Loading ...
Sorry, an error occurred while loading the content.

290422Re: Domain alias rewriting

Expand Messages
  • Viktor Dukhovni
    Jan 4, 2013
      On Fri, Jan 04, 2013 at 10:09:44AM +0100, Kristof Bajnok wrote:

      > On 01/04/2013 04:13 AM, Viktor Dukhovni wrote:
      > >>> from the alias form to the canonical form. This will also validate
      > >>> > > the alias form as a valid address in RCPT TO commands.
      > >> >
      > >> > Unfortunately, I can not accomplish this with a single query.
      > >
      > > Actually, you can:
      > >
      > > domain = example.com example.org ...
      > > query_filter = mail=%u@...
      > > result_attribute = mail
      > >
      > > Just list all the domains whose namespace is identical to example.com
      > > after example.com in the "domain = " list, then query for the user
      > > in the canonical domain.
      >
      > Unfortunately it does not fit to our ISP scenario, where there are
      > hundreds of served domains and each domain possibly has some alias domains.

      Yes, for that case, provision all LDAP users with a full list of
      their valid addresses. Receiving the same spam at an ever growing
      list of domains is not a win for most users, domain-level aliasing
      is over-rated. Receiving mail at a large list of domains is only
      useful for a handful of contact addresses, my experience is that
      real users are sufficiently happy with one or two email domains
      (some users use disposable addresses, but that's a separate
      issue fro domain aliasing).

      > > This said, it is far better to list all the valid of each user in
      > > a suitable multi-valued attribute and skip the domain alias hack.
      >
      > I think it's not scalable with LDAP.

      Multi-valued LDAP attributes scale just fine. Each user has a set
      of valid addresses that is never too large for a single LDAP entry.
      The totality of all domains across all users is not a scaling limit.

      > Would it fit to Postfix?

      Much complexity for not a lot of gain IMHO. Perhaps if the address
      rewriting engine is made generally more configurable, with new
      optional 1-to-1 rewriting performed in smtpd(8) before recipient
      validation, then you get your domain aliasing as just one possible
      application.

      This should be a point feature, rather if there is a Postfix 3.0,
      with a new address rewriting engine, that would be the place to
      consider this.

      --
      Viktor.
    • Show all 10 messages in this topic