Ok, I have LDAP working in stream although still have a few bugs. I found this article:
http://www.experts-exchange.com/questions/28251757/How-to-configure-LDAP-Authentication-for-Incoming-SMTP-Traffic.html Basically I added these lines virtual_mailbox_domains = example.com, example.org, example.net virtual_mailbox_maps = ldap:/etc/postfix/ldap-users.cf to where I already had virtual_alias_maps = ldap:/etc/postfix/ldap-aliases.cf and it worked. Is there a way to have Postfix DROP the message if the recipient is invalid? As opposed to sending an NDR? Thanks -----Original Message----- From: Gomes, Rich Sent: Monday, January 04, 2016 1:48 PM To: postfix-users@postfix.org Subject: RE: ldap validate I have read over the suggested documentation and I have some questions. But perhaps it would be good to break down my goals here first. First by the postfix\relaying part, then by the validation. Years ago I used qmail on the 'nix side but since then I have been using Sendmail so some of this may be part of the expected learning curve. I am trying to configure a relay that will accept mail from applications and send the mail either to Exchange or to the Internet. In Sendmail I would do this by adding internal domains and their Exchange FrontEnd server in the mailertable file and any domains not listed there would be handled by the SmartHost entry in sendmail.cf. In Postfix I setup relay_domains and transport maps to handle the internal domains while the relay_host setting handles all other domains. This is all working as expected. Now for the LDAP validation part. The server will not host any mailboxes since it is just a relay. I don't want to use a local table for validation, I want it to query AD in real-time NOTE: If there is a way to cache these entries, great. If not, great. If I setup the LDAP queries according to this article, http://blog.yenlo.com/nl/using-postfix-ldap-search-against-active-directory It works great at the postmap -vq johnpaulvanhelvo...@domain.nl ldap:/etc/postfix/ldap-aliases.cf part but does not validate while relaying mail. Given my configuration, should I be using the virtual_mailbox_domain address class to enable the real-time validation? Or can it be done using relay_domains address class? Thanks, Rich -----Original Message----- From: owner-postfix-us...@postfix.org [mailto:owner-postfix-us...@postfix.org] On Behalf Of Noel Jones Sent: Wednesday, December 30, 2015 1:54 PM To: postfix-users@postfix.org Subject: Re: ldap validate On 12/30/2015 12:35 PM, Gomes, Rich wrote: > My postfix install is quite vanilla. > Other than inet_interfaces, and the ldap config, I change the following: > > Mydomain > Myorigin > Relayhost > > Carefully study the following, especially the parts about "valid addresses." http://www.postfix.org/ADDRESS_CLASS_README.html If you need more help, please see: http://www.postfix.org/DEBUG_README.html#mail -- Noel Jones
