On 6/1/2011 12:57 PM, Ansgar Wiechers wrote:
I'm aware of two ways to verify recipients when relaying mail to
upstream Exchange servers:
- Export recipient addresses from AD and use that list as
$relay_recipient_maps.
- Use an LDAP query in $relay_recipient_maps.
I seem to recall that there was a third option where Postfix would probe
the nexthop before accepting the mail, but was unable to find it in the
list archive. Can someone refresh my memory? Or did I mis-remember that?
I do the first option by running a script on the exchange server every
15 minutes, then grabbing the result five minutes later from the mail
relays. It does some sanity checks before replacing relay_recipients
and postmapping it.
The Windows side (Exchange 2010 on 2008R2) of the process consists of
VBScript to grab the info from AD, which then runs a perl script to
clean up the file. The Linux server has a shell script that uses
smbclient to retrieve the data. The perl part could be run on Linux if
you don't want to install Perl on your Windows machine.
If anyone is interested, I can sanitize the scripts and make them available.
