MAPS *cleanup_nesthdr_checks;
 extern MAPS *cleanup_body_checks;
-extern MAPS *cleanup_virtual_maps;
+extern MAPS *cleanup_virt_alias_maps;
 extern ARGV *cleanup_masq_domains;
 extern int cleanup_masq_flags;
 
diff --git a/postfix/src/cleanup/cleanup_init.c b/postfix/src/cleanup/cleanup_init.c
index ad419cb19..8a5884af3 100644
--- a/postfix/src/cleanup/cleanup_init.c
+++ b/postfix/src/cleanup/cleanup_init.c
@@ -94,7 +94,7 @@ int     var_hopcount_limit;		/* max mailer hop count */
 char   *var_canonical_maps;		/* common canonical maps */
 char   *var_send_canon_maps;		/* sender canonical maps */
 char   *var_rcpt_canon_maps;		/* recipient canonical maps */
-char   *var_virtual_maps;		/* virtual maps */
+char   *var_virt_alias_maps;		/* virtual alias maps */
 char   *var_masq_domains;		/* masquerade domains */
 char   *var_masq_exceptions;		/* users not masqueraded */
 char   *var_header_checks;		/* primary header checks */
@@ -130,7 +130,7 @@ CONFIG_STR_TABLE cleanup_str_table[] = {
     VAR_CANONICAL_MAPS, DEF_CANONICAL_MAPS, &var_canonical_maps, 0, 0,
     VAR_SEND_CANON_MAPS, DEF_SEND_CANON_MAPS, &var_send_canon_maps, 0, 0,
     VAR_RCPT_CANON_MAPS, DEF_RCPT_CANON_MAPS, &var_rcpt_canon_maps, 0, 0,
-    VAR_VIRTUAL_MAPS, DEF_VIRTUAL_MAPS, &var_virtual_maps, 0, 0,
+    VAR_VIRT_ALIAS_MAPS, DEF_VIRT_ALIAS_MAPS, &var_virt_alias_maps, 0, 0,
     VAR_MASQ_DOMAINS, DEF_MASQ_DOMAINS, &var_masq_domains, 0, 0,
     VAR_EMPTY_ADDR, DEF_EMPTY_ADDR, &var_empty_addr, 1, 0,
     VAR_MASQ_EXCEPTIONS, DEF_MASQ_EXCEPTIONS, &var_masq_exceptions, 0, 0,
@@ -155,7 +155,7 @@ MAPS   *cleanup_header_checks;
 MAPS   *cleanup_mimehdr_checks;
 MAPS   *cleanup_nesthdr_checks;
 MAPS   *cleanup_body_checks;
-MAPS   *cleanup_virtual_maps;
+MAPS   *cleanup_virt_alias_maps;
 ARGV   *cleanup_masq_domains;
 int     cleanup_masq_flags;
 
@@ -195,9 +195,10 @@ void    cleanup_pre_jail(char *unused_name, char **unused_argv)
 	cleanup_rcpt_canon_maps =
 	    maps_create(VAR_RCPT_CANON_MAPS, var_rcpt_canon_maps,
 			DICT_FLAG_LOCK);
-    if (*var_virtual_maps)
-	cleanup_virtual_maps = maps_create(VAR_VIRTUAL_MAPS, var_virtual_maps,
-					   DICT_FLAG_LOCK);
+    if (*var_virt_alias_maps)
+	cleanup_virt_alias_maps = maps_create(VAR_VIRT_ALIAS_MAPS,
+					      var_virt_alias_maps,
+					      DICT_FLAG_LOCK);
     if (*var_masq_domains)
 	cleanup_masq_domains = argv_split(var_masq_domains, " ,\t\r\n");
     if (*var_header_checks)
diff --git a/postfix/src/cleanup/cleanup_out_recipient.c b/postfix/src/cleanup/cleanup_out_recipient.c
index 7ec014405..427a1faf9 100644
--- a/postfix/src/cleanup/cleanup_out_recipient.c
+++ b/postfix/src/cleanup/cleanup_out_recipient.c
@@ -23,7 +23,7 @@
 /*	Upper bound to the size of the recipient duplicate filter.
 /*	Zero means no limit; this may cause the mail system to
 /*	become stuck.
-/* .IP virtual_maps
+/* .IP virtual_alias_maps
 /*	list of virtual address lookup tables.
 /* LICENSE
 /* .ad
@@ -77,12 +77,12 @@ void    cleanup_out_recipient(CLEANUP_STATE *state, const char *orcpt,
     if (been_here_fixed(state->dups, recip) != 0)
 	return;
 
-    if (cleanup_virtual_maps == 0) {
+    if (cleanup_virt_alias_maps == 0) {
 	cleanup_out_string(state, REC_TYPE_ORCP, orcpt);
 	cleanup_out_string(state, REC_TYPE_RCPT, recip);
 	state->rcpt_count++;
     } else {
-	argv = cleanup_map1n_internal(state, recip, cleanup_virtual_maps,
+	argv = cleanup_map1n_internal(state, recip, cleanup_virt_alias_maps,
 				  cleanup_ext_prop_mask & EXT_PROP_VIRTUAL);
 	for (cpp = argv->argv; *cpp; cpp++) {
 	    cleanup_out_string(state, REC_TYPE_ORCP, orcpt);
diff --git a/postfix/src/dns/dns_lookup.c b/postfix/src/dns/dns_lookup.c
index 823eaa44f..f5a62013a 100644
--- a/postfix/src/dns/dns_lookup.c
+++ b/postfix/src/dns/dns_lookup.c
@@ -400,6 +400,7 @@ static int dns_get_answer(DNS_REPLY *reply, int type,
     DNS_RR *rr;
     int     resource_found = 0;
     int     cname_found = 0;
+    int     default_status = DNS_NOTFOUND;
 
     /*
      * Initialize. Skip over the name server query if we haven't yet.
@@ -460,12 +461,14 @@ static int dns_get_answer(DNS_REPLY *reply, int type,
 	if (pos + fixed.length > reply->end)
 	    CORRUPT;
 	if (type == fixed.type || type == T_ANY) {	/* requested type */
-	    resource_found++;
 	    if (rrlist) {
-		if ((rr = dns_get_rr(reply, pos, rr_name, &fixed)) == 0)
-		    CORRUPT;
-		*rrlist = dns_rr_append(*rrlist, rr);
-	    }
+		if ((rr = dns_get_rr(reply, pos, rr_name, &fixed)) != 0) {
+		    resource_found++;
+		    *rrlist = dns_rr_append(*rrlist, rr);
+		} else
+		    default_status = DNS_RETRY;
+	    } else
+		resource_found++;
 	} else if (fixed.type == T_CNAME) {	/* cname resource */
 	    cname_found++;
 	    if (cname && c_len > 0)
@@ -484,7 +487,7 @@ static int dns_get_answer(DNS_REPLY *reply, int type,
 	return (DNS_OK);
     if (cname_found)
 	return (DNS_RECURSE);
-    return (DNS_NOTFOUND);
+    return (default_status);
 }
 
 /* dns_lookup - DNS lookup user interface */
diff --git a/postfix/src/error/error.c b/postfix/src/error/error.c
index 7129f3129..dbde5d47f 100644
--- a/postfix/src/error/error.c
+++ b/postfix/src/error/error.c
@@ -129,7 +129,7 @@ static int deliver_message(DELIVER_REQUEST *request)
 	rcpt = request->rcpt_list.info + nrcpt;
 	if (rcpt->offset >= 0) {
 	    status = bounce_append(BOUNCE_FLAG_KEEP, request->queue_id,
-				   rcpt->orig_addr, rcpt->address, "error",
+				   rcpt->orig_addr, rcpt->address, "none",
 				   request->arrival_time,
 				   "%s", request->nexthop);
 	    if (status == 0)
diff --git a/postfix/src/global/mail_params.c b/postfix/src/global/mail_params.c
index dc788d5ae..02a666a44 100644
--- a/postfix/src/global/mail_params.c
+++ b/postfix/src/global/mail_params.c
@@ -253,8 +253,6 @@ int     var_strict_7bit_hdrs;
 int     var_strict_8bit_body;
 int     var_strict_encoding;
 
-#define MAIN_CONF_FILE	"main.cf"
-
 /* check_myhostname - lookup hostname and validate */
 
 static const char *check_myhostname(void)
diff --git a/postfix/src/global/mail_params.h b/postfix/src/global/mail_params.h
index 5bc956e7b..0d6809c31 100644
--- a/postfix/src/global/mail_params.h
+++ b/postfix/src/global/mail_params.h
@@ -215,6 +215,9 @@ extern char *var_config_dir;
 #define DEF_CONFIG_DIRS		""
 extern char *var_config_dirs;
 
+#define MAIN_CONF_FILE		"main.cf"
+#define MASTER_CONF_FILE	"master.cf"
+
  /*
   * Preferred type of indexed files. The DEF_DB_TYPE macro value is system
   * dependent. It is defined in .
@@ -283,9 +286,17 @@ extern bool var_disable_vrfy_cmd;
  /*
   * trivial rewrite/resolve service: mapping tables.
   */
-#define VAR_VIRTUAL_MAPS	"virtual_maps"
-#define DEF_VIRTUAL_MAPS	""
-extern char *var_virtual_maps;
+#define VAR_ERROR_TRANSPORT		"error_transport"
+#define DEF_ERROR_TRANSPORT		MAIL_SERVICE_ERROR
+extern char *var_error_transport;
+
+#define VAR_VIRT_ALIAS_MAPS	"virtual_alias_maps"
+#define DEF_VIRT_ALIAS_MAPS	"$virtual_maps"	/* Compatibility! */
+extern char *var_virt_alias_maps;
+
+#define VAR_VIRT_ALIAS_DOMS	"virtual_alias_domains"
+#define DEF_VIRT_ALIAS_DOMS	"$virtual_alias_maps"
+extern char *var_virt_alias_doms;
 
 #define VAR_CANONICAL_MAPS	"canonical_maps"
 #define DEF_CANONICAL_MAPS	""
@@ -1100,6 +1111,10 @@ extern char *var_mynetworks_style;
 #define DEF_RELAY_DOMAINS	"$mydestination"
 extern char *var_relay_domains;
 
+#define VAR_RELAY_TRANSPORT	"relay_transport"
+#define DEF_RELAY_TRANSPORT	MAIL_SERVICE_RELAY
+extern char *var_relay_transport;
+
 #define VAR_CLIENT_CHECKS	"smtpd_client_restrictions"
 #define DEF_CLIENT_CHECKS	""
 extern char *var_client_checks;
@@ -1337,10 +1352,18 @@ extern char *var_export_environ;
  /*
   * Tunables for the "virtual" local delivery agent
   */
+#define VAR_VIRT_TRANSPORT		"virtual_transport"
+#define DEF_VIRT_TRANSPORT		MAIL_SERVICE_VIRTUAL
+extern char *var_virt_transport;
+
 #define VAR_VIRT_MAILBOX_MAPS		"virtual_mailbox_maps"
 #define DEF_VIRT_MAILBOX_MAPS		""
 extern char *var_virt_mailbox_maps;
 
+#define VAR_VIRT_MAILBOX_DOMS		"virtual_mailbox_domains"
+#define DEF_VIRT_MAILBOX_DOMS		"$virtual_mailbox_maps"
+extern char *var_virt_mailbox_doms;
+
 #define VAR_VIRT_UID_MAPS		"virtual_uid_maps"
 #define DEF_VIRT_UID_MAPS		""
 extern char *var_virt_uid_maps;
diff --git a/postfix/src/global/mail_proto.h b/postfix/src/global/mail_proto.h
index 9468016ee..6f6ab8ced 100644
--- a/postfix/src/global/mail_proto.h
+++ b/postfix/src/global/mail_proto.h
@@ -49,6 +49,7 @@
 #define MAIL_SERVICE_SHOWQ	"showq"
 #define MAIL_SERVICE_ERROR	"error"
 #define MAIL_SERVICE_FLUSH	"flush"
+#define MAIL_SERVICE_RELAY	"relay"
 
  /*
   * Well-known socket or FIFO directories. The main difference is in file
diff --git a/postfix/src/global/mail_version.h b/postfix/src/global/mail_version.h
index c0b3c4df7..faff171ec 100644
--- a/postfix/src/global/mail_version.h
+++ b/postfix/src/global/mail_version.h
@@ -20,7 +20,7 @@
   * Patches change the patchlevel and the release date. Snapshots change the
   * release date only, unless they include the same bugfix as a patch release.
   */
-#define MAIL_RELEASE_DATE	"20021203"
+#define MAIL_RELEASE_DATE	"20021207"
 
 #define VAR_MAIL_VERSION	"mail_version"
 #define DEF_MAIL_VERSION	"1.1.12-" MAIL_RELEASE_DATE
diff --git a/postfix/src/global/maps.c b/postfix/src/global/maps.c
index 98979e142..84e8c4db3 100644
--- a/postfix/src/global/maps.c
+++ b/postfix/src/global/maps.c
@@ -21,7 +21,7 @@
 /*	const char *key;
 /*	int	flags;
 /*
-/*	void	maps_free(maps)
+/*	MAPS	*maps_free(maps)
 /*	MAPS	*maps;
 /* DESCRIPTION
 /*	This module implements multi-dictionary searches. it goes
diff --git a/postfix/src/global/resolve_clnt.c b/postfix/src/global/resolve_clnt.c
index 75c29ba90..229444de9 100644
--- a/postfix/src/global/resolve_clnt.c
+++ b/postfix/src/global/resolve_clnt.c
@@ -50,6 +50,8 @@
 /*	the final destination.
 /* .IP RESOLVE_FLAG_ERROR
 /*	The address resolved to something that has invalid syntax.
+/* .IP RESOLVE_FLAG_FAIL
+/*	The request could not be completed.
 /* DIAGNOSTICS
 /*	Warnings: communication failure. Fatal error: mail system is down.
 /* SEE ALSO
@@ -224,12 +226,16 @@ static NORETURN usage(char *myname)
 static void resolve(char *addr, RESOLVE_REPLY *reply)
 {
     resolve_clnt_query(addr, reply);
-    vstream_printf("%-10s %s\n", "address", addr);
-    vstream_printf("%-10s %s\n", "transport", STR(reply->transport));
-    vstream_printf("%-10s %s\n", "nexthop", *STR(reply->nexthop) ?
-		   STR(reply->nexthop) : "[none]");
-    vstream_printf("%-10s %s\n", "recipient", STR(reply->recipient));
-    vstream_fflush(VSTREAM_OUT);
+    if (reply->flags & RESOLVE_FLAG_FAIL) {
+	vstream_printf("request failed\n");
+    } else {
+	vstream_printf("%-10s %s\n", "address", addr);
+	vstream_printf("%-10s %s\n", "transport", STR(reply->transport));
+	vstream_printf("%-10s %s\n", "nexthop", *STR(reply->nexthop) ?
+		       STR(reply->nexthop) : "[none]");
+	vstream_printf("%-10s %s\n", "recipient", STR(reply->recipient));
+	vstream_fflush(VSTREAM_OUT);
+    }
 }
 
 int     main(int argc, char **argv)
diff --git a/postfix/src/global/resolve_clnt.h b/postfix/src/global/resolve_clnt.h
index 80e9aa990..739abee7d 100644
--- a/postfix/src/global/resolve_clnt.h
+++ b/postfix/src/global/resolve_clnt.h
@@ -23,7 +23,14 @@
 
 #define RESOLVE_FLAG_FINAL	(1<<0)	/* final delivery */
 #define RESOLVE_FLAG_ROUTED	(1<<1)	/* routed destination */
-#define RESOLVE_FLAG_ERROR	(1<<2)	/* bad destination */
+#define RESOLVE_FLAG_ERROR	(1<<2)	/* bad destination syntax */
+#define RESOLVE_FLAG_FAIL	(1<<3)	/* request failed */
+
+#define RESOLVE_CLASS_LOCAL	(1<<8)	/* mydestination/inet_interfaces */
+#define RESOLVE_CLASS_ERROR	(1<<9)	/* virtual_alias_domains */
+#define RESOLVE_CLASS_VIRTUAL	(1<<10)	/* virtual_mailbox_domains */
+#define RESOLVE_CLASS_RELAY	(1<<11)	/* relay_domains */
+#define RESOLVE_CLASS_DEFAULT	(1<<12)	/* raise reject_unauth_destination */
 
 typedef struct RESOLVE_REPLY {
     VSTRING *transport;
diff --git a/postfix/src/global/virtual8.h b/postfix/src/global/virtual8.h
index 81ccb7aa3..110ac7deb 100644
--- a/postfix/src/global/virtual8.h
+++ b/postfix/src/global/virtual8.h
@@ -19,7 +19,10 @@
  /*
   * External interface.
   */
+#define virtual8_maps_create(title, map_names, flags) \
+	maps_create((title), (map_names), (flags) | DICT_FLAG_NO_REGSUB)
 extern const char *virtual8_maps_find(MAPS *, const char *);
+#define virtual8_maps_free(maps)	maps_free((maps))
 
 /* LICENSE
 /* .ad
diff --git a/postfix/src/global/virtual8_maps_find.c b/postfix/src/global/virtual8_maps_find.c
index 0d50c9647..135507472 100644
--- a/postfix/src/global/virtual8_maps_find.c
+++ b/postfix/src/global/virtual8_maps_find.c
@@ -6,27 +6,59 @@
 /* SYNOPSIS
 /*	#include 
 /*
+/*	MAPS	*virtual8_maps_create(title, map_names, flags)
+/*	const char *title;
+/*	const char *map_names;
+/*	int	flags;
+/*
 /*	const char *virtual8_maps_find(maps, recipient)
 /*	MAPS	*maps;
 /*	const char *recipient;
+/*
+/*	MAPS	*virtual8_maps_free(maps)
+/*	MAPS	*maps;
 /* DESCRIPTION
-/*	virtual8_maps_find() does user lookups for the virtual delivery
-/*	agent. The code is made available as a library routine so that
+/*	This module does user lookups for the virtual delivery
+/*	agent. The code is made available as a library module so that
 /*	other programs can perform compatible queries.
 /*
-/*	A zero result means that the named user was not found.
+/*	virtual8_maps_create() takes list of type:name pairs and opens the
+/*	named dictionaries.
+/*	The result is a handle that must be specified along with all
+/*	other virtual8_maps_xxx() operations.
+/*	See dict_open(3) for a description of flags. virtual8_maps_create()
+/*	implicitly sets the DICT_FLAG_NO_REGSUB flag in order to disable
+/*	regular expression substitution into the lookup result.
+/*
+/*	virtual8_maps_find() searches the specified list of dictionaries
+/*	in the specified order for the named key. The result is in
+/*	memory that is overwritten upon each call.
+/*
+/*	virtual8_maps_free() releases storage claimed by virtual8_maps_create()
+/*	and conveniently returns a null pointer.
 /*
 /*	Arguments:
+/* .IP title
+/*	String used for diagnostics. Typically one specifies the
+/*	type of information stored in the lookup tables.
+/* .IP map_names
+/*	Null-terminated string with type:name dictionary specifications,
+/*	separated by whitespace or commas.
 /* .IP maps
-/*	List of pre-opened lookup tables.
-/* .IP recipient
-/*	Recipient address. An optional address extension is ignored.
+/*	A result from maps_create().
+/* .IP key
+/*	Null-terminated string with a lookup key. Table lookup is case
+/*	sensitive.
 /* DIAGNOSTICS
 /*	The dict_errno variable is non-zero in case of problems.
 /* BUGS
 /*	This code is a temporary solution that implements a hard-coded
 /*	lookup strategy. In a future version of Postfix, the lookup
 /*	strategy should become configurable.
+/* SEE ALSO
+/*	virtual(8) virtual mailbox delivery agent
+/*	maps(3) multi-dictionary search
+/*	dict_open(3) low-level dictionary interface
 /* LICENSE
 /* .ad
 /* .fi
@@ -82,7 +114,7 @@ const char *virtual8_maps_find(MAPS *maps, const char *recipient)
      * Look up the full address.
      */
     if (bare == 0) {
-	result = maps_find(maps, recipient, DICT_FLAG_FIXED);
+	result = maps_find(maps, recipient, DICT_FLAG_NONE);
 	if (result != 0 || dict_errno != 0)
 	    return (result);
     }
diff --git a/postfix/src/local/alias.c b/postfix/src/local/alias.c
index 3145cbd40..814af40cc 100644
--- a/postfix/src/local/alias.c
+++ b/postfix/src/local/alias.c
@@ -184,15 +184,11 @@ int     deliver_alias(LOCAL_STATE state, USER_ATTR usr_attr,
      * sender and owner attributes. Otherwise, the owner attribute is reset
      * (the alias is globally visible and could be sent to by anyone).
      * 
-     * Don't match aliases that are based on regexps.
+     * Don't allow regexp substitutions.
      */
     for (cpp = alias_maps->argv->argv; *cpp; cpp++) {
 	if ((dict = dict_handle(*cpp)) == 0)
 	    msg_panic("%s: dictionary not found: %s", myname, *cpp);
-	if ((dict->flags & ALIAS_DICT_FLAGS) != ALIAS_DICT_FLAGS) {
-	    msg_warn("invalid alias map type: %s", *cpp);
-	    continue;
-	}
 	if ((alias_result = dict_get(dict, name)) != 0) {
 	    if (msg_verbose)
 		msg_info("%s: %s: %s = %s", myname, *cpp, name, alias_result);
@@ -243,7 +239,7 @@ int     deliver_alias(LOCAL_STATE state, USER_ATTR usr_attr,
 
 	    expansion = mystrdup(alias_result);
 	    if (OWNER_ASSIGN(owner) != 0
-	    && (owner_rhs = maps_find(alias_maps, owner, ALIAS_DICT_FLAGS)) != 0) {
+	    && (owner_rhs = maps_find(alias_maps, owner, DICT_FLAG_NONE)) != 0) {
 		canon_owner = canon_addr_internal(vstring_alloc(10),
 				     var_exp_own_alias ? owner_rhs : owner);
 		SET_OWNER_ATTR(state.msg_attr, STR(canon_owner), state.level);
diff --git a/postfix/src/local/local.c b/postfix/src/local/local.c
index 7bcf940d9..40af80a80 100644
--- a/postfix/src/local/local.c
+++ b/postfix/src/local/local.c
@@ -676,7 +676,8 @@ static void pre_init(char *unused_name, char **unused_argv)
 		      VAR_MAILBOX_LIMIT, VAR_MESSAGE_LIMIT);
 	set_file_limit(var_mailbox_limit);
     }
-    alias_maps = maps_create("aliases", var_alias_maps, DICT_FLAG_LOCK);
+    alias_maps = maps_create("aliases", var_alias_maps,
+			     DICT_FLAG_LOCK | DICT_FLAG_NO_REGSUB);
 }
 
 /* main - pass control to the single-threaded skeleton */
diff --git a/postfix/src/local/local.h b/postfix/src/local/local.h
index 764affd77..ef1e256fb 100644
--- a/postfix/src/local/local.h
+++ b/postfix/src/local/local.h
@@ -222,7 +222,6 @@ int     local_expand(VSTRING *, const char *, LOCAL_STATE *, USER_ATTR *, const
   * alias.c
   */
 extern MAPS *alias_maps;
-#define ALIAS_DICT_FLAGS	DICT_FLAG_FIXED
 
 /* LICENSE
 /* .ad
diff --git a/postfix/src/local/recipient.c b/postfix/src/local/recipient.c
index 03d1ade72..e0b6443f4 100644
--- a/postfix/src/local/recipient.c
+++ b/postfix/src/local/recipient.c
@@ -241,7 +241,7 @@ int     deliver_recipient(LOCAL_STATE state, USER_ATTR usr_attr)
 #define FIND_OWNER(lhs, rhs, addr) { \
 	lhs = concatenate("owner-", addr, (char *) 0); \
 	(void) split_at_right(lhs, '@'); \
-	rhs = maps_find(alias_maps, lhs, ALIAS_DICT_FLAGS); \
+	rhs = maps_find(alias_maps, lhs, DICT_FLAG_NONE); \
     }
 
 	    FIND_OWNER(owner_alias, owner_expansion, state.msg_attr.recipient);
diff --git a/postfix/src/local/resolve.c b/postfix/src/local/resolve.c
index 3f99dce0c..fbc633f7f 100644
--- a/postfix/src/local/resolve.c
+++ b/postfix/src/local/resolve.c
@@ -62,6 +62,7 @@
 #include 
 #include 
 #include 
+#include 
 
 /* Application-specific. */
 
@@ -113,36 +114,44 @@ int     deliver_resolve_tree(LOCAL_STATE state, USER_ATTR usr_attr, TOK822 *addr
     tok822_rewrite(addr, REWRITE_CANON);
     tok822_resolve(addr, &reply);
 
-    /*
-     * Splice in the optional unmatched address extension.
-     */
-    if (state.msg_attr.unmatched) {
-	if ((ratsign = strrchr(STR(reply.recipient), '@')) == 0) {
-	    VSTRING_ADDCH(reply.recipient, *var_rcpt_delim);
-	    vstring_strcat(reply.recipient, state.msg_attr.unmatched);
+    if (reply.flags & RESOLVE_FLAG_FAIL) {
+	status = defer_append(BOUNCE_FLAG_KEEP,	/* XXX */
+			      BOUNCE_ATTR(state.msg_attr),
+			      "address resolver failure");
+    } else {
+
+	/*
+	 * Splice in the optional unmatched address extension.
+	 */
+	if (state.msg_attr.unmatched) {
+	    if ((ratsign = strrchr(STR(reply.recipient), '@')) == 0) {
+		VSTRING_ADDCH(reply.recipient, *var_rcpt_delim);
+		vstring_strcat(reply.recipient, state.msg_attr.unmatched);
+	    } else {
+		ext_len = strlen(state.msg_attr.unmatched);
+		VSTRING_SPACE(reply.recipient, ext_len + 2);
+		if ((ratsign = strrchr(STR(reply.recipient), '@')) == 0)
+		    msg_panic("%s: recipient @ botch", myname);
+		memmove(ratsign + ext_len + 1, ratsign, strlen(ratsign) + 1);
+		*ratsign = *var_rcpt_delim;
+		memcpy(ratsign + 1, state.msg_attr.unmatched, ext_len);
+		VSTRING_SKIP(reply.recipient);
+	    }
+	}
+	state.msg_attr.recipient = STR(reply.recipient);
+
+	/*
+	 * Delivery to a local or non-local address. For a while there was
+	 * some ugly code to force local recursive alias expansions on a host
+	 * with no authority over the local domain, but that code was just
+	 * too unclean.
+	 */
+	if (strcmp(state.msg_attr.relay, STR(reply.transport)) == 0) {
+	    status = deliver_recipient(state, usr_attr);
 	} else {
-	    ext_len = strlen(state.msg_attr.unmatched);
-	    VSTRING_SPACE(reply.recipient, ext_len + 2);
-	    if ((ratsign = strrchr(STR(reply.recipient), '@')) == 0)
-		msg_panic("%s: recipient @ botch", myname);
-	    memmove(ratsign + ext_len + 1, ratsign, strlen(ratsign) + 1);
-	    *ratsign = *var_rcpt_delim;
-	    memcpy(ratsign + 1, state.msg_attr.unmatched, ext_len);
-	    VSTRING_SKIP(reply.recipient);
+	    status = deliver_indirect(state);
 	}
     }
-    state.msg_attr.recipient = STR(reply.recipient);
-
-    /*
-     * Delivery to a local or non-local address. For a while there was some
-     * ugly code to force local recursive alias expansions on a host with no
-     * authority over the local domain, but that code was just too unclean.
-     */
-    if (strcmp(state.msg_attr.relay, STR(reply.transport)) == 0) {
-	status = deliver_recipient(state, usr_attr);
-    } else {
-	status = deliver_indirect(state);
-    }
 
     /*
      * Cleanup.
diff --git a/postfix/src/master/master_vars.c b/postfix/src/master/master_vars.c
index ad4480b13..d82ae49f9 100644
--- a/postfix/src/master/master_vars.c
+++ b/postfix/src/master/master_vars.c
@@ -65,7 +65,7 @@ void    master_vars_init(void)
     mail_conf_read();
     get_mail_conf_int_table(int_table);
     get_mail_conf_time_table(time_table);
-    path = concatenate(var_config_dir, "/master.cf", (char *) 0);
+    path = concatenate(var_config_dir, "/", MASTER_CONF_FILE, (char *) 0);
     fset_master_ent(path);
     myfree(path);
 }
diff --git a/postfix/src/master/multi_server.c b/postfix/src/master/multi_server.c
index 602db54c7..d22de4b13 100644
--- a/postfix/src/master/multi_server.c
+++ b/postfix/src/master/multi_server.c
@@ -249,11 +249,15 @@ static void multi_server_execute(int unused_event, char *context)
     /*
      * Do not bother the application when the client disconnected.
      */
+    if (master_notify(var_pid, MASTER_STAT_TAKEN) < 0)
+        multi_server_abort(EVENT_NULL_TYPE, EVENT_NULL_CONTEXT);
     if (peekfd(vstream_fileno(stream)) > 0) {
 	multi_server_service(stream, multi_server_name, multi_server_argv);
     } else {
 	multi_server_disconnect(stream);
     }
+    if (master_notify(var_pid, MASTER_STAT_AVAIL) < 0)
+        multi_server_abort(EVENT_NULL_TYPE, EVENT_NULL_CONTEXT);
     if (client_count == 0 && var_idle_limit > 0)
 	event_request_timer(multi_server_timeout, (char *) 0, var_idle_limit);
 }
diff --git a/postfix/src/nqmgr/Makefile.in b/postfix/src/nqmgr/Makefile.in
index 739cb3f42..f2b846ea4 100644
--- a/postfix/src/nqmgr/Makefile.in
+++ b/postfix/src/nqmgr/Makefile.in
@@ -83,7 +83,6 @@ qmgr.o: ../../include/master_proto.h
 qmgr.o: ../../include/mail_server.h
 qmgr.o: qmgr.h
 qmgr.o: ../../include/scan_dir.h
-qmgr.o: ../../include/maps.h
 qmgr_active.o: qmgr_active.c
 qmgr_active.o: ../../include/sys_defs.h
 qmgr_active.o: ../../include/msg.h
@@ -102,9 +101,6 @@ qmgr_active.o: ../../include/abounce.h
 qmgr_active.o: ../../include/rec_type.h
 qmgr_active.o: qmgr.h
 qmgr_active.o: ../../include/scan_dir.h
-qmgr_active.o: ../../include/maps.h
-qmgr_active.o: ../../include/dict.h
-qmgr_active.o: ../../include/argv.h
 qmgr_bounce.o: qmgr_bounce.c
 qmgr_bounce.o: ../../include/sys_defs.h
 qmgr_bounce.o: ../../include/bounce.h
@@ -113,9 +109,6 @@ qmgr_bounce.o: ../../include/vstream.h
 qmgr_bounce.o: ../../include/vbuf.h
 qmgr_bounce.o: qmgr.h
 qmgr_bounce.o: ../../include/scan_dir.h
-qmgr_bounce.o: ../../include/maps.h
-qmgr_bounce.o: ../../include/dict.h
-qmgr_bounce.o: ../../include/argv.h
 qmgr_defer.o: qmgr_defer.c
 qmgr_defer.o: ../../include/sys_defs.h
 qmgr_defer.o: ../../include/msg.h
@@ -125,9 +118,6 @@ qmgr_defer.o: ../../include/defer.h
 qmgr_defer.o: ../../include/bounce.h
 qmgr_defer.o: qmgr.h
 qmgr_defer.o: ../../include/scan_dir.h
-qmgr_defer.o: ../../include/maps.h
-qmgr_defer.o: ../../include/dict.h
-qmgr_defer.o: ../../include/argv.h
 qmgr_deliver.o: qmgr_deliver.c
 qmgr_deliver.o: ../../include/sys_defs.h
 qmgr_deliver.o: ../../include/msg.h
@@ -146,9 +136,6 @@ qmgr_deliver.o: ../../include/deliver_request.h
 qmgr_deliver.o: ../../include/verp_sender.h
 qmgr_deliver.o: qmgr.h
 qmgr_deliver.o: ../../include/scan_dir.h
-qmgr_deliver.o: ../../include/maps.h
-qmgr_deliver.o: ../../include/dict.h
-qmgr_deliver.o: ../../include/argv.h
 qmgr_enable.o: qmgr_enable.c
 qmgr_enable.o: ../../include/sys_defs.h
 qmgr_enable.o: ../../include/msg.h
@@ -156,9 +143,6 @@ qmgr_enable.o: ../../include/vstream.h
 qmgr_enable.o: ../../include/vbuf.h
 qmgr_enable.o: qmgr.h
 qmgr_enable.o: ../../include/scan_dir.h
-qmgr_enable.o: ../../include/maps.h
-qmgr_enable.o: ../../include/dict.h
-qmgr_enable.o: ../../include/argv.h
 qmgr_entry.o: qmgr_entry.c
 qmgr_entry.o: ../../include/sys_defs.h
 qmgr_entry.o: ../../include/msg.h
@@ -169,9 +153,6 @@ qmgr_entry.o: ../../include/vbuf.h
 qmgr_entry.o: ../../include/mail_params.h
 qmgr_entry.o: qmgr.h
 qmgr_entry.o: ../../include/scan_dir.h
-qmgr_entry.o: ../../include/maps.h
-qmgr_entry.o: ../../include/dict.h
-qmgr_entry.o: ../../include/argv.h
 qmgr_job.o: qmgr_job.c
 qmgr_job.o: ../../include/sys_defs.h
 qmgr_job.o: ../../include/msg.h
@@ -182,9 +163,6 @@ qmgr_job.o: qmgr.h
 qmgr_job.o: ../../include/vstream.h
 qmgr_job.o: ../../include/vbuf.h
 qmgr_job.o: ../../include/scan_dir.h
-qmgr_job.o: ../../include/maps.h
-qmgr_job.o: ../../include/dict.h
-qmgr_job.o: ../../include/argv.h
 qmgr_message.o: qmgr_message.c
 qmgr_message.o: ../../include/sys_defs.h
 qmgr_message.o: ../../include/msg.h
@@ -206,8 +184,6 @@ qmgr_message.o: ../../include/record.h
 qmgr_message.o: ../../include/rec_type.h
 qmgr_message.o: ../../include/sent.h
 qmgr_message.o: ../../include/deliver_completed.h
-qmgr_message.o: ../../include/mail_addr_find.h
-qmgr_message.o: ../../include/maps.h
 qmgr_message.o: ../../include/opened.h
 qmgr_message.o: ../../include/resolve_local.h
 qmgr_message.o: ../../include/verp_sender.h
@@ -228,9 +204,6 @@ qmgr_move.o: ../../include/vbuf.h
 qmgr_move.o: ../../include/vstream.h
 qmgr_move.o: ../../include/mail_scan_dir.h
 qmgr_move.o: qmgr.h
-qmgr_move.o: ../../include/maps.h
-qmgr_move.o: ../../include/dict.h
-qmgr_move.o: ../../include/argv.h
 qmgr_peer.o: qmgr_peer.c
 qmgr_peer.o: ../../include/sys_defs.h
 qmgr_peer.o: ../../include/msg.h
@@ -240,9 +213,6 @@ qmgr_peer.o: qmgr.h
 qmgr_peer.o: ../../include/vstream.h
 qmgr_peer.o: ../../include/vbuf.h
 qmgr_peer.o: ../../include/scan_dir.h
-qmgr_peer.o: ../../include/maps.h
-qmgr_peer.o: ../../include/dict.h
-qmgr_peer.o: ../../include/argv.h
 qmgr_queue.o: qmgr_queue.c
 qmgr_queue.o: ../../include/sys_defs.h
 qmgr_queue.o: ../../include/msg.h
@@ -255,9 +225,6 @@ qmgr_queue.o: qmgr.h
 qmgr_queue.o: ../../include/vstream.h
 qmgr_queue.o: ../../include/vbuf.h
 qmgr_queue.o: ../../include/scan_dir.h
-qmgr_queue.o: ../../include/maps.h
-qmgr_queue.o: ../../include/dict.h
-qmgr_queue.o: ../../include/argv.h
 qmgr_rcpt_list.o: qmgr_rcpt_list.c
 qmgr_rcpt_list.o: ../../include/sys_defs.h
 qmgr_rcpt_list.o: ../../include/mymalloc.h
@@ -265,9 +232,6 @@ qmgr_rcpt_list.o: qmgr.h
 qmgr_rcpt_list.o: ../../include/vstream.h
 qmgr_rcpt_list.o: ../../include/vbuf.h
 qmgr_rcpt_list.o: ../../include/scan_dir.h
-qmgr_rcpt_list.o: ../../include/maps.h
-qmgr_rcpt_list.o: ../../include/dict.h
-qmgr_rcpt_list.o: ../../include/argv.h
 qmgr_scan.o: qmgr_scan.c
 qmgr_scan.o: ../../include/sys_defs.h
 qmgr_scan.o: ../../include/msg.h
@@ -277,9 +241,6 @@ qmgr_scan.o: ../../include/mail_scan_dir.h
 qmgr_scan.o: qmgr.h
 qmgr_scan.o: ../../include/vstream.h
 qmgr_scan.o: ../../include/vbuf.h
-qmgr_scan.o: ../../include/maps.h
-qmgr_scan.o: ../../include/dict.h
-qmgr_scan.o: ../../include/argv.h
 qmgr_transport.o: qmgr_transport.c
 qmgr_transport.o: ../../include/sys_defs.h
 qmgr_transport.o: ../../include/msg.h
@@ -296,6 +257,3 @@ qmgr_transport.o: ../../include/mail_conf.h
 qmgr_transport.o: ../../include/mail_params.h
 qmgr_transport.o: qmgr.h
 qmgr_transport.o: ../../include/scan_dir.h
-qmgr_transport.o: ../../include/maps.h
-qmgr_transport.o: ../../include/dict.h
-qmgr_transport.o: ../../include/argv.h
diff --git a/postfix/src/nqmgr/qmgr.c b/postfix/src/nqmgr/qmgr.c
index 0d1603d75..f0a5135ab 100644
--- a/postfix/src/nqmgr/qmgr.c
+++ b/postfix/src/nqmgr/qmgr.c
@@ -16,10 +16,6 @@
 /*	Mail addressed to the local \fBdouble-bounce\fR address is silently
 /*	discarded.  This stops potential loops caused by undeliverable
 /*	bounce notifications.
-/*
-/*	Mail addressed to a user listed in the optional \fBrelocated\fR
-/*	database is bounced with a "user has moved to \fInew_location\fR"
-/*	message. See \fBrelocated\fR(5) for a precise description.
 /* MAIL QUEUES
 /* .ad
 /* .fi
@@ -154,9 +150,6 @@
 /* .fi
 /* .IP \fBallow_min_user\fR
 /*	Do not bounce recipient addresses that begin with '-'.
-/* .IP \fBrelocated_maps\fR
-/*	Tables with contact information for users, hosts or domains
-/*	that no longer exist. See \fBrelocated\fR(5).
 /* .IP \fBqueue_directory\fR
 /*	Top-level directory of the Postfix queue.
 /* .SH "Active queue controls"
@@ -264,7 +257,6 @@
 /*	Default values for the transport specific parameters described above.
 /* SEE ALSO
 /*	master(8), process manager
-/*	relocated(5), format of the "user has moved" table
 /*	syslogd(8) system logging
 /*	trivial-rewrite(8), address routing
 /* LICENSE
@@ -335,8 +327,6 @@ int     var_init_dest_concurrency;
 int     var_transport_retry_time;
 int     var_dest_con_limit;
 int     var_dest_rcpt_limit;
-char   *var_relocated_maps;
-char   *var_virtual_maps;
 char   *var_defer_xports;
 bool    var_allow_min_user;
 int     var_local_con_lim;
@@ -349,9 +339,6 @@ int     var_qmgr_clog_warn_time;
 static QMGR_SCAN *qmgr_incoming;
 static QMGR_SCAN *qmgr_deferred;
 
-MAPS   *qmgr_relocated;
-MAPS   *qmgr_virtual;
-
 /* qmgr_deferred_run_event - queue manager heartbeat */
 
 static void qmgr_deferred_run_event(int unused_event, char *dummy)
@@ -492,18 +479,6 @@ static void pre_accept(char *unused_name, char **unused_argv)
     }
 }
 
-/* qmgr_pre_init - pre-jail initialization */
-
-static void qmgr_pre_init(char *unused_name, char **unused_argv)
-{
-    if (*var_relocated_maps)
-	qmgr_relocated = maps_create("relocated", var_relocated_maps,
-				     DICT_FLAG_LOCK);
-    if (*var_virtual_maps)
-	qmgr_virtual = maps_create("virtual", var_virtual_maps,
-				   DICT_FLAG_LOCK);
-}
-
 /* qmgr_post_init - post-jail initialization */
 
 static void qmgr_post_init(char *unused_name, char **unused_argv)
@@ -544,8 +519,6 @@ static void qmgr_post_init(char *unused_name, char **unused_argv)
 int     main(int argc, char **argv)
 {
     static CONFIG_STR_TABLE str_table[] = {
-	VAR_RELOCATED_MAPS, DEF_RELOCATED_MAPS, &var_relocated_maps, 0, 0,
-	VAR_VIRTUAL_MAPS, DEF_VIRTUAL_MAPS, &var_virtual_maps, 0, 0,
 	VAR_DEFER_XPORTS, DEF_DEFER_XPORTS, &var_defer_xports, 0, 0,
 	0,
     };
@@ -593,7 +566,6 @@ int     main(int argc, char **argv)
 			MAIL_SERVER_STR_TABLE, str_table,
 			MAIL_SERVER_BOOL_TABLE, bool_table,
 			MAIL_SERVER_TIME_TABLE, time_table,
-			MAIL_SERVER_PRE_INIT, qmgr_pre_init,
 			MAIL_SERVER_POST_INIT, qmgr_post_init,
 			MAIL_SERVER_LOOP, qmgr_loop,
 			MAIL_SERVER_PRE_ACCEPT, pre_accept,
diff --git a/postfix/src/nqmgr/qmgr.h b/postfix/src/nqmgr/qmgr.h
index 748501aed..76bd52b3e 100644
--- a/postfix/src/nqmgr/qmgr.h
+++ b/postfix/src/nqmgr/qmgr.h
@@ -14,11 +14,6 @@
 #include 
 #include 
 
- /*
-  * Global library.
-  */
-#include 
-
  /*
   * The queue manager is built around lots of mutually-referring structures.
   * These typedefs save some typing.
@@ -290,8 +285,6 @@ struct QMGR_MESSAGE {
 
 extern int qmgr_message_count;
 extern int qmgr_recipient_count;
-extern MAPS *qmgr_relocated;
-extern MAPS *qmgr_virtual;
 
 extern void qmgr_message_free(QMGR_MESSAGE *);
 extern void qmgr_message_update_warn(QMGR_MESSAGE *);
@@ -360,7 +353,7 @@ extern void qmgr_peer_free(QMGR_PEER *);
   */
 extern void qmgr_defer_transport(QMGR_TRANSPORT *, const char *);
 extern void qmgr_defer_todo(QMGR_QUEUE *, const char *);
-extern void qmgr_defer_recipient(QMGR_MESSAGE *, const char *, const char *, const char *);
+extern void qmgr_defer_recipient(QMGR_MESSAGE *, QMGR_RCPT *, const char *);
 
  /*
   * qmgr_bounce.c
diff --git a/postfix/src/nqmgr/qmgr_defer.c b/postfix/src/nqmgr/qmgr_defer.c
index f0dd7c63b..21ffdd6fd 100644
--- a/postfix/src/nqmgr/qmgr_defer.c
+++ b/postfix/src/nqmgr/qmgr_defer.c
@@ -6,9 +6,9 @@
 /* SYNOPSIS
 /*	#include "qmgr.h"
 /*
-/*	void	qmgr_defer_recipient(message, address, reason)
+/*	void	qmgr_defer_recipient(message, recipient, reason)
 /*	QMGR_MESSAGE *message;
-/*	const char *address;
+/*	QMGR_RCPT *recipient;
 /*	const char *reason;
 /*
 /*	void	qmgr_defer_todo(queue, reason)
@@ -136,8 +136,7 @@ void    qmgr_defer_todo(QMGR_QUEUE *queue, const char *reason)
 	message = entry->message;
 	for (nrcpt = 0; nrcpt < entry->rcpt_list.len; nrcpt++) {
 	    recipient = entry->rcpt_list.info + nrcpt;
-	    qmgr_defer_recipient(message, recipient->orig_rcpt,
-				 recipient->address, reason);
+	    qmgr_defer_recipient(message, recipient, reason);
 	}
 	qmgr_entry_done(entry, QMGR_QUEUE_TODO);
     }
@@ -145,8 +144,8 @@ void    qmgr_defer_todo(QMGR_QUEUE *queue, const char *reason)
 
 /* qmgr_defer_recipient - defer delivery of specific recipient */
 
-void    qmgr_defer_recipient(QMGR_MESSAGE *message, const char *orig_addr,
-			             const char *address, const char *reason)
+void    qmgr_defer_recipient(QMGR_MESSAGE *message, QMGR_RCPT *recipient,
+			             const char *reason)
 {
     char   *myname = "qmgr_defer_recipient";
 
@@ -160,6 +159,6 @@ void    qmgr_defer_recipient(QMGR_MESSAGE *message, const char *orig_addr,
      * Update the message structure and log the message disposition.
      */
     message->flags |= defer_append(BOUNCE_FLAG_KEEP, message->queue_id,
-				   orig_addr, address, "none",
-				   message->arrival_time, "%s", reason);
+				   recipient->orig_rcpt, recipient->address,
+			       "none", message->arrival_time, "%s", reason);
 }
diff --git a/postfix/src/nqmgr/qmgr_message.c b/postfix/src/nqmgr/qmgr_message.c
index ff2c9205f..31420c70d 100644
--- a/postfix/src/nqmgr/qmgr_message.c
+++ b/postfix/src/nqmgr/qmgr_message.c
@@ -118,7 +118,6 @@
 #include 
 #include 
 #include 
-#include 
 #include 
 #include 
 #include 
@@ -626,11 +625,8 @@ static void qmgr_message_resolve(QMGR_MESSAGE *message)
     QMGR_TRANSPORT *transport = 0;
     QMGR_QUEUE *queue = 0;
     RESOLVE_REPLY reply;
-    const char *newloc;
     char   *at;
     char  **cpp;
-    char   *domain;
-    const char *junk;
     char   *nexthop;
     int     len;
 
@@ -664,6 +660,11 @@ static void qmgr_message_resolve(QMGR_MESSAGE *message)
 	 */
 	if (var_sender_routing == 0) {
 	    resolve_clnt_query(recipient->address, &reply);
+	    if (reply.flags & RESOLVE_FLAG_FAIL) {
+		qmgr_defer_recipient(message, recipient,
+				     "address resolver failure");
+		continue;
+	    }
 	    if (reply.flags & RESOLVE_FLAG_ERROR) {
 		qmgr_bounce_recipient(message, recipient,
 				      "bad address syntax: \"%s\"",
@@ -672,6 +673,11 @@ static void qmgr_message_resolve(QMGR_MESSAGE *message)
 	    }
 	} else {
 	    resolve_clnt_query(message->sender, &reply);
+	    if (reply.flags & RESOLVE_FLAG_FAIL) {
+		qmgr_defer_recipient(message, recipient,
+				     "address resolver failure");
+		continue;
+	    }
 	    if (reply.flags & RESOLVE_FLAG_ERROR) {
 		qmgr_bounce_recipient(message, recipient,
 				      "bad address syntax: \"%s\"",
@@ -703,47 +709,6 @@ static void qmgr_message_resolve(QMGR_MESSAGE *message)
 	 */
 	lowercase(STR(reply.nexthop));
 
-	/*
-	 * Bounce recipients that have moved. We do it here instead of in the
-	 * local delivery agent. The benefit is that we can bounce mail for
-	 * virtual addresses, not just local addresses only, and that there
-	 * is no need to run a local delivery agent just for the sake of
-	 * relocation notices. The downside is that this table has no effect
-	 * on local alias expansion results, so that mail will have to make
-	 * almost an entire iteration through the mail system.
-	 */
-#define IGNORE_ADDR_EXTENSION	((char **) 0)
-
-	if (qmgr_relocated != 0) {
-	    if ((newloc = mail_addr_find(qmgr_relocated, recipient->address,
-					 IGNORE_ADDR_EXTENSION)) != 0) {
-		qmgr_bounce_recipient(message, recipient,
-				      "user has moved to %s", newloc);
-		continue;
-	    } else if (dict_errno != 0) {
-		qmgr_defer_recipient(message, recipient->orig_rcpt,
-				     recipient->address,
-				     "relocated map lookup failure");
-		continue;
-	    }
-	}
-
-	/*
-	 * Bounce mail to non-existent users in virtual domains.
-	 */
-	if (qmgr_virtual != 0
-	    && (at = strrchr(recipient->address, '@')) != 0
-	    && !resolve_local(at + 1)) {
-	    domain = lowercase(mystrdup(at + 1));
-	    junk = maps_find(qmgr_virtual, domain, 0);
-	    myfree(domain);
-	    if (junk) {
-		qmgr_bounce_recipient(message, recipient,
-				"unknown user: \"%s\"", recipient->address);
-		continue;
-	    }
-	}
-
 	/*
 	 * Bounce recipient addresses that start with `-'. External commands
 	 * may misinterpret such addresses as command-line options.
@@ -829,9 +794,7 @@ static void qmgr_message_resolve(QMGR_MESSAGE *message)
 		if (strcmp(*cpp, STR(reply.transport)) == 0)
 		    break;
 	    if (*cpp) {
-		qmgr_defer_recipient(message, recipient->orig_rcpt,
-				     recipient->address,
-				     "deferred transport");
+		qmgr_defer_recipient(message, recipient, "deferred transport");
 		continue;
 	    }
 	}
@@ -860,8 +823,7 @@ static void qmgr_message_resolve(QMGR_MESSAGE *message)
 	 * This transport is dead. Defer delivery to this recipient.
 	 */
 	if ((transport->flags & QMGR_TRANSPORT_STAT_DEAD) != 0) {
-	    qmgr_defer_recipient(message, recipient->orig_rcpt,
-				 recipient->address, transport->reason);
+	    qmgr_defer_recipient(message, recipient, transport->reason);
 	    continue;
 	}
 
@@ -878,8 +840,7 @@ static void qmgr_message_resolve(QMGR_MESSAGE *message)
 	 * This queue is dead. Defer delivery to this recipient.
 	 */
 	if (queue->window == 0) {
-	    qmgr_defer_recipient(message, recipient->orig_rcpt,
-				 recipient->address, queue->reason);
+	    qmgr_defer_recipient(message, recipient, queue->reason);
 	    continue;
 	}
 
diff --git a/postfix/src/qmgr/Makefile.in b/postfix/src/qmgr/Makefile.in
index 4f364f5b9..f3cd4c2c6 100644
--- a/postfix/src/qmgr/Makefile.in
+++ b/postfix/src/qmgr/Makefile.in
@@ -81,7 +81,6 @@ qmgr.o: ../../include/master_proto.h
 qmgr.o: ../../include/mail_server.h
 qmgr.o: qmgr.h
 qmgr.o: ../../include/scan_dir.h
-qmgr.o: ../../include/maps.h
 qmgr_active.o: qmgr_active.c
 qmgr_active.o: ../../include/sys_defs.h
 qmgr_active.o: ../../include/msg.h
@@ -100,9 +99,6 @@ qmgr_active.o: ../../include/abounce.h
 qmgr_active.o: ../../include/rec_type.h
 qmgr_active.o: qmgr.h
 qmgr_active.o: ../../include/scan_dir.h
-qmgr_active.o: ../../include/maps.h
-qmgr_active.o: ../../include/dict.h
-qmgr_active.o: ../../include/argv.h
 qmgr_bounce.o: qmgr_bounce.c
 qmgr_bounce.o: ../../include/sys_defs.h
 qmgr_bounce.o: ../../include/bounce.h
@@ -111,9 +107,6 @@ qmgr_bounce.o: ../../include/vstream.h
 qmgr_bounce.o: ../../include/vbuf.h
 qmgr_bounce.o: qmgr.h
 qmgr_bounce.o: ../../include/scan_dir.h
-qmgr_bounce.o: ../../include/maps.h
-qmgr_bounce.o: ../../include/dict.h
-qmgr_bounce.o: ../../include/argv.h
 qmgr_defer.o: qmgr_defer.c
 qmgr_defer.o: ../../include/sys_defs.h
 qmgr_defer.o: ../../include/msg.h
@@ -123,9 +116,6 @@ qmgr_defer.o: ../../include/defer.h
 qmgr_defer.o: ../../include/bounce.h
 qmgr_defer.o: qmgr.h
 qmgr_defer.o: ../../include/scan_dir.h
-qmgr_defer.o: ../../include/maps.h
-qmgr_defer.o: ../../include/dict.h
-qmgr_defer.o: ../../include/argv.h
 qmgr_deliver.o: qmgr_deliver.c
 qmgr_deliver.o: ../../include/sys_defs.h
 qmgr_deliver.o: ../../include/msg.h
@@ -144,9 +134,6 @@ qmgr_deliver.o: ../../include/deliver_request.h
 qmgr_deliver.o: ../../include/verp_sender.h
 qmgr_deliver.o: qmgr.h
 qmgr_deliver.o: ../../include/scan_dir.h
-qmgr_deliver.o: ../../include/maps.h
-qmgr_deliver.o: ../../include/dict.h
-qmgr_deliver.o: ../../include/argv.h
 qmgr_enable.o: qmgr_enable.c
 qmgr_enable.o: ../../include/sys_defs.h
 qmgr_enable.o: ../../include/msg.h
@@ -154,9 +141,6 @@ qmgr_enable.o: ../../include/vstream.h
 qmgr_enable.o: ../../include/vbuf.h
 qmgr_enable.o: qmgr.h
 qmgr_enable.o: ../../include/scan_dir.h
-qmgr_enable.o: ../../include/maps.h
-qmgr_enable.o: ../../include/dict.h
-qmgr_enable.o: ../../include/argv.h
 qmgr_entry.o: qmgr_entry.c
 qmgr_entry.o: ../../include/sys_defs.h
 qmgr_entry.o: ../../include/msg.h
@@ -167,9 +151,6 @@ qmgr_entry.o: ../../include/vbuf.h
 qmgr_entry.o: ../../include/mail_params.h
 qmgr_entry.o: qmgr.h
 qmgr_entry.o: ../../include/scan_dir.h
-qmgr_entry.o: ../../include/maps.h
-qmgr_entry.o: ../../include/dict.h
-qmgr_entry.o: ../../include/argv.h
 qmgr_message.o: qmgr_message.c
 qmgr_message.o: ../../include/sys_defs.h
 qmgr_message.o: ../../include/msg.h
@@ -190,8 +171,6 @@ qmgr_message.o: ../../include/record.h
 qmgr_message.o: ../../include/rec_type.h
 qmgr_message.o: ../../include/sent.h
 qmgr_message.o: ../../include/deliver_completed.h
-qmgr_message.o: ../../include/mail_addr_find.h
-qmgr_message.o: ../../include/maps.h
 qmgr_message.o: ../../include/opened.h
 qmgr_message.o: ../../include/resolve_local.h
 qmgr_message.o: ../../include/verp_sender.h
@@ -212,9 +191,6 @@ qmgr_move.o: ../../include/vbuf.h
 qmgr_move.o: ../../include/vstream.h
 qmgr_move.o: ../../include/mail_scan_dir.h
 qmgr_move.o: qmgr.h
-qmgr_move.o: ../../include/maps.h
-qmgr_move.o: ../../include/dict.h
-qmgr_move.o: ../../include/argv.h
 qmgr_queue.o: qmgr_queue.c
 qmgr_queue.o: ../../include/sys_defs.h
 qmgr_queue.o: ../../include/msg.h
@@ -227,9 +203,6 @@ qmgr_queue.o: qmgr.h
 qmgr_queue.o: ../../include/vstream.h
 qmgr_queue.o: ../../include/vbuf.h
 qmgr_queue.o: ../../include/scan_dir.h
-qmgr_queue.o: ../../include/maps.h
-qmgr_queue.o: ../../include/dict.h
-qmgr_queue.o: ../../include/argv.h
 qmgr_rcpt_list.o: qmgr_rcpt_list.c
 qmgr_rcpt_list.o: ../../include/sys_defs.h
 qmgr_rcpt_list.o: ../../include/mymalloc.h
@@ -237,9 +210,6 @@ qmgr_rcpt_list.o: qmgr.h
 qmgr_rcpt_list.o: ../../include/vstream.h
 qmgr_rcpt_list.o: ../../include/vbuf.h
 qmgr_rcpt_list.o: ../../include/scan_dir.h
-qmgr_rcpt_list.o: ../../include/maps.h
-qmgr_rcpt_list.o: ../../include/dict.h
-qmgr_rcpt_list.o: ../../include/argv.h
 qmgr_scan.o: qmgr_scan.c
 qmgr_scan.o: ../../include/sys_defs.h
 qmgr_scan.o: ../../include/msg.h
@@ -249,9 +219,6 @@ qmgr_scan.o: ../../include/mail_scan_dir.h
 qmgr_scan.o: qmgr.h
 qmgr_scan.o: ../../include/vstream.h
 qmgr_scan.o: ../../include/vbuf.h
-qmgr_scan.o: ../../include/maps.h
-qmgr_scan.o: ../../include/dict.h
-qmgr_scan.o: ../../include/argv.h
 qmgr_transport.o: qmgr_transport.c
 qmgr_transport.o: ../../include/sys_defs.h
 qmgr_transport.o: ../../include/msg.h
@@ -268,6 +235,3 @@ qmgr_transport.o: ../../include/mail_conf.h
 qmgr_transport.o: ../../include/mail_params.h
 qmgr_transport.o: qmgr.h
 qmgr_transport.o: ../../include/scan_dir.h
-qmgr_transport.o: ../../include/maps.h
-qmgr_transport.o: ../../include/dict.h
-qmgr_transport.o: ../../include/argv.h
diff --git a/postfix/src/qmgr/qmgr.c b/postfix/src/qmgr/qmgr.c
index d09a64650..ab91a0fe4 100644
--- a/postfix/src/qmgr/qmgr.c
+++ b/postfix/src/qmgr/qmgr.c
@@ -16,10 +16,6 @@
 /*	Mail addressed to the local \fBdouble-bounce\fR address is silently
 /*	discarded.  This stops potential loops caused by undeliverable
 /*	bounce notifications.
-/*
-/*	Mail addressed to a user listed in the optional \fBrelocated\fR
-/*	database is bounced with a "user has moved to \fInew_location\fR"
-/*	message. See \fBrelocated\fR(5) for a precise description.
 /* MAIL QUEUES
 /* .ad
 /* .fi
@@ -150,9 +146,6 @@
 /* .fi
 /* .IP \fBallow_min_user\fR
 /*	Do not bounce recipient addresses that begin with '-'.
-/* .IP \fBrelocated_maps\fR
-/*	Tables with contact information for users, hosts or domains
-/*	that no longer exist. See \fBrelocated\fR(5).
 /* .IP \fBqueue_directory\fR
 /*	Top-level directory of the Postfix queue.
 /* .SH "Active queue controls"
@@ -224,7 +217,6 @@
 /*	named message \fItransport\fR.
 /* SEE ALSO
 /*	master(8), process manager
-/*	relocated(5), format of the "user has moved" table
 /*	syslogd(8) system logging
 /*	trivial-rewrite(8), address routing
 /* LICENSE
@@ -283,8 +275,6 @@ int     var_init_dest_concurrency;
 int     var_transport_retry_time;
 int     var_dest_con_limit;
 int     var_dest_rcpt_limit;
-char   *var_relocated_maps;
-char   *var_virtual_maps;
 char   *var_defer_xports;
 bool    var_allow_min_user;
 int     var_qmgr_fudge;
@@ -298,9 +288,6 @@ int     var_qmgr_clog_warn_time;
 static QMGR_SCAN *qmgr_incoming;
 static QMGR_SCAN *qmgr_deferred;
 
-MAPS   *qmgr_relocated;
-MAPS   *qmgr_virtual;
-
 /* qmgr_deferred_run_event - queue manager heartbeat */
 
 static void qmgr_deferred_run_event(int unused_event, char *dummy)
@@ -444,18 +431,6 @@ static void pre_accept(char *unused_name, char **unused_argv)
     }
 }
 
-/* qmgr_pre_init - pre-jail initialization */
-
-static void qmgr_pre_init(char *unused_name, char **unused_argv)
-{
-    if (*var_relocated_maps)
-	qmgr_relocated = maps_create("relocated", var_relocated_maps,
-				     DICT_FLAG_LOCK);
-    if (*var_virtual_maps)
-	qmgr_virtual = maps_create("virtual", var_virtual_maps,
-				   DICT_FLAG_LOCK);
-}
-
 /* qmgr_post_init - post-jail initialization */
 
 static void qmgr_post_init(char *unused_name, char **unused_argv)
@@ -496,8 +471,6 @@ static void qmgr_post_init(char *unused_name, char **unused_argv)
 int     main(int argc, char **argv)
 {
     static CONFIG_STR_TABLE str_table[] = {
-	VAR_RELOCATED_MAPS, DEF_RELOCATED_MAPS, &var_relocated_maps, 0, 0,
-	VAR_VIRTUAL_MAPS, DEF_VIRTUAL_MAPS, &var_virtual_maps, 0, 0,
 	VAR_DEFER_XPORTS, DEF_DEFER_XPORTS, &var_defer_xports, 0, 0,
 	0,
     };
@@ -539,7 +512,6 @@ int     main(int argc, char **argv)
 			MAIL_SERVER_STR_TABLE, str_table,
 			MAIL_SERVER_BOOL_TABLE, bool_table,
 			MAIL_SERVER_TIME_TABLE, time_table,
-			MAIL_SERVER_PRE_INIT, qmgr_pre_init,
 			MAIL_SERVER_POST_INIT, qmgr_post_init,
 			MAIL_SERVER_LOOP, qmgr_loop,
 			MAIL_SERVER_PRE_ACCEPT, pre_accept,
diff --git a/postfix/src/qmgr/qmgr.h b/postfix/src/qmgr/qmgr.h
index a7685451e..f8beea116 100644
--- a/postfix/src/qmgr/qmgr.h
+++ b/postfix/src/qmgr/qmgr.h
@@ -14,11 +14,6 @@
 #include 
 #include 
 
- /*
-  * Global library.
-  */
-#include 
-
  /*
   * The queue manager is built around lots of mutually-referring structures.
   * These typedefs save some typing.
@@ -244,8 +239,6 @@ struct QMGR_MESSAGE {
 
 extern int qmgr_message_count;
 extern int qmgr_recipient_count;
-extern MAPS *qmgr_relocated;
-extern MAPS *qmgr_virtual;
 
 extern void qmgr_message_free(QMGR_MESSAGE *);
 extern void qmgr_message_update_warn(QMGR_MESSAGE *);
@@ -257,7 +250,7 @@ extern QMGR_MESSAGE *qmgr_message_realloc(QMGR_MESSAGE *);
   */
 extern void qmgr_defer_transport(QMGR_TRANSPORT *, const char *);
 extern void qmgr_defer_todo(QMGR_QUEUE *, const char *);
-extern void qmgr_defer_recipient(QMGR_MESSAGE *, const char *, const char *, const char *);
+extern void qmgr_defer_recipient(QMGR_MESSAGE *, QMGR_RCPT *, const char *);
 
  /*
   * qmgr_bounce.c
diff --git a/postfix/src/qmgr/qmgr_defer.c b/postfix/src/qmgr/qmgr_defer.c
index 8c0b5e7ce..c897605e6 100644
--- a/postfix/src/qmgr/qmgr_defer.c
+++ b/postfix/src/qmgr/qmgr_defer.c
@@ -6,9 +6,9 @@
 /* SYNOPSIS
 /*	#include "qmgr.h"
 /*
-/*	void	qmgr_defer_recipient(message, address, reason)
+/*	void	qmgr_defer_recipient(message, recipient, reason)
 /*	QMGR_MESSAGE *message;
-/*	const char *address;
+/*	QMGR_RCPT *recipient;
 /*	const char *reason;
 /*
 /*	void	qmgr_defer_todo(queue, reason)
@@ -131,8 +131,7 @@ void    qmgr_defer_todo(QMGR_QUEUE *queue, const char *reason)
 	message = entry->message;
 	for (nrcpt = 0; nrcpt < entry->rcpt_list.len; nrcpt++) {
 	    recipient = entry->rcpt_list.info + nrcpt;
-	    qmgr_defer_recipient(message, recipient->orig_rcpt,
-				 recipient->address, reason);
+	    qmgr_defer_recipient(message, recipient, reason);
 	}
 	qmgr_entry_done(entry, QMGR_QUEUE_TODO);
     }
@@ -140,8 +139,8 @@ void    qmgr_defer_todo(QMGR_QUEUE *queue, const char *reason)
 
 /* qmgr_defer_recipient - defer delivery of specific recipient */
 
-void    qmgr_defer_recipient(QMGR_MESSAGE *message, const char *orig_addr,
-			             const char *address, const char *reason)
+void    qmgr_defer_recipient(QMGR_MESSAGE *message, QMGR_RCPT *recipient,
+			             const char *reason)
 {
     char   *myname = "qmgr_defer_recipient";
 
@@ -155,6 +154,6 @@ void    qmgr_defer_recipient(QMGR_MESSAGE *message, const char *orig_addr,
      * Update the message structure and log the message disposition.
      */
     message->flags |= defer_append(BOUNCE_FLAG_KEEP, message->queue_id,
-				   orig_addr, address, "none",
-				   message->arrival_time, "%s", reason);
+				   recipient->orig_rcpt, recipient->address,
+			       "none", message->arrival_time, "%s", reason);
 }
diff --git a/postfix/src/qmgr/qmgr_message.c b/postfix/src/qmgr/qmgr_message.c
index 76a797e83..b827dc7ea 100644
--- a/postfix/src/qmgr/qmgr_message.c
+++ b/postfix/src/qmgr/qmgr_message.c
@@ -109,7 +109,6 @@
 #include 
 #include 
 #include 
-#include 
 #include 
 #include 
 #include 
@@ -506,11 +505,8 @@ static void qmgr_message_resolve(QMGR_MESSAGE *message)
     QMGR_TRANSPORT *transport = 0;
     QMGR_QUEUE *queue = 0;
     RESOLVE_REPLY reply;
-    const char *newloc;
     char   *at;
     char  **cpp;
-    char   *domain;
-    const char *junk;
     char   *nexthop;
     int     len;
 
@@ -544,6 +540,11 @@ static void qmgr_message_resolve(QMGR_MESSAGE *message)
 	 */
 	if (var_sender_routing == 0) {
 	    resolve_clnt_query(recipient->address, &reply);
+	    if (reply.flags & RESOLVE_FLAG_FAIL) {
+		qmgr_defer_recipient(message, recipient,
+				     "address resolver failure");
+		continue;
+	    }
 	    if (reply.flags & RESOLVE_FLAG_ERROR) {
 		qmgr_bounce_recipient(message, recipient,
 				      "bad address syntax: \"%s\"",
@@ -552,6 +553,11 @@ static void qmgr_message_resolve(QMGR_MESSAGE *message)
 	    }
 	} else {
 	    resolve_clnt_query(message->sender, &reply);
+	    if (reply.flags & RESOLVE_FLAG_FAIL) {
+		qmgr_defer_recipient(message, recipient,
+				     "address resolver failure");
+		continue;
+	    }
 	    if (reply.flags & RESOLVE_FLAG_ERROR) {
 		qmgr_bounce_recipient(message, recipient,
 				      "bad address syntax: \"%s\"",
@@ -583,47 +589,6 @@ static void qmgr_message_resolve(QMGR_MESSAGE *message)
 	 */
 	lowercase(STR(reply.nexthop));
 
-	/*
-	 * Bounce recipients that have moved. We do it here instead of in the
-	 * local delivery agent. The benefit is that we can bounce mail for
-	 * virtual addresses, not just local addresses only, and that there
-	 * is no need to run a local delivery agent just for the sake of
-	 * relocation notices. The downside is that this table has no effect
-	 * on local alias expansion results, so that mail will have to make
-	 * almost an entire iteration through the mail system.
-	 */
-#define IGNORE_ADDR_EXTENSION	((char **) 0)
-
-	if (qmgr_relocated != 0) {
-	    if ((newloc = mail_addr_find(qmgr_relocated, recipient->address,
-					 IGNORE_ADDR_EXTENSION)) != 0) {
-		qmgr_bounce_recipient(message, recipient,
-				      "user has moved to %s", newloc);
-		continue;
-	    } else if (dict_errno != 0) {
-		qmgr_defer_recipient(message, recipient->orig_rcpt,
-				     recipient->address,
-				     "relocated map lookup failure");
-		continue;
-	    }
-	}
-
-	/*
-	 * Bounce mail to non-existent users in virtual domains.
-	 */
-	if (qmgr_virtual != 0
-	    && (at = strrchr(recipient->address, '@')) != 0
-	    && !resolve_local(at + 1)) {
-	    domain = lowercase(mystrdup(at + 1));
-	    junk = maps_find(qmgr_virtual, domain, 0);
-	    myfree(domain);
-	    if (junk) {
-		qmgr_bounce_recipient(message, recipient,
-				"unknown user: \"%s\"", recipient->address);
-		continue;
-	    }
-	}
-
 	/*
 	 * Bounce recipient addresses that start with `-'. External commands
 	 * may misinterpret such addresses as command-line options.
@@ -709,9 +674,7 @@ static void qmgr_message_resolve(QMGR_MESSAGE *message)
 		if (strcasecmp(*cpp, STR(reply.transport)) == 0)
 		    break;
 	    if (*cpp) {
-		qmgr_defer_recipient(message, recipient->orig_rcpt,
-				     recipient->address,
-				     "deferred transport");
+		qmgr_defer_recipient(message, recipient, "deferred transport");
 		continue;
 	    }
 	}
@@ -740,8 +703,7 @@ static void qmgr_message_resolve(QMGR_MESSAGE *message)
 	 * This transport is dead. Defer delivery to this recipient.
 	 */
 	if ((transport->flags & QMGR_TRANSPORT_STAT_DEAD) != 0) {
-	    qmgr_defer_recipient(message, recipient->orig_rcpt,
-				 recipient->address, transport->reason);
+	    qmgr_defer_recipient(message, recipient, transport->reason);
 	    continue;
 	}
 
@@ -758,8 +720,7 @@ static void qmgr_message_resolve(QMGR_MESSAGE *message)
 	 * This queue is dead. Defer delivery to this recipient.
 	 */
 	if (queue->window == 0) {
-	    qmgr_defer_recipient(message, recipient->orig_rcpt,
-				 recipient->address, queue->reason);
+	    qmgr_defer_recipient(message, recipient, queue->reason);
 	    continue;
 	}
 
diff --git a/postfix/src/smtp/smtp_proto.c b/postfix/src/smtp/smtp_proto.c
index 4dad14c02..b5c3007a5 100644
--- a/postfix/src/smtp/smtp_proto.c
+++ b/postfix/src/smtp/smtp_proto.c
@@ -489,12 +489,7 @@ int     smtp_xfer(SMTP_STATE *state)
 	     * Build the MAIL FROM command.
 	     */
 	case SMTP_STATE_MAIL:
-	    if (var_disable_dns == 0) {
-		REWRITE_ADDRESS(state->scratch, state->scratch2,
-				request->sender);
-	    } else {
-		QUOTE_ADDRESS(state->scratch, request->sender);
-	    }
+	    QUOTE_ADDRESS(state->scratch, request->sender);
 	    vstring_sprintf(next_command, "MAIL FROM:<%s>",
 			    vstring_str(state->scratch));
 	    if (state->features & SMTP_FEATURE_SIZE)	/* RFC 1870 */
@@ -518,12 +513,7 @@ int     smtp_xfer(SMTP_STATE *state)
 	     */
 	case SMTP_STATE_RCPT:
 	    rcpt = request->rcpt_list.info + send_rcpt;
-	    if (var_disable_dns == 0) {
-		REWRITE_ADDRESS(state->scratch, state->scratch2,
-				rcpt->address);
-	    } else {
-		QUOTE_ADDRESS(state->scratch, rcpt->address);
-	    }
+	    QUOTE_ADDRESS(state->scratch, rcpt->address);
 	    vstring_sprintf(next_command, "RCPT TO:<%s>",
 			    vstring_str(state->scratch));
 	    if ((next_rcpt = send_rcpt + 1) == request->rcpt_list.len)
diff --git a/postfix/src/smtpd/smtpd.c b/postfix/src/smtpd/smtpd.c
index f6aa6f6d0..63cad59a0 100644
--- a/postfix/src/smtpd/smtpd.c
+++ b/postfix/src/smtpd/smtpd.c
@@ -258,7 +258,7 @@
 /*	restriction.
 /* .IP \fBunknown_client_reject_code\fR
 /*	Response code when a client without address to name mapping
-/*	violates the \fBreject_unknown_clients\fR restriction.
+/*	violates the \fBreject_unknown_client\fR restriction.
 /* .IP \fBunknown_hostname_reject_code\fR
 /*	Response code when a client violates the \fBreject_unknown_hostname\fR
 /*	restriction.
@@ -389,8 +389,10 @@ int     var_strict_rfc821_env;
 bool    var_disable_vrfy_cmd;
 char   *var_canonical_maps;
 char   *var_rcpt_canon_maps;
-char   *var_virtual_maps;
+char   *var_virt_alias_maps;
+char   *var_virt_alias_doms;
 char   *var_virt_mailbox_maps;
+char   *var_virt_mailbox_doms;
 char   *var_relocated_maps;
 char   *var_alias_maps;
 char   *var_local_rcpt_maps;
@@ -1641,8 +1643,10 @@ int     main(int argc, char **argv)
 	VAR_REST_CLASSES, DEF_REST_CLASSES, &var_rest_classes, 0, 0,
 	VAR_CANONICAL_MAPS, DEF_CANONICAL_MAPS, &var_canonical_maps, 0, 0,
 	VAR_RCPT_CANON_MAPS, DEF_RCPT_CANON_MAPS, &var_rcpt_canon_maps, 0, 0,
-	VAR_VIRTUAL_MAPS, DEF_VIRTUAL_MAPS, &var_virtual_maps, 0, 0,
+	VAR_VIRT_ALIAS_MAPS, DEF_VIRT_ALIAS_MAPS, &var_virt_alias_maps, 0, 0,
+	VAR_VIRT_ALIAS_DOMS, DEF_VIRT_ALIAS_DOMS, &var_virt_alias_doms, 0, 0,
 	VAR_VIRT_MAILBOX_MAPS, DEF_VIRT_MAILBOX_MAPS, &var_virt_mailbox_maps, 0, 0,
+	VAR_VIRT_MAILBOX_DOMS, DEF_VIRT_MAILBOX_DOMS, &var_virt_mailbox_doms, 0, 0,
 	VAR_RELOCATED_MAPS, DEF_RELOCATED_MAPS, &var_relocated_maps, 0, 0,
 	VAR_ALIAS_MAPS, DEF_ALIAS_MAPS, &var_alias_maps, 0, 0,
 	VAR_LOCAL_RCPT_MAPS, DEF_LOCAL_RCPT_MAPS, &var_local_rcpt_maps, 0, 0,
diff --git a/postfix/src/smtpd/smtpd_check.c b/postfix/src/smtpd/smtpd_check.c
index 11d7bd519..dfad3a6ff 100644
--- a/postfix/src/smtpd/smtpd_check.c
+++ b/postfix/src/smtpd/smtpd_check.c
@@ -148,13 +148,13 @@
 /*	Permit the request when the resolved recipient domain matches the
 /*	\fIrelay_domains\fR configuration parameter or a subdomain thereof,
 /*	or when the destination somehow resolves locally ($inet_interfaces,
-/*	$mydestination or $virtual_maps).
+/*	$mydestination, $virtual_alias_domains, or $virtual_mailbox_domains).
 /* .IP reject_unauth_destination
 /*	Reject the request when the resolved recipient domain does not match
 /*	the \fIrelay_domains\fR configuration parameter or a subdomain
 /*	thereof, and when the destination does not somehow resolve locally
-/*	($inet_interfaces, $mydestination, $virtual_maps, or
-/*	$virtual_mailbox_maps).
+/*	($inet_interfaces, $mydestination, $virtual_alias_domains, or
+/*	$virtual_mailbox_domains).
 /*	The \fIrelay_domains_reject_code\fR configuration parameter specifies
 /*	the reject status code (default: 554).
 /* .IP reject_unauth_pipelining
@@ -297,6 +297,7 @@
 
 /* Global library. */
 
+#include 
 #include 
 #include 
 #include 
@@ -350,10 +351,13 @@ static CTABLE *smtpd_rbl_cache;
 static MAPS *local_rcpt_maps;
 static MAPS *rcpt_canon_maps;
 static MAPS *canonical_maps;
-static MAPS *virtual_maps;
+static MAPS *virt_alias_maps;
 static MAPS *virt_mailbox_maps;
 static MAPS *relocated_maps;
 
+static STRING_LIST *virt_alias_doms;
+static STRING_LIST *virt_mailbox_doms;
+
  /*
   * Response templates for various rbl domains.
   */
@@ -632,13 +636,17 @@ void    smtpd_check_init(void)
 				  DICT_FLAG_LOCK);
     canonical_maps = maps_create(VAR_CANONICAL_MAPS, var_canonical_maps,
 				 DICT_FLAG_LOCK);
-    virtual_maps = maps_create(VAR_VIRTUAL_MAPS, var_virtual_maps,
-			       DICT_FLAG_LOCK);
-    virt_mailbox_maps = maps_create(VAR_VIRT_MAILBOX_MAPS, var_virt_mailbox_maps,
-				    DICT_FLAG_LOCK);
+    virt_alias_maps = maps_create(VAR_VIRT_ALIAS_MAPS, var_virt_alias_maps,
+				  DICT_FLAG_LOCK);
+    virt_mailbox_maps = virtual8_maps_create(VAR_VIRT_MAILBOX_MAPS,
+					     var_virt_mailbox_maps,
+					     DICT_FLAG_LOCK);
     relocated_maps = maps_create(VAR_RELOCATED_MAPS, var_relocated_maps,
 				 DICT_FLAG_LOCK);
 
+    virt_alias_doms = string_list_init(MATCH_FLAG_NONE, var_virt_alias_doms);
+    virt_mailbox_doms = string_list_init(MATCH_FLAG_NONE, var_virt_mailbox_doms);
+
     access_parent_style = match_parent_style(SMTPD_ACCESS_MAPS);
 
     /*
@@ -861,15 +869,15 @@ static void reject_dict_retry(SMTPD_STATE *state, const char *reply_name)
 						451, reply_name));
 }
 
-/* check_maps_find - reject with temporary failure if dict lookup fails */
+/* check_str_match - reject with temporary failure if dict lookup fails */
 
-static const char *check_maps_find(SMTPD_STATE *state, const char *reply_name,
-			             MAPS *maps, const char *key, int flags)
+static int check_str_match(SMTPD_STATE *state, const char *reply_name,
+			           STRING_LIST *list, const char *key)
 {
-    const char *result;
+    int     result;
 
     dict_errno = 0;
-    if ((result = maps_find(maps, key, flags)) == 0
+    if ((result = string_list_match(list, key)) == 0
 	&& dict_errno == DICT_ERR_RETRY)
 	reject_dict_retry(state, reply_name);
     return (result);
@@ -913,24 +921,24 @@ static int resolve_final(SMTPD_STATE *state, const char *reply_name,
 
     /* If matches $mydestination or $inet_interfaces. */
     if (resolve_local(domain)) {
-	if (*var_virtual_maps
-	    && check_maps_find(state, reply_name, virtual_maps, domain, 0))
+	if (*var_virt_alias_doms
+	    && check_str_match(state, reply_name, virt_alias_doms, domain))
 	    msg_warn("list domain %s in only one of $%s and $%s",
-		     domain, VAR_MYDEST, VAR_VIRTUAL_MAPS);
-	if (*var_virt_mailbox_maps
-	 && checkv8_maps_find(state, reply_name, virt_mailbox_maps, domain))
+		     domain, VAR_MYDEST, VAR_VIRT_ALIAS_DOMS);
+	if (*var_virt_mailbox_doms
+	    && check_str_match(state, reply_name, virt_mailbox_doms, domain))
 	    msg_warn("list domain %s in only one of $%s and $%s",
-		     domain, VAR_MYDEST, VAR_VIRT_MAILBOX_MAPS);
+		     domain, VAR_MYDEST, VAR_VIRT_MAILBOX_DOMS);
 	return (1);
     }
     /* If Postfix-style virtual domain. */
-    if (*var_virtual_maps
-	&& check_maps_find(state, reply_name, virtual_maps, domain, 0))
+    if (*var_virt_alias_doms
+	&& check_str_match(state, reply_name, virt_alias_doms, domain))
 	return (1);
 
     /* If virtual mailbox domain. */
-    if (*var_virt_mailbox_maps
-	&& checkv8_maps_find(state, reply_name, virt_mailbox_maps, domain))
+    if (*var_virt_mailbox_doms
+	&& check_str_match(state, reply_name, virt_mailbox_doms, domain))
 	return (1);
 
     return (0);
@@ -1230,7 +1238,7 @@ static int permit_auth_destination(SMTPD_STATE *state, char *recipient)
 
     /*
      * Permit final delivery: the destination matches mydestination,
-     * virtual_maps, or virtual_mailbox_maps.
+     * virtual_alias_domains, or virtual_mailbox_domains.
      */
     if (resolve_final(state, recipient, domain))
 	return (SMTPD_CHECK_OK);
@@ -1707,7 +1715,7 @@ static int check_table_result(SMTPD_STATE *state, const char *table,
 			    reply_name, reply_class, cmd_text);
 	    log_whatsup(state, "filter", STR(error_text));
 #ifndef TEST
-	    rec_fprintf(state->dest->stream, REC_TYPE_FILT, "%s", value);
+	    rec_fprintf(state->dest->stream, REC_TYPE_FILT, "%s", cmd_text);
 #endif
 	    return (SMTPD_CHECK_DUNNO);
 	}
@@ -3157,13 +3165,13 @@ char   *smtpd_check_rcptmap(SMTPD_STATE *state, char *recipient)
     /*
      * Reject mail to unknown addresses in Postfix-style virtual domains.
      */
-    if (*var_virtual_maps
-	&& (check_maps_find(state, recipient, virtual_maps, domain, 0))) {
+    if (*var_virt_alias_doms
+	&& (check_str_match(state, recipient, virt_alias_doms, domain))) {
 	if (NOMATCH(rcpt_canon_maps, CONST_STR(reply->recipient))
 	    && NOMATCH(canonical_maps, CONST_STR(reply->recipient))
 	    && NOMATCH(relocated_maps, CONST_STR(reply->recipient))
 	    && NOMATCHV8(virt_mailbox_maps, CONST_STR(reply->recipient))
-	    && NOMATCH(virtual_maps, CONST_STR(reply->recipient))) {
+	    && NOMATCH(virt_alias_maps, CONST_STR(reply->recipient))) {
 	    (void) smtpd_check_reject(state, MAIL_ERROR_BOUNCE,
 				   "%d <%s>: User unknown", 550, recipient);
 	    SMTPD_CHECK_RCPT_RETURN(STR(error_text));
@@ -3173,13 +3181,13 @@ char   *smtpd_check_rcptmap(SMTPD_STATE *state, char *recipient)
     /*
      * Reject mail to unknown addresses in Postfix-style virtual domains.
      */
-    if (*var_virt_mailbox_maps
-     && (check_maps_find(state, recipient, virt_mailbox_maps, domain, 0))) {
+    if (*var_virt_mailbox_doms
+	&& (check_str_match(state, recipient, virt_mailbox_doms, domain))) {
 	if (NOMATCH(rcpt_canon_maps, CONST_STR(reply->recipient))
 	    && NOMATCH(canonical_maps, CONST_STR(reply->recipient))
 	    && NOMATCH(relocated_maps, CONST_STR(reply->recipient))
 	    && NOMATCHV8(virt_mailbox_maps, CONST_STR(reply->recipient))
-	    && NOMATCH(virtual_maps, CONST_STR(reply->recipient))) {
+	    && NOMATCH(virt_alias_maps, CONST_STR(reply->recipient))) {
 	    (void) smtpd_check_reject(state, MAIL_ERROR_BOUNCE,
 				   "%d <%s>: User unknown", 550, recipient);
 	    SMTPD_CHECK_RCPT_RETURN(STR(error_text));
@@ -3196,7 +3204,7 @@ char   *smtpd_check_rcptmap(SMTPD_STATE *state, char *recipient)
 	    && NOMATCH(canonical_maps, CONST_STR(reply->recipient))
 	    && NOMATCH(relocated_maps, CONST_STR(reply->recipient))
 	    && NOMATCHV8(virt_mailbox_maps, CONST_STR(reply->recipient))
-	    && NOMATCH(virtual_maps, CONST_STR(reply->recipient))
+	    && NOMATCH(virt_alias_maps, CONST_STR(reply->recipient))
 	    && NOMATCH(local_rcpt_maps, CONST_STR(reply->recipient))) {
 	    (void) smtpd_check_reject(state, MAIL_ERROR_BOUNCE,
 				   "%d <%s>: User unknown", 550, recipient);
@@ -3346,8 +3354,10 @@ char   *var_rest_classes;
 char   *var_alias_maps;
 char   *var_rcpt_canon_maps;
 char   *var_canonical_maps;
-char   *var_virtual_maps;
+char   *var_virt_alias_maps;
+char   *var_virt_alias_doms;
 char   *var_virt_mailbox_maps;
+char   *var_virt_mailbox_doms;
 char   *var_relocated_maps;
 char   *var_local_rcpt_maps;
 char   *var_perm_mx_networks;
@@ -3375,8 +3385,10 @@ static STRING_TABLE string_table[] = {
     VAR_ALIAS_MAPS, DEF_ALIAS_MAPS, &var_alias_maps,
     VAR_RCPT_CANON_MAPS, DEF_RCPT_CANON_MAPS, &var_rcpt_canon_maps,
     VAR_CANONICAL_MAPS, DEF_CANONICAL_MAPS, &var_canonical_maps,
-    VAR_VIRTUAL_MAPS, DEF_VIRTUAL_MAPS, &var_virtual_maps,
+    VAR_VIRT_ALIAS_MAPS, DEF_VIRT_ALIAS_MAPS, &var_virt_alias_maps,
+    VAR_VIRT_ALIAS_DOMS, DEF_VIRT_ALIAS_DOMS, &var_virt_alias_doms,
     VAR_VIRT_MAILBOX_MAPS, DEF_VIRT_MAILBOX_MAPS, &var_virt_mailbox_maps,
+    VAR_VIRT_MAILBOX_DOMS, DEF_VIRT_MAILBOX_DOMS, &var_virt_mailbox_doms,
     VAR_RELOCATED_MAPS, DEF_RELOCATED_MAPS, &var_relocated_maps,
     VAR_LOCAL_RCPT_MAPS, DEF_LOCAL_RCPT_MAPS, &var_local_rcpt_maps,
     VAR_PERM_MX_NETWORKS, DEF_PERM_MX_NETWORKS, &var_perm_mx_networks,
@@ -3397,7 +3409,7 @@ static void string_init(void)
     STRING_TABLE *sp;
 
     for (sp = string_table; sp->name; sp++)
-	sp->target[0] = mystrdup(sp->defval);
+	sp->target[0] = mystrdup(sp->defval[0] == '$' ? "" : sp->defval);
 }
 
 /* string_update - update string parameter */
@@ -3696,11 +3708,21 @@ int     main(int argc, char **argv)
 #define UPDATE_MAPS(ptr, var, val, lock) \
 	{ if (ptr) maps_free(ptr); ptr = maps_create(var, val, lock); }
 
+#define UPDATE_LIST(ptr, val) \
+	{ if (ptr) string_list_free(ptr); \
+	  ptr = string_list_init(MATCH_FLAG_NONE, val); }
+
 	case 2:
-	    if (strcasecmp(args->argv[0], "virtual_maps") == 0) {
-		UPDATE_STRING(var_virtual_maps, args->argv[1]);
-		UPDATE_MAPS(virtual_maps, VAR_VIRTUAL_MAPS,
-			    var_virtual_maps, DICT_FLAG_LOCK);
+	    if (strcasecmp(args->argv[0], VAR_VIRT_ALIAS_MAPS) == 0) {
+		UPDATE_STRING(var_virt_alias_maps, args->argv[1]);
+		UPDATE_MAPS(virt_alias_maps, VAR_VIRT_ALIAS_MAPS,
+			    var_virt_alias_maps, DICT_FLAG_LOCK);
+		resp = 0;
+		break;
+	    }
+	    if (strcasecmp(args->argv[0], VAR_VIRT_ALIAS_DOMS) == 0) {
+		UPDATE_STRING(var_virt_alias_doms, args->argv[1]);
+		UPDATE_LIST(virt_alias_doms, var_virt_alias_doms);
 		resp = 0;
 		break;
 	    }
@@ -3711,6 +3733,12 @@ int     main(int argc, char **argv)
 		resp = 0;
 		break;
 	    }
+	    if (strcasecmp(args->argv[0], VAR_VIRT_MAILBOX_DOMS) == 0) {
+		UPDATE_STRING(var_virt_mailbox_doms, args->argv[1]);
+		UPDATE_LIST(virt_mailbox_doms, var_virt_mailbox_doms);
+		resp = 0;
+		break;
+	    }
 	    if (strcasecmp(args->argv[0], "local_recipient_maps") == 0) {
 		UPDATE_STRING(var_local_rcpt_maps, args->argv[1]);
 		UPDATE_MAPS(local_rcpt_maps, VAR_LOCAL_RCPT_MAPS,
diff --git a/postfix/src/smtpd/smtpd_check.in3 b/postfix/src/smtpd/smtpd_check.in3
index 4d2dedb8d..52279f10a 100644
--- a/postfix/src/smtpd/smtpd_check.in3
+++ b/postfix/src/smtpd/smtpd_check.in3
@@ -9,7 +9,7 @@ canonical_maps tcp:localhost:200
 recipient_restrictions permit
 rcpt no.such.user@[127.0.0.1]
 #
-virtual_maps tcp:localhost:100
+virtual_alias_maps tcp:localhost:100
 #
 recipient_restrictions permit_mx_backup
 rcpt wietse@nowhere1.com
diff --git a/postfix/src/trivial-rewrite/resolve.c b/postfix/src/trivial-rewrite/resolve.c
index fd47abf5b..eaf1c4e78 100644
--- a/postfix/src/trivial-rewrite/resolve.c
+++ b/postfix/src/trivial-rewrite/resolve.c
@@ -62,6 +62,7 @@
 #include 
 #include 
 #include 
+#include 
 
 /* Global library. */
 
@@ -73,6 +74,11 @@
 #include 
 #include 
 #include 
+#include 
+#include 
+#include 
+#include 
+#include 
 
 /* Application-specific. */
 
@@ -81,6 +87,11 @@
 
 #define STR	vstring_str
 
+static DOMAIN_LIST *relay_domains;
+static STRING_LIST *virt_alias_doms;
+static STRING_LIST *virt_mailbox_doms;
+static MAPS *relocated_maps;
+
 /* resolve_addr - resolve address according to rule set */
 
 void    resolve_addr(char *addr, VSTRING *channel, VSTRING *nexthop,
@@ -92,6 +103,7 @@ void    resolve_addr(char *addr, VSTRING *channel, VSTRING *nexthop,
     TOK822 *saved_domain = 0;
     TOK822 *domain = 0;
     char   *destination;
+    const char *blame;
 
     *flags = 0;
 
@@ -211,25 +223,55 @@ void    resolve_addr(char *addr, VSTRING *channel, VSTRING *nexthop,
     tok822_internalize(nextrcpt, tree, TOK822_STR_DEFL);
 
     /*
-     * Non-local delivery, presumably. Set up the default remote transport
-     * specified with var_def_transport. Use the destination's mail exchanger
-     * unless a default mail relay is specified with var_relayhost.
+     * With relay or other non-local destinations, the relayhost setting
+     * overrides the destination domain name.
+     * 
+     * With virtual, relay, or other non-local destinations, give the highest
+     * precedence to delivery transport associated next-hop information.
      */
+    dict_errno = 0;
     if (domain != 0) {
-	vstring_strcpy(channel, var_def_transport);
+	tok822_internalize(nexthop, domain->next, TOK822_STR_DEFL);
+	lowercase(STR(nexthop));
+	if (STR(nexthop)[strspn(STR(nexthop), "[]0123456789.")] != 0
+	    && valid_hostname(STR(nexthop), DONT_GRIPE) == 0)
+	    *flags |= RESOLVE_FLAG_ERROR;
+	if (virt_alias_doms
+	    && string_list_match(virt_alias_doms, STR(nexthop))) {
+	    vstring_strcpy(channel, var_error_transport);
+	    vstring_strcpy(nexthop, "unknown user");
+	    blame = VAR_ERROR_TRANSPORT;
+	    *flags |= RESOLVE_CLASS_ERROR;
+	} else if (dict_errno != 0) {
+	    msg_warn("%s lookup failure", VAR_VIRT_ALIAS_DOMS);
+	    *flags |= RESOLVE_FLAG_FAIL;
+	} else if (virt_mailbox_doms
+		   && string_list_match(virt_mailbox_doms, STR(nexthop))) {
+	    vstring_strcpy(channel, var_virt_transport);
+	    blame = VAR_VIRT_TRANSPORT;
+	    *flags |= RESOLVE_CLASS_VIRTUAL;
+	} else if (dict_errno != 0) {
+	    msg_warn("%s lookup failure", VAR_VIRT_MAILBOX_DOMS);
+	    *flags |= RESOLVE_FLAG_FAIL;
+	} else {
+	    if (relay_domains
+		&& domain_list_match(relay_domains, STR(nexthop))) {
+		vstring_strcpy(channel, var_relay_transport);
+		blame = VAR_RELAY_TRANSPORT;
+		*flags |= RESOLVE_CLASS_RELAY;
+	    } else if (dict_errno != 0) {
+		msg_warn("%s lookup failure", VAR_RELAY_DOMAINS);
+		*flags |= RESOLVE_FLAG_FAIL;
+	    } else {
+		vstring_strcpy(channel, var_def_transport);
+		blame = VAR_DEF_TRANSPORT;
+		*flags |= RESOLVE_CLASS_DEFAULT;
+	    }
+	    if (*var_relayhost)
+		vstring_strcpy(nexthop, var_relayhost);
+	}
 	if ((destination = split_at(STR(channel), ':')) != 0 && *destination)
 	    vstring_strcpy(nexthop, destination);
-	else if (*var_relayhost)
-	    vstring_strcpy(nexthop, var_relayhost);
-	else {
-	    tok822_internalize(nexthop, domain->next, TOK822_STR_DEFL);
-	    if (STR(nexthop)[strspn(STR(nexthop), "[]0123456789.")] != 0
-		&& valid_hostname(STR(nexthop), DONT_GRIPE) == 0)
-		*flags |= RESOLVE_FLAG_ERROR;
-	}
-	if (*STR(channel) == 0)
-	    msg_fatal("null transport is not allowed: %s = %s",
-		      VAR_DEF_TRANSPORT, var_def_transport);
     }
 
     /*
@@ -238,26 +280,63 @@ void    resolve_addr(char *addr, VSTRING *channel, VSTRING *nexthop,
      */
     else {
 	vstring_strcpy(channel, var_local_transport);
+	blame = VAR_LOCAL_TRANSPORT;
 	if ((destination = split_at(STR(channel), ':')) == 0
 	    || *destination == 0)
 	    destination = var_myhostname;
 	vstring_strcpy(nexthop, destination);
-	if (*STR(channel) == 0)
-	    msg_fatal("null transport is not allowed: %s = %s",
-		      VAR_LOCAL_TRANSPORT, var_local_transport);
+	*flags |= RESOLVE_CLASS_LOCAL;
     }
+
+    /*
+     * Sanity checks.
+     */
+    if (*STR(channel) == 0)
+	msg_fatal("file %s/%s: parameter %s: null transport is not allowed",
+		  var_config_dir, MAIN_CONF_FILE, blame);
     if (*STR(nexthop) == 0)
 	msg_panic("%s: null nexthop", myname);
 
+    /*
+     * Bounce recipients that have moved. We do it here instead of in the
+     * local delivery agent. The benefit is that we can bounce mail for
+     * virtual addresses, not just local addresses only, and that there is no
+     * need to run a local delivery agent just for the sake of relocation
+     * notices. The downside is that this table has no effect on local alias
+     * expansion results, so that mail will have to make almost an entire
+     * iteration through the mail system.
+     */
+#define IGNORE_ADDR_EXTENSION   ((char **) 0)
+
+    if ((*flags & RESOLVE_FLAG_FAIL) == 0 && relocated_maps != 0) {
+	const char *newloc;
+
+	if ((newloc = mail_addr_find(relocated_maps, STR(nextrcpt),
+				     IGNORE_ADDR_EXTENSION)) != 0) {
+	    vstring_strcpy(channel, var_error_transport);
+	    vstring_sprintf(nexthop, "user has moved to %s", newloc);
+	    *flags |= RESOLVE_CLASS_ERROR;
+	} else if (dict_errno != 0) {
+	    msg_warn("%s lookup failure", VAR_RELOCATED_MAPS);
+	    *flags |= RESOLVE_FLAG_FAIL;
+	}
+    }
+
     /*
      * The transport map overrides any transport and next-hop host info that
-     * is set up above. For a long time, it was not possible to override
-     * routing of mail that resolves locally, because Postfix used a
-     * zero-length next-hop hostname result to indicate local delivery, and
-     * transport maps cannot return zero-length hostnames.
+     * is set up above.
+     * 
+     * XXX Don't override the error transport :-(
      */
-    if (*var_transport_maps)
-	transport_lookup(STR(nextrcpt), channel, nexthop);
+    if ((*flags & RESOLVE_FLAG_FAIL) == 0 
+	&& (*flags & RESOLVE_CLASS_ERROR) != 0
+	&& *var_transport_maps) {
+	if (transport_lookup(STR(nextrcpt), channel, nexthop) == 0
+	    && dict_errno != 0) {
+	    msg_warn("%s lookup failure", VAR_TRANSPORT_MAPS);
+	    *flags |= RESOLVE_FLAG_FAIL;
+	}
+    }
 
     /*
      * Clean up.
@@ -314,4 +393,22 @@ void    resolve_init(void)
     channel = vstring_alloc(100);
     nexthop = vstring_alloc(100);
     nextrcpt = vstring_alloc(100);
+
+    if (*var_virt_alias_doms)
+	virt_alias_doms =
+	    string_list_init(MATCH_FLAG_NONE, var_virt_alias_doms);
+
+    if (*var_virt_mailbox_doms)
+	virt_mailbox_doms =
+	    string_list_init(MATCH_FLAG_NONE, var_virt_mailbox_doms);
+
+    if (*var_relay_domains)
+	relay_domains =
+	    domain_list_init(match_parent_style(VAR_RELAY_DOMAINS),
+			     var_relay_domains);
+
+    if (*var_relocated_maps)
+	relocated_maps =
+	    maps_create(VAR_RELOCATED_MAPS, var_relocated_maps,
+			DICT_FLAG_LOCK);
 }
diff --git a/postfix/src/trivial-rewrite/trivial-rewrite.c b/postfix/src/trivial-rewrite/trivial-rewrite.c
index 92106dce4..790ef5e3c 100644
--- a/postfix/src/trivial-rewrite/trivial-rewrite.c
+++ b/postfix/src/trivial-rewrite/trivial-rewrite.c
@@ -61,39 +61,72 @@
 /*	This information is used to determine if
 /*	\fIuser\fR@[\fInet.work.addr.ess\fR] is local or remote.
 /* .IP \fBmydestination\fR
-/*	List of domains that this machine considers local.
-/* .IP \fBmyorigin\fR
-/*	The domain that locally-posted mail appears to come from.
+/*	List of domains that are given to the \fB$local_transport\fR.
+/* .IP \fBvirtual_alias_domains\fT
+/*	List of simulated virtual domains (domains with all recipients
+/*	aliased to some other local or remote domain).
+/* .IP \fBvirtual_mailbox_domains\fT
+/*	List of domains that are given to the \fB$virtual_transport\fR.
+/* .IP \fBrelay_domains\fT
+/*	List of domains that are given to the \fB$relay_transport\fR.
 /* .IP \fBresolve_unquoted_address\fR
 /*	When resolving an address, do not quote the address localpart as
 /*	per RFC 822, so that additional \fB@\fR, \fB%\fR or \fB!\fR
 /*	characters remain visible. This is technically incorrect, but
 /*	allows us to stop relay attacks when forwarding mail to a Sendmail
 /*	primary MX host.
+/* .IP \fBrelocated_maps\fR
+/*      Tables with contact information for users, hosts or domains
+/*      that no longer exist. See \fBrelocated\fR(5).
 /* .SH Rewriting
 /* .ad
 /* .fi
+/* .IP \fBmyorigin\fR
+/*	The domain that locally-posted mail appears to come from.
 /* .IP \fBallow_percent_hack\fR
 /*	Rewrite \fIuser\fR%\fIdomain\fR to \fIuser\fR@\fIdomain\fR.
 /* .IP \fBappend_at_myorigin\fR
-/*	Rewrite \fIuser\fR to \fIuser\fR@$\fBmyorigin\fR.
+/*	Rewrite \fIuser\fR to \fIuser\fR@\fB$myorigin\fR.
 /* .IP \fBappend_dot_mydomain\fR
-/*	Rewrite \fIuser\fR@\fIhost\fR to \fIuser\fR@\fIhost\fR.$\fBmydomain\fR.
+/*	Rewrite \fIuser\fR@\fIhost\fR to \fIuser\fR@\fIhost\fR.\fB$mydomain\fR.
 /* .IP \fBswap_bangpath\fR
 /*	Rewrite \fIsite\fR!\fIuser\fR to \fIuser\fR@\fIsite\fR.
 /* .SH Routing
 /* .ad
 /* .fi
 /* .IP \fBlocal_transport\fR
-/*	Where to deliver mail for destinations that match $\fBmydestination\fR
-/*	or $\fBinet_interfaces\fR.
+/*	Where to deliver mail for destinations that match \fB$mydestination\fR
+/*	or \fB$inet_interfaces\fR.
 /*	The default transport is \fBlocal\fR.
 /* .sp
 /*	Syntax is \fItransport\fR:\fInexthop\fR; see \fBtransport\fR(5)
 /*	for details. The :\fInexthop\fR part is optional.
+/* .IP \fBerror_transport\fR
+/*	Where to deliver mail for non-existent recipients in domains
+/*	that match \fBvirtual_alias_domains\fR (all recipients
+/*	in simulated virtual domains must be aliased to some other 
+/*	local or remote domain), or for recipients that have moved.
+/*	The default transport is \fBerror\fR.
+/* .sp
+/*	Syntax is \fItransport\fR:\fInexthop\fR; see \fBtransport\fR(5)
+/*	for details. The :\fInexthop\fR part is optional.
+/* .IP \fBvirtual_transport\fR
+/*	Where to deliver mail for non-local domains that match
+/*	\fB$virtual_mailbox_domains\fR.
+/*	The default transport is \fBvirtual\fR.
+/* .sp
+/*	Syntax is \fItransport\fR:\fInexthop\fR; see \fBtransport\fR(5)
+/*	for details. The :\fInexthop\fR part is optional.
+/* .IP \fBrelay_transport\fR
+/*	Where to deliver mail for non-local domains that match
+/*	\fB$relay_domains\fR.
+/*	The default transport is \fBrelay\fR (which normally is a clone
+/*	of the \fBsmtp\fR transport).
+/* .sp
+/*	Syntax is \fItransport\fR:\fInexthop\fR; see \fBtransport\fR(5)
+/*	for details. The :\fInexthop\fR part is optional.
 /* .IP \fBdefault_transport\fR
-/*	Where to deliver non-local mail when no information is explicitly
-/*	given in the \fBtransport\fR(5) table.
+/*	Where to deliver all other non-local mail.
 /*	The default transport is \fBsmtp\fR.
 /* .sp
 /*	Syntax is \fItransport\fR:\fInexthop\fR; see \fBtransport\fR(5)
@@ -175,8 +208,16 @@ bool    var_append_dot_mydomain;
 bool    var_append_at_myorigin;
 bool    var_percent_hack;
 char   *var_local_transport;
+char   *var_error_transport;
+char   *var_virt_transport;
+char   *var_relay_transport;
 int     var_resolve_dequoted;
 char   *var_xport_null_key;
+char   *var_virt_alias_maps;		/* XXX virtual_alias_domains */
+char   *var_virt_mailbox_maps;		/* XXX virtual_mailbox_domains */
+char   *var_virt_alias_doms;
+char   *var_virt_mailbox_doms;
+char   *var_relocated_maps;
 
 /* rewrite_service - read request and send reply */
 
@@ -242,7 +283,17 @@ int     main(int argc, char **argv)
     static CONFIG_STR_TABLE str_table[] = {
 	VAR_TRANSPORT_MAPS, DEF_TRANSPORT_MAPS, &var_transport_maps, 0, 0,
 	VAR_LOCAL_TRANSPORT, DEF_LOCAL_TRANSPORT, &var_local_transport, 0, 0,
+	VAR_ERROR_TRANSPORT, DEF_ERROR_TRANSPORT, &var_error_transport, 0, 0,
+	VAR_VIRT_TRANSPORT, DEF_VIRT_TRANSPORT, &var_virt_transport, 0, 0,
+	VAR_RELAY_TRANSPORT, DEF_RELAY_TRANSPORT, &var_relay_transport, 0, 0,
 	VAR_XPORT_NULL_KEY, DEF_XPORT_NULL_KEY, &var_xport_null_key, 1, 0,
+	VAR_VIRT_ALIAS_MAPS, DEF_VIRT_ALIAS_MAPS, &var_virt_alias_maps, 0, 0,
+	VAR_VIRT_ALIAS_DOMS, DEF_VIRT_ALIAS_DOMS, &var_virt_alias_doms, 0, 0,
+	VAR_VIRT_MAILBOX_MAPS, DEF_VIRT_MAILBOX_MAPS, &var_virt_mailbox_maps, 0, 0,
+	VAR_VIRT_MAILBOX_DOMS, DEF_VIRT_MAILBOX_DOMS, &var_virt_mailbox_doms, 0, 0,
+	VAR_VIRT_TRANSPORT, DEF_VIRT_TRANSPORT, &var_virt_transport, 1, 0,
+	VAR_RELAY_TRANSPORT, DEF_RELAY_TRANSPORT, &var_relay_transport, 1, 0,
+	VAR_RELOCATED_MAPS, DEF_RELOCATED_MAPS, &var_relocated_maps, 0, 0,
 	0,
     };
     static CONFIG_BOOL_TABLE bool_table[] = {
diff --git a/postfix/src/util/dict.h b/postfix/src/util/dict.h
index 9cad9f0e4..16071a692 100644
--- a/postfix/src/util/dict.h
+++ b/postfix/src/util/dict.h
@@ -46,6 +46,7 @@ extern void dict_free(DICT *);
 extern DICT *dict_debug(DICT *);
 #define DICT_DEBUG(d) ((d)->flags & DICT_FLAG_DEBUG ? dict_debug(d) : (d))
 
+#define DICT_FLAG_NONE		(0)
 #define DICT_FLAG_DUP_WARN	(1<<0)	/* if file, warn about dups */
 #define DICT_FLAG_DUP_IGNORE	(1<<1)	/* if file, ignore dups */
 #define DICT_FLAG_TRY0NULL	(1<<2)	/* do not append 0 to key/value */
@@ -57,6 +58,7 @@ extern DICT *dict_debug(DICT *);
 #define DICT_FLAG_SYNC_UPDATE	(1<<8)	/* if file, sync updates */
 #define DICT_FLAG_DEBUG		(1<<9)	/* log access */
 #define DICT_FLAG_FOLD_KEY	(1<<10)	/* lowercase the lookup key */
+#define DICT_FLAG_NO_REGSUB	(1<<11)	/* no lhs->rhs regexp substitution */
 
 extern int dict_unknown_allowed;
 extern int dict_errno;
diff --git a/postfix/src/util/dict_open.c b/postfix/src/util/dict_open.c
index 6cc082485..2f50076fe 100644
--- a/postfix/src/util/dict_open.c
+++ b/postfix/src/util/dict_open.c
@@ -81,9 +81,12 @@
 /* .IP DICT_FLAG_SYNC_UPDATE
 /*	With file-based maps, flush I/O buffers to file after each update.
 /*	Thus feature is not supported with some file-based dictionaries.
-/* .IP DICT_FLAG_FOLD_KEY
-/*	Fold the lookup key to lower case.
+/* .IP DICT_FLAG_NO_REGSUB
+/*      Disallow regular expression substitution from left-hand side data 
+/*	into the right-hand side.
 /* .PP
+/*	Specify DICT_FLAG_NONE for no special processing.
+/*
 /*	The dictionary types are as follows:
 /* .IP environ
 /*	The process environment array. The \fIdict_name\fR argument is ignored.
diff --git a/postfix/src/util/dict_pcre.c b/postfix/src/util/dict_pcre.c
index d51c47f86..a1977f99a 100644
--- a/postfix/src/util/dict_pcre.c
+++ b/postfix/src/util/dict_pcre.c
@@ -131,6 +131,7 @@ typedef struct {
 typedef struct {
     const char *mapname;		/* name of regexp map */
     int     lineno;			/* where in file */
+    int     flags;			/* dict_flags */
 } DICT_PCRE_PRESCAN_CONTEXT;
 
  /*
@@ -430,6 +431,13 @@ static int dict_pcre_prescan(int type, VSTRING *buf, char *context)
     size_t  n;
 
     if (type == MAC_PARSE_VARNAME) {
+	if (ctxt->flags & DICT_FLAG_NO_REGSUB) {
+	    msg_warn("pcre map %s, line %d: "
+		      "regular expression substitution is not allowed"
+		      ctxt->mapname, ctxt->lineno);
+	    return (MAC_PARSE_ERROR);
+	}
+
 	if (!alldig(vstring_str(buf))) {
 	    msg_warn("pcre map %s, line %d: non-numeric replacement index \"%s\"",
 		     ctxt->mapname, ctxt->lineno, vstring_str(buf));
@@ -491,7 +499,8 @@ static DICT_PCRE_RULE *dict_pcre_rule_alloc(int op, int nesting,
 /* dict_pcre_parse_rule - parse and compile one rule */
 
 static DICT_PCRE_RULE *dict_pcre_parse_rule(const char *mapname, int lineno,
-					            char *line, int nesting)
+					            char *line, int nesting,
+					            int dict_flags)
 {
     char   *p;
 
@@ -526,6 +535,7 @@ static DICT_PCRE_RULE *dict_pcre_parse_rule(const char *mapname, int lineno,
 	 */
 	prescan_context.mapname = mapname;
 	prescan_context.lineno = lineno;
+	prescan_context.flags = dict_flags;
 
 	if (mac_parse(p, dict_pcre_prescan, (char *) &prescan_context)
 	    & MAC_PARSE_ERROR) {
@@ -675,7 +685,7 @@ DICT   *dict_pcre_open(const char *mapname, int unused_flags, int dict_flags)
 	trimblanks(p, 0)[0] = 0;		/* Trim space at end */
 	if (*p == 0)
 	    continue;
-	rule = dict_pcre_parse_rule(mapname, lineno, p, nesting);
+	rule = dict_pcre_parse_rule(mapname, lineno, p, nesting, dict_flags);
 	if (rule == 0)
 	    continue;
 	if (rule->op == DICT_PCRE_OP_IF) {
diff --git a/postfix/src/util/dict_regexp.c b/postfix/src/util/dict_regexp.c
index c67c48b1d..5735ca8a8 100644
--- a/postfix/src/util/dict_regexp.c
+++ b/postfix/src/util/dict_regexp.c
@@ -518,7 +518,8 @@ static DICT_REGEXP_RULE *dict_regexp_rule_alloc(int op, int nesting,
 /* dict_regexp_parseline - parse one rule */
 
 static DICT_REGEXP_RULE *dict_regexp_parseline(const char *mapname, int lineno,
-					            char *line, int nesting)
+					            char *line, int nesting,
+					               int dict_flags)
 {
     char   *p;
 
@@ -579,8 +580,14 @@ static DICT_REGEXP_RULE *dict_regexp_parseline(const char *mapname, int lineno,
 #define FREE_EXPR_AND_RETURN(expr, rval) \
 	{ regfree(expr); myfree((char *) (expr)); return (rval); }
 
-	if (prescan_context.max_sub == 0 || first_pat.match == 0)
+	if (prescan_context.max_sub == 0 || first_pat.match == 0) {
 	    first_pat.options |= REG_NOSUB;
+	} else if (dict_flags & DICT_FLAG_NO_REGSUB) {
+	    msg_warn("regexp map %s, line %d: "
+		      "regular expression substitution is not allowed: "
+		      "skipping this rule", mapname, lineno);
+	    return(0);
+	}
 	if ((first_exp = dict_regexp_compile_pat(mapname, lineno,
 						 &first_pat)) == 0)
 	    return (0);
@@ -707,7 +714,7 @@ DICT   *dict_regexp_open(const char *mapname, int unused_flags, int dict_flags)
 	trimblanks(p, 0)[0] = 0;
 	if (*p == 0)
 	    continue;
-	rule = dict_regexp_parseline(mapname, lineno, p, nesting);
+	rule = dict_regexp_parseline(mapname, lineno, p, nesting, dict_flags);
 	if (rule == 0)
 	    continue;
 	if (rule->op == DICT_REGEXP_OP_MATCH) {
diff --git a/postfix/src/virtual/Makefile.in b/postfix/src/virtual/Makefile.in
index c2f9a2ae4..05153384f 100644
--- a/postfix/src/virtual/Makefile.in
+++ b/postfix/src/virtual/Makefile.in
@@ -163,7 +163,8 @@ virtual.o: ../../include/deliver_request.h
 virtual.o: ../../include/deliver_completed.h
 virtual.o: ../../include/mail_params.h
 virtual.o: ../../include/mail_conf.h
+virtual.o: ../../include/virtual8.h
+virtual.o: ../../include/maps.h
 virtual.o: ../../include/mail_server.h
 virtual.o: virtual.h
-virtual.o: ../../include/maps.h
 virtual.o: ../../include/mbox_conf.h
diff --git a/postfix/src/virtual/virtual.c b/postfix/src/virtual/virtual.c
index 233f3e3f3..6290babd0 100644
--- a/postfix/src/virtual/virtual.c
+++ b/postfix/src/virtual/virtual.c
@@ -126,6 +126,10 @@
 /*
 /*	Note that \fBvirtual_mailbox_base\fR is unconditionally prepended
 /*	to this path.
+/* .IP \fBvirtual_mailbox_domains\fR
+/*	The list of domains that should be delivered via the Postfix virtual
+/*	delivery agent. This uses the same syntax as the \fBmydestination\fR
+/*	configuration parameter.
 /* .IP \fBvirtual_minimum_uid\fR
 /*	Specifies a minimum uid that will be accepted as a return from
 /*	a \fBvirtual_owner_maps\fR or \fBvirtual_uid_maps\fR lookup.
@@ -231,6 +235,9 @@
 
 #include 
 #include 
+#ifdef USE_PATHS_H
+#include 			/* XXX mail_spool_dir dependency */
+#endif
 
 /* Utility library. */
 
@@ -250,6 +257,7 @@
 #include 
 #include 
 #include 
+#include 
 
 /* Single server skeleton. */
 
@@ -269,6 +277,7 @@ int     var_virt_minimum_uid;
 char   *var_virt_mailbox_base;
 char   *var_virt_mailbox_lock;
 int     var_virt_mailbox_limit;
+char   *var_mail_spool_dir;		/* XXX dependency fix */
 
  /*
   * Mappings.
@@ -377,14 +386,16 @@ static void post_init(char *unused_name, char **unused_argv)
     set_eugid(var_owner_uid, var_owner_gid);
 
     virtual_mailbox_maps =
-	maps_create(VAR_VIRT_MAILBOX_MAPS, var_virt_mailbox_maps,
-		    DICT_FLAG_LOCK);
+	virtual8_maps_create(VAR_VIRT_MAILBOX_MAPS, var_virt_mailbox_maps,
+			     DICT_FLAG_LOCK);
 
     virtual_uid_maps =
-	maps_create(VAR_VIRT_UID_MAPS, var_virt_uid_maps, DICT_FLAG_LOCK);
+	virtual8_maps_create(VAR_VIRT_UID_MAPS, var_virt_uid_maps,
+			     DICT_FLAG_LOCK);
 
     virtual_gid_maps =
-	maps_create(VAR_VIRT_GID_MAPS, var_virt_gid_maps, DICT_FLAG_LOCK);
+	virtual8_maps_create(VAR_VIRT_GID_MAPS, var_virt_gid_maps,
+			     DICT_FLAG_LOCK);
 
     virtual_mbox_lock_mask = mbox_lock_mask(var_virt_mailbox_lock);
 }
@@ -420,6 +431,7 @@ int     main(int argc, char **argv)
 	0,
     };
     static CONFIG_STR_TABLE str_table[] = {
+	VAR_MAIL_SPOOL_DIR, DEF_MAIL_SPOOL_DIR, &var_mail_spool_dir, 0, 0,
 	VAR_VIRT_MAILBOX_MAPS, DEF_VIRT_MAILBOX_MAPS, &var_virt_mailbox_maps, 0, 0,
 	VAR_VIRT_UID_MAPS, DEF_VIRT_UID_MAPS, &var_virt_uid_maps, 0, 0,
 	VAR_VIRT_GID_MAPS, DEF_VIRT_GID_MAPS, &var_virt_gid_maps, 0, 0,