292122Re: LDAP canonical_maps and domain rewriting
- Mar 20, 2013Patrick,I do not use canonical maps at all when using LDAP. I do not need it, because I just use mailForwardingAddress (actually an alias) to map the incoming email to the real mailbox.What I do:
In order to make changes to LDAP, you may use something like ldapadmin (ldapadmin.org) and put the difficulties to manage LDAP entries behind you.You may create an account with mail attribute as biz@... and mailForwardingAddress attribute as myaccount@....That configuration is only enough for receiving e-mail, not to sending e-mail.May be this can help you.
- Use the qmail.schema in OpenLDAP
- Add objectClass: qmailUser to each user account
- Edit mailForwardingAddress when appropriate
- Create a file on /etc/postfix/ldap/ named forwarding
- Change /etc/postfix/main.cf to map aliases to the forwarding file
Best regards,---Fernando Maciel Souto Maior
On Tue, Mar 19, 2013 at 7:19 PM, Viktor Dukhovni <postfix-users@...> wrote:On Tue, Mar 19, 2013 at 08:00:51PM +0100, Patrick Lists wrote:Just in terms of data models and Microsoft, the corresponding pieces
> On 03/19/2013 04:22 PM, Viktor Dukhovni wrote:
> >Nothing unusual at all about canonical mapping, the only anomaly
> >I'm making a fuss about is the underlying data model. It is OK to
> >turn secondary addresses into primary, it is generally risky to
> >try to turn target (delivery) addresses back into original addresses,
> >since the mapping is often not one-to-one (and the need to introduce
> >many-to-one may arise later).
> Thanks, I'll think this over more as I try to wrap my head around
> this. When I stray into this issue I'll make sure to reread your
> much appreciated advice. And probably a few more RFCs.
> Initially I thought adding LDAP was a fun idea. Given the archaic
> nature and complexity of this beast I'm not so sure anymore. I'm
> beginning to understand why I've heard sysadmins say that Microsoft
> has done a nice job with AD of hiding the complexity and making it
> work. But this is getting OT so I'll leave it at that.
in that case are:
so it would be reasonable to use "proxyAddresses=smtp:%s" as the
lookup key for a canonical mapping with "mail" as the result, but
not reasonable to map the <some-mailbox-attribute> back to mail.
Don't think LDAP, think data-model, and then map that onto LDAP,
if you're not too discouraged.
- << Previous post in topic Next post in topic >>