Hello dear postfix user! I already asked on the German postfix-users-lists but nobody answered there, so I hope, someone of you can help us :)
We have in a relatively large organization the following LDAP-Setup: ou=users,dc=domain,dc=de contains all users with their attributes. We use the `mail`-attribut always as final destination-address of the user. If the user has a mailbox, it is the address of the mailbox. If the user has a mail-alias, it's the forwarding destination. Respective in last case we have the mail-address with @domain.de, which should be forwarded, in `mailForwardingAddress`. In order that postfix knows, who has an alias and who has a mailbox, there are different users used in the different queries and everything is filtered via LDAP-ACL (the permissions are managed with LDAP `groupOfNames`). That worked perfectly, but recently someone, who already had a mailbox, added additionally an alias to this account. The result looked like this in LDAP: cn=einUser,ou=users,dc=domain,dc=de mail: einu...@domain.de mail: einu...@externalprovider.de mailForwardingAddress: einu...@domain.de You can imagine, was happened: when a mail to einu...@domain.de arrived and postfix looked for aliases in LDAP, it found einu...@externalprovider.de _and_ einu...@domain.de. This created an infinitive loop, which could only be stopped with a postfix restart (maybe it could be stopped in another way, but at the moment there were no time for googling...) We discussed intensive how to fix the problem: to pass on users with mailbox and alias is unfortunately not possible. A LDAP-restructure goes with a big effort, because many applications are connected to it, which all have to be adapted. One option would be to just create two users - one for alias and one for mailbox, but since we have our own webinterface, where users can manage their accounts, this would be quite elaborate to implement. Certainly I searched already for a another solution, but I couldn't find something. So my question is: is their any possibility that postfix can detect forwarding loops and just stop them? No matter on all the LDAP stuff, shouldn't postfix be intelligent enough to detect if forwarding source and destination are similar? It would be great, if someone has an idea how we could solve this! Cheers, Andreas Krischer akbyte webentwicklung Pastor-Lüpschen-Str. 82 52351 Düren https://akbyte.com kont...@akbyte.com +49 (0) 2421 500 332 Skype: akbyte_com
signature.asc
Description: OpenPGP digital signature
