On 2013-06-08 05:24, Nikolas Kallis wrote: > On 08/06/13 03:48, Per olof Ljungmark wrote: >> Hi all, >> >> Hopefully I can explain this good enough for someone to understand and >> perhaps even suggest a solution. >> >> Our email system is built from a LDAP directory that contains all the >> necessary information about our users. A box receives mail from the MX's >> and routes it according to the information in the directory. >> >> If the mail is for a user present in the directory it gets delivered to >> the mail server, if it is for an external address it is delivered to the >> outgoing box etc., everything dandy. >> >> Now we face a setup where we have users present in the same tree as our >> normal mail users, but with addresses external to us. They must have the >> "mail" attribute that we normally use for delivery to our mail server. >> We cannot separate them to a different tree because it is actually a mix >> of internal and external users for a different purpose than mail routing. >> >> So far we have not been able to (at least not a Friday afternoon) figure >> out how to make the mail router understand that mail for a specific >> address/domain should *not* be delivered as usual but relayed directly >> to outgoing even if this email address is present in the directory. >> >> The LDAP query is very simple: >> >> query_filter = >> (&(accountStatus=Active)(|(mail=%s)(mailalternateaddress=%s))) >> result_filter = %u@mail.server >> result_attribute = uid >> scope = sub >> >> This together with a transport map that directs * to outgoing is all >> there is. >> >> I was hoping for a relatively simple way to fix this, so far I only >> dreamed up rather complicated scenarios... >> >> Thanks for reading, >> >> //per >> >> PS. I had some trouble posting: >> >> "BOUNCE postfix-users@postfix.org: Admin request: /^subject:\s*help\b/i" >> >> The word 'help' is not allowed? >> DS. >> >> > I am not an expert with complex MTA routing and quite noob with what > your doing, but from the sounds of it and my visualisation, you will > need to use a separate MTA system to handle the 'external' e-mail (what > ever that is), as there is no way to differentiate between internal and > external as they both qualify for delivery.
Yes, I realsize that it might be impossible. "external" means addresses that are in the directory but does not have a mailbox. Actually, both should qualify but must be routed differently, internal to mailbox and external to outgoing.
