On Tue, Nov 14, 2023 at 06:32:55PM +0100, Francis Augusto Medeiros-Logeay via
Postfix-users wrote:
> I figured out all the queries I need, except one. You see, right now,
> I use Postfixadmin and my query for virtual_mailbox_domains is like
> this:
>
> query = SELECT goto
> FROM alias, alias_domain
> WHERE alias_domain.alias_domain = '%d'
> AND alias.address = CONCAT('%u', '@', alias_domain.target_domain)
> AND alias.active = 1
> AND alias_domain.active=‘1’
Your relational data model is normalised to store each user alias just
once, under the primary domain of each alternate domain. You get to
attach secondary domains to a primary domain without losing recipient
validation by doing wildcard rewrites.
You reduced the amount of data to manage, at the cost of being unable to
assign valid addresses on a per-user basis, with some users having a
different subset of associated secondary domains than others.
This type of normalisation is idiomatic for SQL, but is not idiomatic
(or necessarily possible) with LDAP.
LDAP schemas are not normalised, they are "star-like". Typical LDAP
objects Objects have multi-valued attributes representing 1-to-many
relationships, such as the set of all the valid addresses of a user
object.
The LDAP representation of a mail user would typically have (attribute
name choices vary, though "cn" for the 'display name', and "mail" for
the single-valued primary address are essentially standard.
user.ldif:
cn: Joe User
uid: joeuser
mail: joe.user@someorg.example
maildrop: joeuser@imap1.someorg.example
mailacceptinggeneralid: joe.user@someorg.example
mailacceptinggeneralid: joe.user@aliasorg1.example
mailacceptinggeneralid: joe.user@aliasorg2.example
mailacceptinggeneralid: joeuser@someorg.example
mailacceptinggeneralid: userjoe@someorg.example
...
virtual.cf:
query = mailacceptinggeneralid=%s
result_attribute = maildrop
canonical.cf:
query = mailacceptinggeneralid=%s
result_attribute = mail
Mail can be sent to the user under each of the *explicitly* listed
addresses, but is typically canonicalised to "mail" in outbound email
(all headers and envelope sender). Inbound mail is rewritten to
"maildrop" (just the envelope recipient) for storage.
Other designs are possible, see LDAP_README for variations.
But you're unlikely to find (or ultimately want) data model parity.
LDAP directories just aren't SQL databases. If you want to assign
every user in some collection the same set of domains, that would
be done as of provisioning and maintaining the user "entries",
rather than computed via relational query logic.
--
Viktor.
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
