Fix the catch-all resolution again.

We introduce a limitation on the domain-aliases: they can't have children (e.g., lists or users) any longer. The whole alias resolution, including catch-alls and domain aliases, is now done in 'virtual_alias_maps'. We stop the resolution by returning a dummy alias A -> A for mailboxes, before trying the catch-all maps. We're still using transport_maps for lists. If it turns out to be a bottleneck due to the high-latency coming from LDAP maps, (and the fact that there is a single qmgr(8) daemon), we could rewrite lists to a dummy subdomain and use a static transport_maps instead: virtual_alias_maps: mylist@example.org -> mylist#example.org@mlmmj.localhost.localdomain transport_maps: mlmmj.localhost.localdomain mlmmj:
author: Guilhem Moulin <guilhem@fripost.org> 2014-01-15 07:32:20 +0100
committer: Guilhem Moulin <guilhem@fripost.org> 2015-06-07 02:51:38 +0200
commit: 9304813d505baaa50294ed0d37a11d9e3f0f6c79 (patch)
tree: 450f263fb6e9d7cfa67cf2e1235c2c593bad14ab /roles/MX/templates/etc/postfix/virtual
parent: ab83789bd70d294623e62e0b366b6b649cb5b0af (diff)
9 files changed, 24 insertions, 17 deletions
diff --git a/roles/MX/templates/etc/postfix/virtual/alias_maps.cf.j2 b/roles/MX/templates/etc/postfix/virtual/alias.cf.j2
index 8e3a778..c7d2f0a 100644
--- a/roles/MX/templates/etc/postfix/virtual/alias_maps.cf.j2
+++ b/roles/MX/templates/etc/postfix/virtual/alias.cf.j2
@@ -1,6 +1,8 @@
 server_host      = ldapi://%2Fprivate%2Fldapi/
 version          = 3
 search_base      = fvl=%u,fvd=%d,ou=virtual,o=mailHosting,dc=fripost,dc=org
+domain           = static:all
 scope            = base
+bind             = none
 query_filter     = (&(objectClass=FripostVirtualAlias)(fvl=%u))
 result_attribute = fripostMaildrop
diff --git a/roles/MX/templates/etc/postfix/virtual/transport_catchall_maps.cf.j2 b/roles/MX/templates/etc/postfix/virtual/alias_domains.cf.j2
index cc189cf..dec8bce 100644
--- a/roles/MX/templates/etc/postfix/virtual/transport_catchall_maps.cf.j2
+++ b/roles/MX/templates/etc/postfix/virtual/alias_domains.cf.j2
@@ -1,8 +1,9 @@
 server_host      = ldapi://%2Fprivate%2Fldapi/
 version          = 3
 search_base      = fvd=%d,ou=virtual,o=mailHosting,dc=fripost,dc=org
+domain           = static:all
 scope            = base
 bind             = none
-query_filter     = (&(objectClass=FripostVirtualDomain)(fvd=%d)(fripostOptionalMaildrop=*))
-result_attribute = fvd
-result_format    = smtpl:[127.0.0.1]:2599
+query_filter     = (&(objectClass=FripostVirtualAliasDomain)(fvd=%d))
+result_attribute = fripostMaildrop
+result_format    = %U@%s
diff --git a/roles/MX/templates/etc/postfix/virtual/catchall_maps.cf.j2 b/roles/MX/templates/etc/postfix/virtual/catchall.cf.j2
index f8324f6..8ac40fd 100644
--- a/roles/MX/templates/etc/postfix/virtual/catchall_maps.cf.j2
+++ b/roles/MX/templates/etc/postfix/virtual/catchall.cf.j2
@@ -1,7 +1,8 @@
 server_host      = ldapi://%2Fprivate%2Fldapi/
 version          = 3
 search_base      = fvd=%d,ou=virtual,o=mailHosting,dc=fripost,dc=org
+domain           = static:all
 scope            = base
 bind             = none
-query_filter     = (&(objectClass=FripostVirtualDomain)(fvd=%d)(fripostOptionalMaildrop=*))
+query_filter     = (&(objectClass=FripostVirtualDomain)(!(objectClass=FripostVirtualAliasDomain))(fvd=%d)(fripostOptionalMaildrop=*))
 result_attribute = fripostOptionalMaildrop
diff --git a/roles/MX/templates/etc/postfix/virtual/list.cf.j2 b/roles/MX/templates/etc/postfix/virtual/list.cf.j2
new file mode 100644
index 0000000..8bcd5df
--- /dev/null
+++ b/roles/MX/templates/etc/postfix/virtual/list.cf.j2
@@ -0,0 +1,9 @@
+server_host      = ldapi://%2Fprivate%2Fldapi/
+version          = 3
+search_base      = fvl=%u,fvd=%d,ou=virtual,o=mailHosting,dc=fripost,dc=org
+domain           = static:all
+scope            = base
+bind             = none
+query_filter     = (&(objectClass=FripostVirtualList)(fvl=%u))
+result_attribute = fvl
+result_format    = %S
diff --git a/roles/MX/templates/etc/postfix/virtual/transport_mailbox_maps.cf.j2 b/roles/MX/templates/etc/postfix/virtual/mailbox.cf.j2
index 3e003db..b421e9a 100644
--- a/roles/MX/templates/etc/postfix/virtual/transport_mailbox_maps.cf.j2
+++ b/roles/MX/templates/etc/postfix/virtual/mailbox.cf.j2
@@ -1,12 +1,9 @@
 server_host      = ldapi://%2Fprivate%2Fldapi/
 version          = 3
 search_base      = fvl=%u,fvd=%d,ou=virtual,o=mailHosting,dc=fripost,dc=org
+domain           = static:all
 scope            = base
 bind             = none
 query_filter     = (&(objectClass=FripostVirtualUser)(fvl=%u))
 result_attribute = fvl
-{% if 'LDA' in group_names %}
-result_format    = smtpl:[127.0.0.1]:{{ LDA.port }}
-{% else %}
-result_format    = smtps:[{{ LDA.host }}]:{{ LDA.port }}
-{% endif %}
+result_format    = %S
diff --git a/roles/MX/templates/etc/postfix/virtual/transport_reserved_maps.pcre.j2 b/roles/MX/templates/etc/postfix/virtual/reserved_alias.pcre.j2
index e240e91..6f62a01 100644
--- a/roles/MX/templates/etc/postfix/virtual/transport_reserved_maps.pcre.j2
+++ b/roles/MX/templates/etc/postfix/virtual/reserved_alias.pcre.j2
@@ -1,6 +1,5 @@
-if !/@fripost\.org$/
+/^(?:postmaster|abuse)(?:\+.*)?@fripost\.org$/ admin@fripost.org
 # For other domains, RFC 822 section 6.3 and RFC 2142 section 4
 # mandatory aliases are forwarded to OUR admin team and to the domain
 # owner or postmaster, if there are any.
-/^(?:postmaster|abuse)(?:\+.*)?@/   reserved-alias:
-endif
+/^((?:postmaster|abuse)(?:\+.*)?@.*)/   $1@reserved.locahost.localdomain
diff --git a/roles/MX/templates/etc/postfix/virtual/reserved_alias_maps.j2 b/roles/MX/templates/etc/postfix/virtual/reserved_alias_maps.j2
deleted file mode 100644
index fe04715..0000000
--- a/roles/MX/templates/etc/postfix/virtual/reserved_alias_maps.j2
+++ /dev/null
@@ -1,4 +0,0 @@
-# RFC 822 section 6.3 and RFC 2142 section 4 mandatory aliases are
-# forwarded to the admin team.
-postmaster@fripost.org  admin@fripost.org
-abuse@fripost.org       admin@fripost.org
diff --git a/roles/MX/templates/etc/postfix/virtual/transport_lists_maps.cf.j2 b/roles/MX/templates/etc/postfix/virtual/transport_list.cf.j2
index 6a0965f..eb696db 100644
--- a/roles/MX/templates/etc/postfix/virtual/transport_lists_maps.cf.j2
+++ b/roles/MX/templates/etc/postfix/virtual/transport_list.cf.j2
@@ -1,9 +1,10 @@
 server_host      = ldapi://%2Fprivate%2Fldapi/
 version          = 3
 search_base      = fvl=%u,fvd=%d,ou=virtual,o=mailHosting,dc=fripost,dc=org
+domain           = static:all
 scope            = base
 bind             = none
-query_filter     = (&(|(objectClass=FripostVirtualList)(objectClass=FripostVirtualListCommand))(fvl=%u))
+query_filter     = (&(objectClass=FripostVirtualList)(fvl=%u))
 result_attribute = fvl
 {% if 'lists' in group_names %}
 result_format    = smtpl:[127.0.0.1]:{{ lists.port }}
diff --git a/roles/MX/templates/etc/postfix/virtual/transport_reserved_alias.j2 b/roles/MX/templates/etc/postfix/virtual/transport_reserved_alias.j2
new file mode 100644
index 0000000..4af5318
--- /dev/null
+++ b/roles/MX/templates/etc/postfix/virtual/transport_reserved_alias.j2
@@ -0,0 +1 @@
+reserved.locahost.localdomain   reserved-alias:
author	Guilhem Moulin <guilhem@fripost.org>	2014-01-15 07:32:20 +0100
committer	Guilhem Moulin <guilhem@fripost.org>	2015-06-07 02:51:38 +0200
commit	9304813d505baaa50294ed0d37a11d9e3f0f6c79 (patch)
tree	450f263fb6e9d7cfa67cf2e1235c2c593bad14ab /roles/MX/templates/etc/postfix/virtual
parent	ab83789bd70d294623e62e0b366b6b649cb5b0af (diff)