> -----Original Message----- > From: Natxo Asenjo [mailto:[EMAIL PROTECTED] > Sent: 07 October 2008 15:54 > To: Paul Cocker > Cc: postfix-users@postfix.org > Subject: Re: My first config - unable to telnet to port 25, > virtual.db missing > > On Tue, Oct 7, 2008 at 4:06 PM, Paul Cocker > <[EMAIL PROTECTED]> wrote: > > This server is only the secondary mail server for incoming > mail, so it > > won't be bouncing anything just passing it onto the primary server > > which does perform valid recipient checks. I don't see any > point doing > > it here too as it just means more hits against the AD > servers for no > > greater effect, unless I needed to lessen the load on the > primary MX > > server which I don't. > > please do get a relay_recipients map. That way you block all > mail at the gate which should not be there. Otherwise you are > becoming a source of backscatter. > > We have a similar setup here. I have writtten a simple batch > file which dumps all the e-mail addresses of AD to a file. I > copy this file to the postfix gateway, a bit of perl and it > is done. It is quite simple actually. > > the batch file uses adfind.exe > (http://www.joeware.net/freetools/tools/adfind/index.htm) and > pscp (from putty); you need to create a key to be able to > copy the files to the unix host (but this is not the place to > ask). I use a unix user at the postfix box with inlogname: > exchangeuxdf > > -===============batch.bat================== > @echo off > > d: > > cd d:\scripts\ldap > > adfind -sc exchaddresses:smtp > d:\scripts\ldap\virtual.txt > > > pscp -i "d:\scripts\ldap\exchangeuser.ppk" > "D:\Scripts\ldap\virtual.txt" > [EMAIL PROTECTED]:/home/exchangeuser > > ============================================= > > adfind dumps all smtp addresses to the file virtual.txt and > then that file gets copied to the postfix server. > > The format of the virtual.txt is this: > > dn:CN=cn,OU=ou,OU=ou,DC=dc,DC=dc > >proxyAddresses: SMTP:[EMAIL PROTECTED] > >proxyAddresses: smtp:[EMAIL PROTECTED] > >proxyAddresses: smtp:[EMAIL PROTECTED] > > Postfix expects this format: > [EMAIL PROTECTED] OK > ^^^^^ -> this is a tab > > so using your favourite scripting langauge you can quite > easily parse it and adapt it to the format postifx wants. I > have this script, it works for me: > > ====================== > #!/usr/bin/perl > > use warnings; > use strict; > use File::Copy; > > my $valid_recpts = "/home/exchange/virtual.txt"; # original > file from exchange my $relay_recps = > "/home/exchange/relay_recipients"; # final file that will be > postmapped my $dos2unix = `/usr/bin/dos2unix $valid_recpts`; > # fix those pesky differences between dos en unix my > $postfix_relayrcpts = "/etc/postfix/relay_recipients.db"; # > final relay_recipients map my $relay_recpsdb = > "/home/exchange/relay_recipients.db"; # original relay_recipients map > > open(VALID,"< $valid_recpts") or die "$!\n"; open(RELAY,"> > $relay_recps") or die "$!\n"; > > while(<VALID>) { > next unless $_ =~ /^.*(smtp:)(.*\.nl)$/i; > print RELAY "$2\tOK\n"; > } > > close(VALID); > close(RELAY); > > chown exchangeuser, exchangeuser, $valid_recpts; # otherwise > exchange cannot overwrite it > > my $postmap = `/usr/sbin/postmap $relay_recps`; > > move($relay_recpsdb, $postfix_relayrcpts); > > ============================================ > > in main.cf the relevant part for relay_recipients is: > relay_recipient_maps = hash:/etc/postfix/relay_recipients > > We run those scripts every 6 hours. This setup has been > working for over a year now and e-mail has stopped being an > issue for us. >
Thanks for the pointers. I've now set something up, but being more comfortable in Windows I've set it all up on that side: ========================= @echo off adfind -list -sc exchaddresses:SMTP > validrecipients.txt cut -c 6- validrecipients.txt > validrecipients2.txt pscp -i "somepath\exchangeuser.ppk" "somepath\Validrecipients.txt" [EMAIL PROTECTED]:/home/someuser ========================= I used -list in adfind to cleanup the output, that way I only need to trim the SMTP: bit. Cut comes from the UnxUtils package, it removes SMTP: I assume from your example that I need to insert an OK at the end of each line, but the documentation http://www.postfix.org/postconf.5.html#relay_recipient_maps seems to suggest I just need a list of addresses. Am I missing a page somewhere? > HTH. > -- > Groeten, > J.Asenjo > TNT Post is the trading name for TNT Post UK Ltd (company number: 04417047), TNT Post (Doordrop Media) Ltd (00613278), TNT Post Scotland Ltd (05695897), TNT Post North Ltd (05701709), TNT Post South West Ltd (05983401), TNT Post Midlands Limited (6458167)and TNT Post London Limited (6493826). Emma's Diary and Lifecycle are trading names for Lifecycle Marketing (Mother and Baby) Ltd (02556692). All companies are registered in England and Wales; registered address: 1 Globeside Business Park, Fieldhouse Lane, Marlow, Buckinghamshire, SL7 1HY.
