On Tue, Nov 14, 2023 at 06:32:55PM +0100, Francis Augusto Medeiros-Logeay via Postfix-users wrote:
> I figured out all the queries I need, except one. You see, right now, > I use Postfixadmin and my query for virtual_mailbox_domains is like > this: > > query = SELECT goto > FROM alias, alias_domain > WHERE alias_domain.alias_domain = '%d' > AND alias.address = CONCAT('%u', '@', alias_domain.target_domain) > AND alias.active = 1 > AND alias_domain.active=‘1’ Your relational data model is normalised to store each user alias just once, under the primary domain of each alternate domain. You get to attach secondary domains to a primary domain without losing recipient validation by doing wildcard rewrites. You reduced the amount of data to manage, at the cost of being unable to assign valid addresses on a per-user basis, with some users having a different subset of associated secondary domains than others. This type of normalisation is idiomatic for SQL, but is not idiomatic (or necessarily possible) with LDAP. LDAP schemas are not normalised, they are "star-like". Typical LDAP objects Objects have multi-valued attributes representing 1-to-many relationships, such as the set of all the valid addresses of a user object. The LDAP representation of a mail user would typically have (attribute name choices vary, though "cn" for the 'display name', and "mail" for the single-valued primary address are essentially standard. user.ldif: cn: Joe User uid: joeuser mail: joe.user@someorg.example maildrop: joeuser@imap1.someorg.example mailacceptinggeneralid: joe.user@someorg.example mailacceptinggeneralid: joe.user@aliasorg1.example mailacceptinggeneralid: joe.user@aliasorg2.example mailacceptinggeneralid: joeuser@someorg.example mailacceptinggeneralid: userjoe@someorg.example ... virtual.cf: query = mailacceptinggeneralid=%s result_attribute = maildrop canonical.cf: query = mailacceptinggeneralid=%s result_attribute = mail Mail can be sent to the user under each of the *explicitly* listed addresses, but is typically canonicalised to "mail" in outbound email (all headers and envelope sender). Inbound mail is rewritten to "maildrop" (just the envelope recipient) for storage. Other designs are possible, see LDAP_README for variations. But you're unlikely to find (or ultimately want) data model parity. LDAP directories just aren't SQL databases. If you want to assign every user in some collection the same set of domains, that would be done as of provisioning and maintaining the user "entries", rather than computed via relational query logic. -- Viktor. _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org