On Wed, Nov 3, 2010 at 12:14 PM, Edward Carraro <ednit...@gmail.com> wrote: > I would like to set up SMTP, allowing the user to authenticate as their main > address, but still continue to send mail using their alias (without > disabling reject_sender_login_mismatch, as discussed here > http://serverfault.com/questions/61351/) > > I'm just not sure what my ldap mapping config should look like... when I add > the LDAP attribute mailAlternateAddress to the query_filter, it allows me to > authenticate using both the main address and the alias but it won't allow me > to send from an address owned by that user other than what was used for > authentication. > > master.cf > -o smtpd_sender_login_maps=ldap:/etc/postfix/virtual > -o smtpd_sender_restrictions=reject_sender_login_mismatch > > /etc/postfix/virtual > server_host = ldap://ldapserver:389 > server_port = 389 > search_base = > #query_filter = (mail=%s) > query_filter = (&(|(mail=%s)(mailAlternateAddress=%s))) > result_attribute = uid > version = 3 > start_tls = no > bind = yes > bind_dn = xxxxxxx > bind_pw = xxxxxxx > timeout = 30 >
smtpd_sender_login_maps lookup by sender to retrieve authorized users. Senders must be in query_filter and all attributes with authorized users should be listed in result_attribute. you might want: query_filter = (|(mail=%s)(mailAlternateAddress=%s)) result_attribute = uid, mail, mailAlternateAddress -- Reinaldo de Carvalho http://korreio.sf.net http://python-cyrus.sf.net "While not fully understand a software, don't try to adapt this software to the way you work, but rather yourself to the way the software works" (myself)
