Loading ...
Sorry, an error occurred while loading the content.

Re: Verifying relay recipients for upstream Exchange backend

Expand Messages
  • Ansgar Wiechers
    ... What for? You can easily do all the cleaning with VBScript. Regards Ansgar Wiechers -- Abstractions save us time working, but they don t save us time
    Message 1 of 8 , Jun 1, 2011
    • 0 Attachment
      On 2011-06-01 Shawn Heisey wrote:
      > On 6/1/2011 12:57 PM, Ansgar Wiechers wrote:
      >> I'm aware of two ways to verify recipients when relaying mail to
      >> upstream Exchange servers:
      >>
      >> - Export recipient addresses from AD and use that list as
      >> $relay_recipient_maps.
      >> - Use an LDAP query in $relay_recipient_maps.
      >>
      >> I seem to recall that there was a third option where Postfix would
      >> probe the nexthop before accepting the mail, but was unable to find
      >> it in the list archive. Can someone refresh my memory? Or did I mis-
      >> remember that?
      >
      > I do the first option by running a script on the exchange server every
      > 15 minutes, then grabbing the result five minutes later from the mail
      > relays. It does some sanity checks before replacing relay_recipients
      > and postmapping it.
      >
      > The Windows side (Exchange 2010 on 2008R2) of the process consists of
      > VBScript to grab the info from AD, which then runs a perl script to
      > clean up the file.

      What for? You can easily do all the cleaning with VBScript.

      Regards
      Ansgar Wiechers
      --
      "Abstractions save us time working, but they don't save us time learning."
      --Joel Spolsky
    • Len Conrad
      ... I ve been using this one for a couple years:
      Message 2 of 8 , Jun 1, 2011
      • 0 Attachment
        At 04:48 PM 6/1/2011, you wrote:
        On 2011-06-01 Shawn Heisey wrote:
        > On 6/1/2011 12:57 PM, Ansgar Wiechers wrote:
        >> I'm aware of two ways to verify recipients when relaying mail to
        >> upstream Exchange servers:
        >>
        >> - Export recipient addresses from AD and use that list as
        >>   $relay_recipient_maps.
        >> - Use an LDAP query in $relay_recipient_maps.
        >>
        >> I seem to recall that there was a third option where Postfix would
        >> probe the nexthop before accepting the mail, but was unable to find
        >> it in the list archive. Can someone refresh my memory? Or did I mis-
        >> remember that?
        >
        > I do the first option by running a script on the exchange server every
        > 15 minutes, then grabbing the result five minutes later from the mail
        > relays.  It does some sanity checks before replacing relay_recipients
        > and postmapping it.
        >
        > The Windows side (Exchange 2010 on 2008R2) of the process consists of
        > VBScript to grab the info from AD, which then runs a perl script to
        > clean up the file.

        What for? You can easily do all the cleaning with VBScript.

        I've been using this one for a couple years:

        http://www-personal.umich.edu/~malth/gaptuning/postfix/getadsmtp.pl

        awk to format it to a two-field ";" delimited file, and then mysqlimport

        Len




      • Ansgar Wiechers
        ... I m aware that this can be done in Perl. I just don t see any point in using VBScript to extract the data, and then switching to Perl for further
        Message 3 of 8 , Jun 2, 2011
        • 0 Attachment
          On 2011-06-01 Len Conrad wrote:
          > At 04:48 PM 6/1/2011, you wrote:
          >> On 2011-06-01 Shawn Heisey wrote:
          >>> I do the first option by running a script on the exchange server every
          >>> 15 minutes, then grabbing the result five minutes later from the mail
          >>> relays. It does some sanity checks before replacing relay_recipients
          >>> and postmapping it.
          >>>
          >>> The Windows side (Exchange 2010 on 2008R2) of the process consists of
          >>> VBScript to grab the info from AD, which then runs a perl script to
          >>> clean up the file.
          >>
          >> What for? You can easily do all the cleaning with VBScript.
          >
          > I've been using this one for a couple years:
          >
          > <http://www-personal.umich.edu/~malth/gaptuning/postfix/getadsmtp.pl>http://www-personal.umich.edu/~malth/gaptuning/postfix/getadsmtp.pl
          >
          > awk to format it to a two-field ";" delimited file, and then mysqlimport

          I'm aware that this can be done in Perl. I just don't see any point in
          using VBScript to extract the data, and then switching to Perl for
          further processing.

          I also don't see any point in using awk to transform the output of a
          Perl script, BTW.

          Regards
          Ansgar Wiechers
          --
          "Abstractions save us time working, but they don't save us time learning."
          --Joel Spolsky
        • Shawn Heisey
          ... I didn t write the VBScript, I found it on the Internet. When I upgraded from Exchange 2003 to Exchange 2010, I had to find a whole new script, as the old
          Message 4 of 8 , Jun 2, 2011
          • 0 Attachment
            On 6/2/2011 4:46 AM, Ansgar Wiechers wrote:
            > I'm aware that this can be done in Perl. I just don't see any point in
            > using VBScript to extract the data, and then switching to Perl for
            > further processing.
            >
            > I also don't see any point in using awk to transform the output of a
            > Perl script, BTW.

            I didn't write the VBScript, I found it on the Internet. When I
            upgraded from Exchange 2003 to Exchange 2010, I had to find a whole new
            script, as the old one didn't work.

            The inital output leaves a lot to be desired from an automation
            standpoint, though I'm sure it's perfectly acceptable to your average
            Windows admin. Although VBScript is not completely opaque to me, I do
            not know it very well. The transformations required were very easy in
            Perl, which I do know. The sanity check and deployment on Linux was
            easiest in shell. If I were experienced in VBScript, I would have
            handled it without the intermediate step.

            I'm going to investigate Mr. Conrad's Perl/LDAP solution, which would be
            easy to customize and much less prone to breakage.

            Thanks,
            Shawn
          Your message has been successfully submitted and would be delivered to recipients shortly.