reject mails unknown users at smtp stage (postfix &relay_recipient_maps)

Drew Burchett DrewB at united-systems.com
Wed Feb 7 16:51:46 CET 2007


You didn't mention what sort of backend you're delivering to, but here's
the way I did it with Exchange 2000 & 2003:

Local_recipient_maps =
hash:/etc/postfix/db/local,ldap:/etc/postfix/ldap/users.ldap

The file /etc/postfix/db/local contains a list of domains that I can
relay for, but can't be contacted via ldap.  This could also be a list
of individual users if you wanted to keep it synched with your list of
valid email addresses.

The file /etc/postfix/ldap/users.ldap looks like this:

server_host = ip.of.my.exchange 
search_base = dc=my,dc=domain
bind_dn = cn=LDAP Query,ou=my.ou,dc=my,dc=domain
bind_pw = password
domain = hash:/etc/postfix/db/mydestination
query_filter = (|(mail=%s)(proxyAddresses=smtp:%s)) 
result_attribute = mail 
version = 3

Since I have multiple domains, I pointed the domain entry above to a
file that I also use for the mydestination entry in main.cf.

If I'm not mistaken, you could list multiple ldap files in your
local_recipient_maps, but keep in mind that each one is going to take
time to connect and query.  If you list too many, you may bring your
mail delivery to its knees.

--
CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.

-- 
This message has been scanned for viruses and dangerous content by MailScanner and is believed to be clean.



More information about the MailScanner mailing list