Loading ...
Sorry, an error occurred while loading the content.

Disable local users - reject with "user unknown"

Expand Messages
  • Szymon Stupkiewicz
    Hi, I m trying to configure postfix not to use local accounts for delivery, only LDAP. To do this I m putting sth like this into main.cf: local_recipient_maps
    Message 1 of 1 , Jan 3, 2013
    • 0 Attachment
      Hi,

      I'm trying to configure postfix not to use local accounts for delivery,
      only LDAP. To do this I'm putting sth like this into main.cf:

      local_recipient_maps =
      ldap:/etc/postfix/ldap-staff.cf
      ldap:/etc/postfix/ldap-users.cf
      $alias_maps

      ldap-staff.cf and ldap-users.cf are similar and I can lookup users using
      this configuration:

      ...
      search_base = ou=staff,ou=People,dc=example,dc=com
      scope = one
      version = 3
      bind = no
      ...

      Why am I trying to do such stupid thing? I'd like to keep things tidy in
      systems (like not to get files owned by number - uid of a inactive
      user), so I keep inactive users in
      ou=disabled,ou=staff,ou=People,dc=example,dc=com and I like to keep it
      that way. In PAM however, it has to stay configured as is, so the search
      scope is set to sub.

      This also would resolve issue of accepting mail (spam mostly) for
      daemons which has their own users.

      Bottomline is that even with the above configuration mail is delivered
      for inactive users.

      Is there any possibility to configure postfix not to lookup users in the
      system? Or maybe I'm approaching the issue from the wrong side?

      Do you have any thoughts?

      Kind regards
      --
      Szymon Stupkiewicz
    Your message has been successfully submitted and would be delivered to recipients shortly.