Thank you very much, Viktor. That pointed me in the right direction and while I still have more testing to do, I now have the system returning the desired error message based on the LDAP query results.
=lisa c ________________________________ From: owner-postfix-us...@postfix.org <owner-postfix-us...@postfix.org> on behalf of Viktor Dukhovni <postfix-us...@dukhovni.org> Sent: Tuesday, March 21, 2017 11:08:31 AM To: Postfix Subject: Re: Send Alternate Error Response based on LDAP Query Results > On Mar 21, 2017, at 11:59 AM, pandorasbox55 <pandorasbo...@outlook.com> wrote: > > Hi - > > I am trying to find out if there is a way to send alternate error responses > based on the results of an LDAP query. > > For example, the current LDAP query checks to see if an account is active > and has the necessary email attributes and routes email accordingly. If an > account does not meet the requirements an error message is returned of user > unknown (which is correct based on the query). > > I would like to add a query so if the account has the proper mail attributes > (thus exists) but is disabled (not active) then a different error response > would be returned, such as "this account is disabled and cannot receive > mail" vs "user unknown". See: http://www.postfix.org/access.5.html Postfix manual - access(5)<http://www.postfix.org/access.5.html> www.postfix.org ACCESS(5) ACCESS(5) NAME access - Postfix SMTP server access table SYNOPSIS postmap /etc/postfix/access postmap ... main.cf: ldap = proxy:ldap:${config_directory}/ smtpd_recipient_restrictions = ... check_recipient_access ${ldap}ldap-rcpt-access.cf ldap-rcpt-access.cf: <your settings here> query_filter = <your query> result_attribute = mail size_limit = 1 expansion_limit = 1 result_format = 550 5.7.1 Blah, blah, blah %S blah, blah, blah -- Viktor.
