> Hola a todos, necesito una ayudita con postfix y la separación de > usuarios según su alcance o sea nacional o internacional. Para ello > seguí una propuesta de usar los grupos que se crean en ldap para manejar > esto y de esta manera tengo lo siguiente en el main.cf > > # Grupos de Usuarios > internacional_server_host = 127.0.0.1 > internacional_server_port = 389 > internacional_bind = no > internacional_timeout = 5 > internacional_search_base = ou=Groups,dc=jovenclub,dc=cu > internacional_query_filter = (&(|(cn=CorreoInt))(memberUid=%u)) > internacional_result_attribute = cn > > > > smtpd_sender_login_maps = ldap:ldapvirtualmap > > smtpd_restriction_classes = CorreoInt, Internacional, InternacionalSalida > > > # Clases > CorreoInt = permit > > Internacional = > check_recipient_access ldap:internacional, > check_sender_access regexp:/etc/postfix/internacional.cf > > InternacionalSalida = > check_sender_access ldap:internacional, > check_recipient_access regexp:/etc/postfix/internacional.cf > > # Reglas > smtpd_helo_restrictions = > permit_mynetworks, > permit_sasl_authenticated, > reject_invalid_helo_hostname > > smtpd_sender_restrictions = > reject_non_fqdn_sender, > permit_mynetworks, > permit_sasl_authenticated > > smtpd_recipient_restrictions = > reject_non_fqdn_recipient, > check_sender_access regexp:/etc/postfix/acceso.cf, > permit_sasl_authenticated, > reject_unauth_destination, > reject_unlisted_recipient, > permit > > Sin embargo postfix hace caso 0 a esto y simplemente envía el correo > no tengo casi ninguna experiencia con postfix y de haber algo previo > obstaculizando estos parametros realmente no lo sabría > > > asi que os deja el main.cf > > # Generated by Zentyal > # See /usr/share/postfix/main.cf.dist for a commented, more complete > version > > # require helo > smtpd_delay_reject = yes > smtpd_helo_required = yes > > strict_rfc821_envelopes = yes > disable_vrfy_command = yes > > smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) > biff = no > > # appending .domain is the MUAs job. > append_dot_mydomain = no > > # Uncomment the next line to generate "delayed mail" warnings > #delay_warning_time = 4h > > myorigin = /etc/mailname > myhostname = tinomail.jovenclub.cu > mydestination = $myorigin,$myhostname,localhost,localhost.$mydomain > smtp_helo_name = tinomail.jovenclub.cu > alias_maps = hash:/etc/aliases > > alias_database = hash:/etc/aliases > local_recipient_maps = proxy:unix:passwd.byname $alias_maps > > relayhost = mx4.jovenclub.cu > > > smtp_tls_security_level = may > smtp_tls_key_file = /etc/postfix/sasl/postfix.pem > smtp_tls_cert_file = /etc/postfix/sasl/postfix.pem > > > mynetworks = 127.0.0.0/8 192.168.xxx.xxx/32 ect. > > message_size_limit = 3145728 > mailbox_size_limit = 0 > virtual_mailbox_limit = 0 > recipient_delimiter = + > inet_interfaces = all > > # Virtual Aliases > virtual_alias_maps = ldap:valiases > valiases_server_host = 127.0.0.1 > valiases_search_base = ou=mailalias,ou=postfix,dc=jovenclub,dc=cu > valiases_query_filter = (&(mail=%s)(objectClass=CourierMailAlias)) > valiases_result_attribute = maildrop > aliases_bind = no > > # Virtual Domains > dovecot_destination_recipient_limit = 1 > virtual_transport = dovecot > #virtual_transport = virtual > virtual_mailbox_base = /var/vmail/ > virtual_mailbox_maps= ldap:ldapvirtualmap > > ldapvirtualmap_server_host = 127.0.0.1:389 > ldapvirtualmap_bind = no > ldapvirtualmap_search_base = ou=Users,dc=jovenclub,dc=cu > ldapvirtualmap_query_filter = > (&(mail=%s)(!(quota=-1))(objectClass=CourierMailAccount)) > ldapvirtualmap_result_attribute = mailbox > > virtual_mailbox_domains = ldap:vmaildomains > vmaildomains_server_host = 127.0.0.1 > vmaildomains_bind = no > vmaildomains_search_base = ou=postfix,dc=jovenclub,dc=cu > vmaildomains_query_filter = > (|(&(objectclass=domain)(domainComponent=%s))(&(objectclass=CourierMailAlias)(mail=@%s))) > vmaildomains_result_attribute = dc, maildrop > > > virtual_minimum_uid = 100 > virtual_uid_maps = static:110 > virtual_gid_maps = static:114 > > ######### > > # Grupos de Usuarios > internacional_server_host = 127.0.0.1 > internacional_server_port = 389 > internacional_bind = no > internacional_timeout = 5 > internacional_search_base = ou=Groups,dc=jovenclub,dc=cu > internacional_query_filter = (&(|(cn=CorreoInt))(memberUid=%u)) > internacional_result_attribute = cn > > > # TLS/SSL > smtpd_use_tls = yes > smtpd_tls_note_starttls = yes > smtpd_tls_key_file = /etc/postfix/sasl/postfix.pem > smtpd_tls_cert_file = /etc/postfix/sasl/postfix.pem > smtpd_tls_loglevel = 1 > > # recipient restrictions > smtpd_recipient_restrictions = permit_sasl_authenticated, > permit_mynetworks, reject_unauth_destination, reject_non_fqdn_sender, > reject_unknown_sender_domain, reject_invalid_helo_hostname, > reject_non_fqdn_helo_hostname, check_helo_access > pcre:/etc/postfix/helo_checks.pcre > submission_recipient_restrictions = reject_non_fqdn_sender, > reject_non_fqdn_recipient, permit_sasl_authenticated, permit_mynetworks, > reject > smtpd_restriction_classes = submission_recipient_restrictions > > #SASL authentication > smtpd_sasl_auth_enable = yes > smtpd_sasl_security_options = noanonymous > smtpd_sasl_local_domain = > broken_sasl_auth_clients = yes > smtpd_tls_auth_only = yes > smtpd_sasl_type = dovecot > smtpd_sasl_path = private/auth > smtpd_sasl_local_domain = $myorigin > > > > > ########### > > ## Reglas > > # Verifico enviador > smtpd_sender_login_maps = ldap:ldapvirtualmap > > # Dominio de Reenvio > #relay_domains = jovenclub.cu > > # Clases de Restricciones > #smtpd_restriction_classes = CorreoInt > smtpd_restriction_classes = CorreoInt, Internacional, InternacionalSalida > > # Clases > CorreoInt = permit > > Internacional = > check_recipient_access ldap:internacional, > check_sender_access regexp:/etc/postfix/internacional.cf > > InternacionalSalida = > check_sender_access ldap:internacional, > check_recipient_access regexp:/etc/postfix/internacional.cf > > # Reglas > smtpd_helo_restrictions = > permit_mynetworks, > permit_sasl_authenticated, > reject_invalid_helo_hostname > > smtpd_sender_restrictions = > reject_non_fqdn_sender, > permit_mynetworks, > permit_sasl_authenticated, > > > smtpd_recipient_restrictions = > reject_non_fqdn_recipient, > check_sender_access regexp:/etc/postfix/acceso.cf, > permit_sasl_authenticated, > reject_unauth_destination, > reject_unlisted_recipient, > permit
Que casualidad. Hoy precisamente yo estaba analizando el ejemplo que habia dejado en un post de septiembre Ernesto Acosta. No tengo Zentyal, pero si postfix,dovecot, squirrelmail. Precisamente ahora estoy inmerso en este mismo problema pero contra un Directorio Activo. Me interesa la solucion. saludos. ______________________________________________________________________ Lista de correos del Grupo de Usuarios de Tecnologías Libres de Cuba. Gutl-l@jovenclub.cu https://listas.jovenclub.cu/cgi-bin/mailman/listinfo/gutl-l
