NEOHAPSIS - Peace of Mind Through Integrity and Insight

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Postfix Discussion> 2008-09

LDAP lookups, /etc/aliases processing, MX on separate machine.

From: k bah (kbahlinuxmail.org)
Date: Mon Sep 01 2008 - 06:05:41 CDT

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

My setup works, I just need to find if it's really a correct configuration.
The issue:
I don't have the machine with the organization's domain as MX for my domain.
Mails are "personcity.organization.tld" and the MX is
machinexyz.organization.tld.
I want mails to "anyone" in the aliases file to be sent correctly (either to
another account on my organization's domain or an outside email address).
Please read the next part of my email to understand.

Scenario:

I'm running postfix-2.3.2-28.
I have a machine which acts as both MX and smtp-out for other machine, the
machine with my organization's mail domain. I use LDAP for the user lookup
tables. Everything works ok, I guess config makes sense (I'm reading
http://www.postfix.org/postconf.5.html). On the MX machine, I don't run the
IMAP server, it's also on a separate machine, and there I run another postfix.
"Organization's domain" = city.organization.tld (there are no other
*.organization.tld, city = the whole organization)
MX machine = machinexyz.organization.tld
IMAP machine = machinexyz2.organization.tld

INTERNET --"(a)"--> MX_MACHINE --"(b)"--> IMAP_MACHINE

(a) mail to someone_exists_on_ldapcity.organization.tld. arrives
(a) Still on "a" MX machine finds user because he is looked up on LDAP
(relay_recipient_maps)
(b) Message is delivered using transport "city.organization.tld relay
[xx.xx.xx.xx]" where xx.xx.xx.xx is the ip address of the final machine,
running IMAP/postfix. There I use Dovecot LDA as transport.

So, to be clear, I want to have aliases for city.organization.tld, either to
another account on city.organization.tld or to persongmail.com, for instance
to be correctly processed by: the first machine which sees the message (mx
machine) and the final machine, the imap machine (there I run postfix, as I
said).

------------ MX MACHINE -- MX MACHINE
alias_maps = hash:/etc/aliases, ldap:ldaplocal, ldap:/etc/postfix/ldap-local.cf
local_recipient_maps = hash:/etc/aliases, ldap:ldaplocal,
ldap:/etc/postfix/ldap-local.cf
virtual_alias_maps = hash:/etc/postfix/virtual
virtual_alias_domains = hash:/etc/postfix/virtual
virtual_maps = ldap:/etc/postfix/ldap-local.cf
relay_recipient_maps = ldap:ldaplocal, ldap:/etc/postfix/ldap-local.cf
ldaplocal_server_host=ldapserver.organization.tld
ldaplocal_search_base=ou=people,dc=organization,dc=tld
ldaplocal_query_filter=(&(|(&(objectclass=postfixuser
(objectclass=inetlocalmailrecipient)) (objectclass=groupofuniquenames)
(mail=%s))
ldaplocal_result_attribute=mailRoutingAddress
transport_maps = hash:/etc/postfix/transport
content_filter=smtp-amavis:[127.0.0.1]:10024
mydestination = $myhostname, localhost.$mydomain
relay_domains = city.organization.tld ("organization's domain")
smtpd_recipient_restrictions = permit_mynetworks, permit_auth_destination,
reject_unauth_destination, reject_unverified_recipient, check_recipient_access
unverified_recipient_reject_code = 559
mynetworks = 127.0.0.0/8, xx.xx.0.0/16
unknown_local_recipient_reject_code = 450
myhostname = machinexyz.organization.tld (mx machine)
------------ MX MACHINE -- MX MACHINE

------------ MX MACHINE TRANSPORT
city.organization.tld relay:[xx.xx.xx.xx] where xx.xx.xx.xx is the ip
address with IMAP server
------------ MX MACHINE TRANSPORT

IMAP/"FINAL DESTINATION" MACHINE MAIN.CF:

Exact the same present on mx machine, except for:

mydestination = $myhostname, localhost.$mydomain, city.organization.tld
dovecot_destination_recipient_limit = 1
mailbox_transport = dovecot
mydestination = $myhostname, localhost.$mydomain, city.organization.tld

Solution A)
Should I configure mx machine to have the city.organization.tld domain as
destination? That way /etc/aliases would be read, as of now, I think the mx
machine looks first and only on the relay_recipient table which is LDAP.

Solution B) (THIS IS WORKING)
I add the desired alias to both "mx machine" /etc/aliases, and "imap
machine" /etc/aliases...
Does that make sense, is it a correct configuration? Or just a wrong
configuration which happens to work, but is not really correct?

=
internet banking
Open A Bank Account Online. Compare Bank Rates and Offers Here.
http://a8-asy.a8ww.net/a8-ads/adftrclick?redirectid=481188d7258f0fcbdcd4bb473323f670

--
Powered by Outblaze

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]