everyone@example.com virtual_alias_maps using ldap query
in [Postfix]
|
From: Ronie Gilberto Henrich on 16 Mar 2010 17:54 Hi, I am searching for a dynamic mapping solution which allows me to forward emails to everyone(a)example.com to all valid mailboxes in example.com I did not find any dynamic mapping solution for this. I am almost there, the only thing left is to validate that %u = everyone. My current accomplishments: /etc/postfix/main.cf ==================== virtual_alias_maps = ldap:everyone everyone_server_host = ldaps://localhost everyone_version = 3 everyone_search_base = ou=%d,ou=Mail,o=example,c=com everyone_query_filter = (accountStatus=active) everyone_result_attribute = mail The query above works with any destination address sending to all valid mailboxes. For instance, emails to destination address blabla(a)example.com would be send to all mailboxes. The same for destination address 123(a)example.com, and so on. For only emails sent to everyone(a)example.com to be forwarded to all mailboxes in example.com, it is necessary to add a filter like %u=everyone to that ldap query. I tried the following: everyone_query_filter = (&(accountStatus=active)(%u=everyone)) But it does not work. Is there any way to add that %u=everyone filter in the ldap query above? Or any other way to get the same results and still being dynamic? I mean dynamic by anything but generating hash alias_maps thru cron scripts. Thanks and regards, Ronie
From: Reinaldo de Carvalho on 16 Mar 2010 19:26 On Tue, Mar 16, 2010 at 6:54 PM, Ronie Gilberto Henrich <ronie(a)ronie.com.br> wrote: > Hi, > > /etc/postfix/main.cf > ==================== > virtual_alias_maps = ldap:everyone > > everyone_server_host = ldaps://localhost > everyone_version = 3 > everyone_search_base = ou=%d,ou=Mail,o=example,c=com > everyone_query_filter = (accountStatus=active) > everyone_result_attribute = mail > > For only emails sent to everyone(a)example.com to be forwarded to all > mailboxes in example.com, it is necessary to add a filter like > %u=everyone to that ldap query. > I tried the following: > everyone_query_filter = (&(accountStatus=active)(%u=everyone)) > everyone_query_filter = (&(accountStatus=active)(uid=%u)) everyone_result_attribute = mail This work if you add attribute mail=everyone(a)example.com for each ldap entry. dn: uid=user1...: mail=user1(a)example.com mail=everyone(a)example.com dn: uid=user2,...: mail=user2(a)example.com mail=everyone(a)example.com > But it does not work. > > > Is there any way to add that %u=everyone filter in the ldap query above? > Or any other way to get the same results and still being dynamic? > I mean dynamic by anything but generating hash alias_maps thru cron > scripts. > > > Thanks and regards, > Ronie > -- Reinaldo de Carvalho http://korreio.sf.net http://python-cyrus.sf.net "Don't try to adapt the software to the way you work, but rather yourself to the way the software works" (myself)
From: Ronie Gilberto Henrich on 16 Mar 2010 21:38 Hi Reinaldo, Let me explain better how virtual_alias_maps works in this case: 1) Someone send an email to everyone(a)example.com 2) Query ldap:everyone result has to be user1(a)example.com, user2(a)example.com, and so on (all mailboxes in domain example.com) So, the %u value in everyone_query_filter is "everyone" Considering your suggestion: (&(accountStatus=active)(uid=%u)) and dn: uid=user1...: ================= Is "user1"="everyone" ? FALSE So, it won't return any mailboxes. Considering also the second part of your suggestion, about adding the attribute mail=everyone(a)example.com, it has 2 cons: 1) Loop: everyone(a)example.com forward to user1(a)example.com and everyone(a)example.com, which forward again to user1(a)example.com and everyone(a)example.com, and again, and again, and again... 2) Redundant data, may lead to inconsistencies: no sense in having all mailboxes with a mail=everyone(a)example.com. If one does not have everyone(a)example.com, the result list of recipients of an email sent to everyone(a)example.com won't be all (everyone) mailboxes. Thanks, Ronie -------- Original Message -------- Subject: Re: everyone(a)example.com virtual_alias_maps using ldap query From: Reinaldo de Carvalho <reinaldoc(a)gmail.com> To: Postfix <postfix-users(a)postfix.org> Date: Tue Mar 16 2010 20:26:54 GMT-0300 On Tue, Mar 16, 2010 at 6:54 PM, Ronie Gilberto Henrich <ronie(a)ronie.com.br> wrote: Hi, /etc/postfix/main.cf ==================== virtual_alias_maps = ldap:everyone everyone_server_host = ldaps://localhost everyone_version = 3 everyone_search_base = ou=%d,ou=Mail,o=example,c=com everyone_query_filter = (accountStatus=active) everyone_result_attribute = mail For only emails sent to everyone(a)example.com to be forwarded to all mailboxes in example.com, it is necessary to add a filter like %u=everyone to that ldap query. I tried the following: everyone_query_filter = (&(accountStatus=active)(%u=everyone)) everyone_query_filter = (&(accountStatus=active)(uid=%u)) everyone_result_attribute = mail This work if you add attribute mail=everyone(a)example.com for each ldap entry. dn: uid=user1...: mail=user1(a)example.com mail=everyone(a)example.com dn: uid=user2,...: mail=user2(a)example.com mail=everyone(a)example.com But it does not work. Is there any way to add that %u=everyone filter in the ldap query above? Or any other way to get the same results and still being dynamic? I mean dynamic by anything but generating hash alias_maps thru cron scripts. Thanks and regards, Ronie
From: Reinaldo de Carvalho on 17 Mar 2010 07:14 On Tue, Mar 16, 2010 at 10:38 PM, Ronie Gilberto Henrich <ronie(a)ronie.com.br> wrote: > Hi Reinaldo, > > Let me explain better how virtual_alias_maps works in this case: > 1) Someone send an email to everyone(a)example.com > 2) Query ldap:everyone result has to be user1(a)example.com, > user2(a)example.com, and so on (all mailboxes in domain example.com) > Sorry, I misunderstand your question. Is not possible create "everyone" as you request. You need a cron job. -- Reinaldo de Carvalho http://korreio.sf.net http://python-cyrus.sf.net "Don't try to adapt the software to the way you work, but rather yourself to the way the software works" (myself)
From: Victor Duchovni on 18 Mar 2010 12:45 On Thu, Mar 18, 2010 at 01:31:11PM -0300, Ronie Gilberto Henrich wrote: > The problem about your solution below is that it will go into a loop. Only if you go out of your way to make it loop. The address expansion in virtual(5) is recursive, but it stops as soon as address expands to itself. If "everyone" is a group object that expands to a list of users, just make sure the query returns all users and no groups. If you want the group be "dynamic", you can use LDAP URI valued groups and "special_result_attribute" to process such URIs. If the list of users is not too large, this works reasonably well. Once you are processing thousands of users, you should consider operating a list server to which such addresses are routed, and do the expansion there... Giving all users an "everyone(a)example.com" address is a bit ugly, just use objectClasses or sub-trees to determine who is in scope. -- Viktor. P.S. Morgan Stanley is looking for a New York City based, Senior Unix system/email administrator to architect and sustain our perimeter email environment. If you are interested, please drop me a note.
|
Next
|
Last
Pages: 1 2 Prev: Can I Omit Same Values Next: Sender Access Restrictions and MySQL Table |