OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Blocking non existant users at the gateway

From: Ian Clancy (ClancyIancel.ie)
Date: Wed Dec 01 2004 - 17:05:18 CST

Greeting postfix users,
I have setup a postfix (2.1.5) smtp gateway that relays mail to an internal
postfix server. User information is stored on a openldap server within the
network. What i am attempting to do is bounce emails at the gateway server
that are addressed to users that do not exist on the internal ldap
directory. I am using amavisd-new as a content filter.

Here is my gateway main.cf :

---------------------------------------
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
mail_owner = postfix
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain
local_recipient_maps = ldap:ldaplocal
unknown_local_recipient_reject_code = 550
relay_domains = $mydestination, mydomain.com
alias_maps = hash:/etc/aliases
debug_peer_level = 2
debugger_command =
         PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
         xxgdb $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.1.15/samples
readme_directory = /usr/share/doc/postfix-2.1.15/README_FILES
alias_database = hash:/etc/aliases
myorigin = $myhostname
mydomain = mydomain.com
mynetworks = 192.168.0.0/16, 127.0.0.0/8
biff = no
smtpd_banner = fw.mydomain.com ESMTP
queue_minfree = 20480000
message_size_limit = 5012000
transport_maps = hash:/etc/postfix/transport
smtpd_helo_required = yes
content_filter = smtp-amavis:[localhost]:10024
notify_classes = resource, software, policy
ldaplocal_server_host = ldapmaster.bp
ldaplocal_search_base = ou=People,dc=mydomain,dc=org
ldaplocal_query_filter = (uid=%s)
ldaplocal_result_attribute = uid

--------------------------------------------------------

also, my transport file contains the following line instructing postfix to
relay mail to the internal server.
---------------------------------------------------------
celczech.cz smtp:[192.168.2.2]
---------------------------------------------------------

I know that the ldap lookups are working as the following command returns a
string :

postmap -q 'clancyian' ldap:ldaplocal

or if i choose to enter a user that does not exist then no string is
returned.

Am i missing something in my main.conf ?. How do i explicity tell postfix to
reject these users which do not exist ?. I have tried disabling the
amavisd-new content filter but this does not make any difference.

Thanks in advance for any help.
regards,
Ian Clancy

Legal Disclaimer: Any views expressed by the sender of this message are
not necessarily those of Connaught Electronics Ltd. Information in this
e-mail may be confidential and is for the use of the intended recipient
only, no mistake in transmission is intended to waive or compromise such
privilege. Please advise the sender if you receive this e-mail by mistake.