> On Nov 14, 2023, at 19:09, Viktor Dukhovni via Postfix-users > <postfix-users@postfix.org> wrote: > > On Tue, Nov 14, 2023 at 06:32:55PM +0100, Francis Augusto Medeiros-Logeay via > Postfix-users wrote: > >> I figured out all the queries I need, except one. You see, right now, >> I use Postfixadmin and my query for virtual_mailbox_domains is like >> this: >> >> query = SELECT goto >> FROM alias, alias_domain >> WHERE alias_domain.alias_domain = '%d' >> AND alias.address = CONCAT('%u', '@', alias_domain.target_domain) >> AND alias.active = 1 >> AND alias_domain.active=‘1’ > > Your relational data model is normalised to store each user alias just > once, under the primary domain of each alternate domain. You get to > attach secondary domains to a primary domain without losing recipient > validation by doing wildcard rewrites. > > You reduced the amount of data to manage, at the cost of being unable to > assign valid addresses on a per-user basis, with some users having a > different subset of associated secondary domains than others. >
> This type of normalisation is idiomatic for SQL, but is not idiomatic > (or necessarily possible) with LDAP. > Thank you for the thorough explanation, Viktor. > LDAP schemas are not normalised, they are "star-like". Typical LDAP > objects Objects have multi-valued attributes representing 1-to-many > relationships, such as the set of all the valid addresses of a user > object. > > > virtual.cf: > query = mailacceptinggeneralid=%s > result_attribute = maildrop > > canonical.cf: > query = mailacceptinggeneralid=%s > result_attribute = mail > > Mail can be sent to the user under each of the *explicitly* listed > addresses, but is typically canonicalised to "mail" in outbound email > (all headers and envelope sender). Inbound mail is rewritten to > "maildrop" (just the envelope recipient) for storage. > > Other designs are possible, see LDAP_README for variations. > > But you're unlikely to find (or ultimately want) data model parity. > LDAP directories just aren't SQL databases. If you want to assign > every user in some collection the same set of domains, that would > be done as of provisioning and maintaining the user "entries", > rather than computed via relational query logic. > My case is that I wanted to mimic Postfixadmin in FreeIPA. I even created a plugin for it, and the data model works nice, for the most part, except for the virtual domains part. My design is simplified since I only use virtual mailboxes. But I hear what you are saying, it does seem to be complicate to accomplish the same with LDAP when it comes to that on-the-fly checking if b@domainb exists when b should receive a mail from domainc. I might drop this feature. Best, Francis _______________________________________________ Postfix-users mailing list -- postfix-users@postfix.org To unsubscribe send an email to postfix-users-le...@postfix.org