Hi all, Postfix 2.5.5 on Debian Lenny. I'm able to do LDAP lookups (to Active Directory) and get the response I expect, but I don't understand why mail is still bouncing with 'Unknown user' after the SMTP RCPT TO is given the OK.
ccimap:/etc/postfix# postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases ldap:/etc/postfix/ldap-aliases.cf append_dot_mydomain = no biff = no config_directory = /etc/postfix home_mailbox = Maildir/ inet_interfaces = all mailbox_size_limit = 0 mydestination = ccimap.laterooms.com, ccimap.ad.laterooms.com, localhost.laterooms.com, localhost, laterooms.com myhostname = ccimap.ad.laterooms.com mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128 myorigin = /etc/mailname readme_directory = /usr/share/doc/postfix recipient_delimiter = + smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) ccimap:/etc/postfix# more ldap-aliases.cf server_host = ad.laterooms.com search_base = dc=ad,dc=laterooms,dc=com query_filter = (mail=%s) result_attribute = samaccountname result_format = %...@ccimap.ad.laterooms.com bind_dn = cn=postpathadmin,cn=Users,dc=ad,dc=laterooms,dc=com bind_pw = XXXXXXXXXXX version = 3 ccimap:/etc/postfix# postalias -q elvira.i...@laterooms.com ldap:/etc/postfix/ldap-aliases.cf ei...@ccimap.ad.laterooms.com So, the email address is being successfully translated to username 'eilli' on the local box. This user exists (via winbind lookup) : ccimap:/etc/postfix# getent passwd eilli eilli:*:10465:10000::/home/AD/eilli:/bin/bash ccimap:/etc/postfix# ls -l /home/AD/eilli/Maildir/ drwx------ 2 eilli domain users 4096 2009-09-13 02:16 cur drwx------ 2 eilli domain users 4096 2009-09-13 02:40 new drwx------ 2 eilli domain users 4096 2009-09-13 02:40 tmp Yet if I send email to elvira, it's accepted at the SMTP level: 220 ccimap.ad.laterooms.com ESMTP Postfix (Debian/GNU) helo me 250 ccimap.ad.laterooms.com mail from:<> 250 2.1.0 Ok rcpt to:<elvira.i...@laterooms.com> 250 2.1.5 Ok data 354 End data with <CR><LF>.<CR><LF> hi . 250 2.0.0 Ok: queued as EE79B2F190 quit 221 2.0.0 Bye Connection closed by foreign host. but in the end, the mail bounces: Sep 13 03:12:16 ccimap postfix/smtpd[18465]: dict_proxy_lookup: table=unix:passwd.byname flags=lock|fold_fix key=elvira.i...@laterooms.com -> status=1 result= Sep 13 03:12:16 ccimap postfix/smtpd[18465]: dict_ldap_lookup: In dict_ldap_lookup Sep 13 03:12:16 ccimap postfix/smtpd[18465]: dict_ldap_lookup: No existing connection for LDAP source /etc/postfix/ldap-aliases.cf, reopening Sep 13 03:12:16 ccimap postfix/smtpd[18465]: dict_ldap_connect: Connecting to server ldap://ad.laterooms.com:389 Sep 13 03:12:16 ccimap postfix/smtpd[18465]: dict_ldap_connect: Actual Protocol version used is 3. Sep 13 03:12:16 ccimap postfix/smtpd[18465]: dict_ldap_connect: Binding to server ldap://ad.laterooms.com:389 as dn cn=postpathadmin,cn=Users,dc=ad,dc=laterooms,dc=com Sep 13 03:12:16 ccimap postfix/smtpd[18465]: dict_ldap_connect: Successful bind to server ldap://ad.laterooms.com:389 as cn=postpathadmin,cn=Users,dc=ad,dc=laterooms,dc=com Sep 13 03:12:16 ccimap postfix/smtpd[18465]: dict_ldap_connect: Cached connection handle for LDAP source /etc/postfix/ldap-aliases.cf Sep 13 03:12:16 ccimap postfix/smtpd[18465]: dict_ldap_lookup: /etc/postfix/ldap-aliases.cf: Searching with filter (mail=elvira.i...@laterooms.com) Sep 13 03:12:16 ccimap postfix/smtpd[18465]: dict_ldap_get_values[1]: Search found 1 match(es) Sep 13 03:12:16 ccimap postfix/smtpd[18465]: dict_ldap_get_values[1]: search returned 1 value(s) for requested result attribute sAMAccountName Sep 13 03:12:16 ccimap postfix/smtpd[18465]: dict_ldap_get_values[1]: Leaving dict_ldap_get_values Sep 13 03:12:16 ccimap postfix/smtpd[18465]: dict_ldap_lookup: Search returned ei...@ccimap.ad.laterooms.com Sep 13 03:12:16 ccimap postfix/smtpd[18465]: maps_find: local_recipient_maps: ldap:/etc/postfix/ldap-aliases.cf(0,lock| fold_fix): elvira.i...@laterooms.com = ei...@ccimap.ad.laterooms.com Sep 13 03:12:16 ccimap postfix/smtpd[18465]: mail_addr_find: elvira.i...@laterooms.com -> ei...@ccimap.ad.laterooms.com Sep 13 03:12:16 ccimap postfix/smtpd[18465]: smtpd_check_rewrite: trying: permit_inet_interfaces Sep 13 03:12:16 ccimap postfix/smtpd[18465]: permit_inet_interfaces: localhost 127.0.0.1 Sep 13 03:12:16 ccimap postfix/smtpd[18465]: before input_transp_cleanup: cleanup flags = enable_header_body_filter enable_automatic_bcc enable_address_mapping enable_milters Sep 13 03:12:16 ccimap postfix/smtpd[18465]: after input_transp_cleanup: cleanup flags = enable_header_body_filter enable_automatic_bcc enable_address_mapping Sep 13 03:12:16 ccimap postfix/smtpd[18465]: connect to subsystem public/cleanup Sep 13 03:12:16 ccimap postfix/smtpd[18465]: public/cleanup socket: wanted attribute: queue_id Sep 13 03:12:16 ccimap postfix/smtpd[18465]: input attribute name: queue_id Sep 13 03:12:16 ccimap postfix/smtpd[18465]: input attribute value: EE79B2F190 Sep 13 03:12:16 ccimap postfix/smtpd[18465]: public/cleanup socket: wanted attribute: (list terminator) Sep 13 03:12:16 ccimap postfix/smtpd[18465]: input attribute name: (end) Sep 13 03:12:16 ccimap postfix/smtpd[18465]: send attr flags = 178 Sep 13 03:12:16 ccimap postfix/smtpd[18465]: EE79B2F190: client=localhost[127.0.0.1] Sep 13 03:12:16 ccimap postfix/smtpd[18465]: > localhost[127.0.0.1]: 250 2.1.5 Ok Sep 13 03:12:18 ccimap postfix/smtpd[18465]: < localhost[127.0.0.1]: data Sep 13 03:12:18 ccimap postfix/smtpd[18465]: > localhost[127.0.0.1]: 354 End data with <CR><LF>.<CR><LF> Sep 13 03:12:19 ccimap postfix/cleanup[18468]: EE79B2F190: message-id=<20090913021216.ee79b2f...@ccimap.ad.laterooms.com> Sep 13 03:12:19 ccimap postfix/qmgr[18447]: EE79B2F190: from=<>, size=346, nrcpt=1 (queue active) Sep 13 03:12:19 ccimap postfix/smtpd[18465]: public/cleanup socket: wanted attribute: status Sep 13 03:12:19 ccimap postfix/smtpd[18465]: input attribute name: status Sep 13 03:12:19 ccimap postfix/smtpd[18465]: input attribute value: 0 Sep 13 03:12:19 ccimap postfix/smtpd[18465]: public/cleanup socket: wanted attribute: reason Sep 13 03:12:19 ccimap postfix/smtpd[18465]: input attribute name: reason Sep 13 03:12:19 ccimap postfix/smtpd[18465]: input attribute value: (end) Sep 13 03:12:19 ccimap postfix/smtpd[18465]: public/cleanup socket: wanted attribute: (list terminator) Sep 13 03:12:19 ccimap postfix/smtpd[18465]: input attribute name: (end) Sep 13 03:12:19 ccimap postfix/smtpd[18465]: > localhost[127.0.0.1]: 250 2.0.0 Ok: queued as EE79B2F190 Sep 13 03:12:19 ccimap postfix/local[18469]: EE79B2F190: to=<elvira.i...@laterooms.com>, relay=local, delay=9.6, delays=9.5/0.03/0/0.06, dsn=5.1.1, status=bounced (unknown user: "elvira.illi") Sep 13 03:12:19 ccimap postfix/qmgr[18447]: EE79B2F190: removed Sep 13 03:12:20 ccimap postfix/smtpd[18465]: < localhost[127.0.0.1]: quit Sep 13 03:12:20 ccimap postfix/smtpd[18465]: > localhost[127.0.0.1]: 221 2.0.0 Bye It's quite true that 'elvira.illi' is not a local user, but why is Postfix not using 'ei...@ad.laterooms.com' which is successfully looked up only moments before? Sending mail via telnet 25 to ei...@ad.laterooms.com works fine - the message immediately appears in /home/AD/eilli/Maildir/new/ I must have made a fundamental error / misunderstanding but I can't see it - can someone point me in the right direction, please? Cheers, Gavin.
