On Thu, Oct 26, 2023 at 06:32:53PM -0400, Wietse Venema via Postfix-users wrote:
> > I'm trying to see if someone has a good app to connect to an exchange or
> > O365 server either via LDAP or AD to grab all of the legitimate email
> > accounts, forwarding accounts and Groups in order to build a
> > transport_recipients file this way reject all invalid email prior to
> > forwarding it to any destination.
> >
> > Im thinking there would be something open source out there, just not able
> > to find it.
>
> I'm not familiar with AD, but on the Postfix side can use
> reject_unverified_recipient to query a destination server if it
> would accept mail for a recipient. Postfix maintains a cache
> for positive and negative reject_unverified_recipient results.
Why not just query AD via LDAP? Use the below as a basis for a
"virtual_alias_maps" tables (not transport!):
main.cf:
ldap = proxy:ldap:${config_directory}/
virtual_alias_maps = ${ldap}valias.cf
query = proxyAddresses=smtp:%s
valias.cf:
query = proxyAddresses=smtp:%s
result_attribute = mail
version = 3
scope = sub
server_host = ...
search_base = ...
bind_dn = ...
bind_pw = ...
bind = yes
This scales much better than per-user transport looks via LDAP, and
avoids the need to extract tables, risk stale data, ...
See ldap_table(5) and LDAP_README for more details.
--
Viktor.
_______________________________________________
Postfix-users mailing list -- [email protected]
To unsubscribe send an email to [email protected]
