On 12/30/2015 11:22 AM, Gomes, Rich wrote: > I have a couple of question about LDAP verification. > > I followed this guide as I am using AD as LDAP source: > > http://blog.yenlo.com/nl/using-postfix-ldap-search-against-active-directory > > > This works perfectly until I am sending mail to the postfix server, then it > accepts the mail and passes with no verification. > To clarify, this is the step that works perfectly: > > postmap -vq johnpaulvanhelvo...@domain.nl ldap:/etc/postfix/ldap-aliases.cf > > But not when I am sending to postfix (appserver > postfixrelay > nextsmtphop) > > What needs to be done to validate them during the SMTP transaction?
Make sure your query returns nothing with a non-existent address. The correct settings for address validation depend on the address class of the recipient domain. http://www.postfix.org/ADDRESS_CLASS_README.html users in local domains defined in $mydestination are listed in local_recipient_maps users in domains defined in $relay_domains are listed in relay_recipient_maps users in domains defined in $virtual_alias_domains are listed in $virtual_alias_maps users in domains defined in $virtual_mailbox_domains are listed in $virtual_mailbox_maps Additionally, wildcard rewrites in virtual_alias_maps or *canonical_maps will disable address validation. Don't use wildcard rewrites. -- Noel Jones
