Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: LDAP query for Postfix recipient verification

  1. #1
    gufy is offline Junior Member
    Join Date
    May 2008
    Posts
    8
    Rep Power
    7

    Default LDAP query for Postfix recipient verification

    Hello everybody,
    our Zimbra installation is a multi-server one. We have several domain hosted on our Zimbra servers. A frontal MX (Postfix) is relaying mail for these domains.
    We want to do so recipient verifications on this frontal MX for some relayed domains before accepting connections.
    What sould be the LDAP query ?

    Below is my Postfix configuration. The problem is with distribution lists.
    I can't find a way to include distribution lists in the query.

    server_host = ldap://ldap1.domain.com:389
    server_port = 389
    search_base =
    query_filter = (&(|(zimbraMailDeliveryAddress=%s)(zimbraMailAlias =%s)(zimbraMail
    CatchAllAddress=%s))(zimbraMailStatus=enabled))
    result_attribute = zimbraMailDeliveryAddress
    version = 3
    ldap_cache = yes
    ldap_cache_expiry = 600
    ldap_cache_size = 64256
    bind = no
    timeout = 30

    Thanks !

  2. #2
    iway is offline Partner (VAR/HSP)
    Join Date
    May 2008
    Posts
    432
    Rep Power
    7

    Exclamation

    Yeah, we'd be interested in that, too!

    Any infos?

  3. #3
    gufy is offline Junior Member
    Join Date
    May 2008
    Posts
    8
    Rep Power
    7

    Default

    Here's how i did it :

    Create /etc/postfix/ldap_zimbra.cf
    server_host = ldap://ldapthost.domain.com:389
    server_port = 389
    search_base =
    query_filter = (&(|(zimbraMailDeliveryAddress=%s)(zimbraMailA lias=%s)(zimbraMailCatchAllAddress=%s))(zimbraMail Status=enabled))
    result_attribute = zimbraMailDeliveryAddress,zimbraMailAlias
    version = 3
    ldap_cache = yes
    ldap_cache_expiry = 600
    ldap_cache_size = 64256
    bind = no
    timeout = 30

    Edit /etc/postfix/main.cf :
    relay_recipient_maps = ldap:/etc/postfix/ldap_zimbra.cf

    However, don't forget to turn off this recipient check on your MX if you have to shutdown your Zimbra servers.
    Last edited by gufy; 09-30-2008 at 01:28 AM.

  4. #4
    iway is offline Partner (VAR/HSP)
    Join Date
    May 2008
    Posts
    432
    Rep Power
    7

    Default

    Hi!

    Your setup gives me the following error in /var/log/mail :

    warning: dict_ldap_lookup: Search error -7: Bad search filter

    Any ideas?

    Thanks

    Chris

  5. #5
    Klug's Avatar
    Klug is offline Moderator
    Join Date
    Mar 2006
    Location
    Beaucaire, France
    Posts
    2,316
    Rep Power
    13

    Default

    Why not using SMTP callout instead of LDAP callout ?

  6. #6
    iway is offline Partner (VAR/HSP)
    Join Date
    May 2008
    Posts
    432
    Rep Power
    7

    Default

    What's that?

    OK. Found it. But Zimbra gives back a 250 deliverable, even though the address does not exist.
    Last edited by iway; 09-30-2008 at 03:39 AM.

  7. #7
    iway is offline Partner (VAR/HSP)
    Join Date
    May 2008
    Posts
    432
    Rep Power
    7

    Default

    Any ideas on the LDAP problem?

    We still get this: dict_ldap_lookup: Search error -7: Bad search filter

  8. #8
    Klug's Avatar
    Klug is offline Moderator
    Join Date
    Mar 2006
    Location
    Beaucaire, France
    Posts
    2,316
    Rep Power
    13

    Default

    Quote Originally Posted by interways View Post
    OK. Found it. But Zimbra gives back a 250 deliverable, even though the address does not exist.
    Edit
    Code:
    /opt/zimbra/conf/zmmta.cf
    Change "no" to "yes" in the line
    Code:
    POSTCONF smtpd_reject_unlisted_recipient yes
    Restart postfix.

    You'll need to do this on each ZCS upgrade.

  9. #9
    iway is offline Partner (VAR/HSP)
    Join Date
    May 2008
    Posts
    432
    Rep Power
    7

    Default

    OK, thanks. That did it.

  10. #10
    gufy is offline Junior Member
    Join Date
    May 2008
    Posts
    8
    Rep Power
    7

    Default

    query_filter = (&(|(zimbraMailDeliveryAddress=%s)(zimbraMailA lias=%s)(zimbraMailCatchAllAddress=%s))(zimbraMail Status=enabled))

    There was a space between "zimbraMailStat" and "us=enabled

    Well the space is still there ... don't know why the forums adds a space ...

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. upgrading from 5.0.4 to 5.0.5 opensource
    By smoke in forum Installation
    Replies: 4
    Last Post: 10-19-2008, 10:38 AM
  2. Replies: 8
    Last Post: 08-07-2008, 05:18 AM
  3. Zimbra Install Problem - getDirectContext
    By bsimzer in forum Installation
    Replies: 27
    Last Post: 07-19-2007, 10:12 AM
  4. 3 testing: LDAP: 389 Failed when restore zimbra
    By victorLeong in forum Administrators
    Replies: 15
    Last Post: 05-24-2007, 06:45 AM
  5. Lotus migration
    By babou in forum Migration
    Replies: 15
    Last Post: 03-05-2007, 10:33 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •