postfix-users October 2010 archive
Main Archive Page > Month Archives  > postfix-users archives
postfix-users: Re: Aliases LDAP maps from the MX ?

Re: Aliases LDAP maps from the MX ?

From: Wietse Venema <wietse_at_nospam>
Date: Fri Oct 08 2010 - 17:17:58 GMT
To: Postfix users <postfix-users@postfix.org>

Victor Duchovni:
> On Fri, Oct 08, 2010 at 12:50:42PM -0400, Wietse Venema wrote:
>
> > Victor Duchovni:
> > > I avoid the need for such empty relay tables, by making all my
> > > externally-facing domains (the domains in which users get their
> > > primary email addresses) be virtual alias domains. All internal
> > > delivery is to "mailbox" domains that are the result of virtual
> > > alias rewrites:
> > >
> > > main.cf:
> > > virtual_alias_domains = example.com
> > >
> > > indexed = ${default_database_type}:${config_directory}/
> > > virtual_alias_maps = hash:/etc/postfix/virtual
> > > transport_maps = hash:/etc/postfix/transport
> > >
> > > virtual:
> > > user@example.com user@mbox-domain.example.com
> > ...
> >
> > That is simpler, but I tried to avoid this, because sometimes the
> > back-end MTA is configured to accept user@example.com but not
> > user@server.example.com.
>
> In many business email systems, the back-end store is MSFT Exchange,
> in which case, support for non-primary addresses is not difficult,
> one just populates the mailbox addresses into
>
> proxyAddresses: SMTP:Joe.User@example.com
> proxyAddresses: smtp:juser@exchange.example.com
>
> one also makes the Exchange servers authoritative for the
> "exchange.example.com" domain, but forward anything unresolved int the
> parent domain (example.com) to the cross-domain mail hub for routing.
>
> This is most useful when multiple mail store environments are present.
> (Multiple Exchange installations, and/or other non MSFT mailstores).
>
> Some people find it easier to rewrite mailbox->primary mail in
> smtp_generic_maps, so that the backend servers still see the primary
> address, but the Postfix queue sees mailbox domains, and thereby avoid
> per-user transport lookups, which typically involve much slower
> (compared to indexed-file lookups) LDAP or SQL queries and can adversely
> impact queue manager performance.

Yes, I forgot about the smtp_generic_maps solution. That would
look like:

    /etc/postfix/main.cf:
        virtual_alias_domains = example.com
        virtual_alias_maps = hash:/etc/postfix/virtual
        transport_maps = hash:/etc/postfix/transport
        smtp_generic_maps = hash:/etc/postfix/smtp_generic

    /etc/postfix/virtual:
        user@example.com user@mbox-domain.example.com

    /etc/postfix/transport:
        # Mbox domain has MX hosts:
        mbox-domain.example.com mbox-domain.example.com

        # Mbox domain has a gateway:
        # mbox-domain.example.com [mbox-domain.example.com]

    /etc/postfix/smtp_generic
        @mbox-domain.example.com @example.com

Or their equivalents using CDB or LDAP (the hash: forms are
sufficient to get peolpe started).

And by now starts to look familiar from earlier posts on this list.
If you agree with the general form, we should add this to the
STANDARD_CONFIGURATION_README.

One glitch in the example is that it uses the default smtp transport,
and therefore applies smtp_generic_maps to outbound mail.

        Wietse