Re: Most users local, some users (same domain) rerouted via transport

Thu, 20 Dec 2012 05:43:00 -0800 

On Thu, Dec 20, 2012 at 01:57:43PM +0100, Ignacio Vazquez wrote:

> I have a mailhost with most of the domain users delivered locally and
> some users (same domain) residing in other machines.

Instead of resolving an unmodified rfc822 address to a different
transport:nexthop, rewrite the rfc822 address (via virtual_alias_maps)
to a domain which is routed (via MX records or per-nexthop transport
table entries) to that transport:nexthop.

> I don't want to create the users that reside in other host in the ldap
> directory and, with this configuration, i get an "Unknown user..."
> when i send an email to foo...@example.com

It is generally a good idea to add the users in question to ldap.
For each user define a "maildrop" attribute which routes their
mail to the appropriate destination address (often the same
as the lookup key).

    LDIF:
        uid: luser
        mail: larry.u...@example.com
        mailalternateaddress: lu...@example.com
        mailalternateaddress: la...@example.com
        maildrop: lu...@imap.example.com

    canonical.cf:
        ... LDAP connection settings ...
        query_filter = mailalternateaddress=%s
        result_attribute = mail

    virtual.cf:
        ... LDAP connection settings ...
        query_filter = (|(mail=%s)(mailalternateaddress=%s))
        result_attribute = maildrop

    main.cf:
        ldap = proxy:ldap:${config_directory}/
        virtual_alias_maps = ${ldap}virtual.cf
        canonical_maps = ${ldap}canonical.cf

Note, in the above schema, users can receive mail via either their
primary email address ("mail") or any of their secondary addresses
("mailalternateaddress"). Mail is delivered to their "maildrop",
which may be equal to "mail", or may represent an underlying
"mailbox" address different from the public address of the user.

The canonical table (optional) ensures that the primary address
appears in the headers and envelope sender address of outgoing
mail.  The canonical mapping precedes virtual alias expansion, so
ultimately the recipient address is the "maildrop" value.

This requires that each receiving mailstore also recognizes a
destination-specific mailbox address for each mailbox. I recommend
this approach as a best-practice.

Per-user routing of unmodified addresses is complicated, and risks
routing loops. Don't route users, route nexthops, and rewrite public
addresses to mailstore-specific mailbox addresses, which are easy
to route.

-- 
        Viktor.

Reply via email to