Remove the 'fripostLocalAlias' attribute.

Instead, we pretend that lists are valid users (via a match in the mailbox_transport_maps) but choose a different transport (with the same request in transport_maps). The advantage is that we get rid of the ugly hack for list transport… A minor drawback is that we now have two LDAP lookups instead of one for non local addresses (ie, everything but reserved addresses). Hopefully the requests are cached; but even if they aren't, querying a local LDAP server is supposed to be cheap.
author: Guilhem Moulin <guilhem@fripost.org> 2013-12-18 14:34:10 +0100
committer: Guilhem Moulin <guilhem@fripost.org> 2015-06-07 02:51:31 +0200
commit: e98d17cca0011ead0bb89c7674a2209760dce59f (patch)
tree: 77be1b1e3ab980906e2d29ad0b665488edfea49c /roles/MX
parent: b51df24e3b1b64c17a3aac652b142e2082c77a26 (diff)
4 files changed, 15 insertions, 18 deletions
diff --git a/roles/MX/files/etc/postfix/virtual/lists_maps.cf b/roles/MX/files/etc/postfix/virtual/lists_maps.cf
deleted file mode 100644
index da0e4a9..0000000
--- a/roles/MX/files/etc/postfix/virtual/lists_maps.cf
+++ /dev/null
@@ -1,7 +0,0 @@
-server_host      = ldapi://%2Fprivate%2Fldapi/
-version          = 3
-search_base      = fvl=%u,fvd=%d,ou=virtual,o=mailHosting,dc=fripost,dc=org
-scope            = base
-bind             = none
-query_filter     = (&(|(objectClass=FripostVirtualList)(objectClass=FripostVirtualListCommand))(fvl=%u)(fripostLocalAlias=%u#%d))
-result_attribute = fripostLocalAlias
diff --git a/roles/MX/files/etc/postfix/virtual/transport_lists_maps.cf b/roles/MX/files/etc/postfix/virtual/transport_lists_maps.cf
index 860c4e6..27c93d1 100644
--- a/roles/MX/files/etc/postfix/virtual/transport_lists_maps.cf
+++ b/roles/MX/files/etc/postfix/virtual/transport_lists_maps.cf
@@ -1,11 +1,11 @@
-# Despite the index on 'fripostLocalAlias' it's a bit more inefficient,
-# but more precise, than the alternative of using regexes here, and a
-# plain hash on the list managers' side.
 server_host      = ldapi://%2Fprivate%2Fldapi/
 version          = 3
-search_base      = ou=virtual,o=mailHosting,dc=fripost,dc=org
-scope            = sub
+search_base      = fvl=%u,fvd=%d,ou=virtual,o=mailHosting,dc=fripost,dc=org
+scope            = base
 bind             = none
-query_filter     = (&(|(objectClass=FripostVirtualList)(objectClass=FripostVirtualListCommand))(fripostLocalAlias=%s))
-result_attribute = fripostLocalAlias
+query_filter     = (&(|(objectClass=FripostVirtualList)(objectClass=FripostVirtualListCommand))(fvl=%u))
+result_attribute = fvl
+# We use these maps for both virtual mailboxes and transport (in the
+# former case the result is ignored, only the existence of a match
+# matters.)
 result_format    = smtp:[127.0.0.1]:2345
diff --git a/roles/MX/tasks/main.yml b/roles/MX/tasks/main.yml
index 1f5136a..de6924b 100644
--- a/roles/MX/tasks/main.yml
+++ b/roles/MX/tasks/main.yml
@@ -49,11 +49,10 @@
     - mailbox_domains.cf
     - reserved_maps.pcre
     - alias_maps.cf
-    - lists_maps.cf
     - alias_catchall_maps.cf
     - mailbox_maps.cf
-    - reserved_transport_maps
     - transport_lists_maps.cf
+    - reserved_transport_maps
 
 - name: Compile the Reserved Transport Maps
   postmap: cmd=postalias instance={{ postfix_instance[inst].name }}
diff --git a/roles/MX/templates/etc/postfix/main.cf.j2 b/roles/MX/templates/etc/postfix/main.cf.j2
index 6b32634..d301aaf 100644
--- a/roles/MX/templates/etc/postfix/main.cf.j2
+++ b/roles/MX/templates/etc/postfix/main.cf.j2
@@ -56,15 +56,20 @@ virtual_transport = smtp:[127.0.0.1]:{{ LDA.port }}
 {% else %}
 virtual_transport = smtp:[{{ LDA.IPv4 }}]:{{ LDA.port }}
 {% endif %}
+transport_maps = ldap:$config_directory/virtual/transport_lists_maps.cf
 
 virtual_mailbox_domains = ldap:$config_directory/virtual/mailbox_domains.cf
 virtual_alias_maps      = pcre:$config_directory/virtual/reserved_maps.pcre
                           ldap:$config_directory/virtual/alias_maps.cf
-                          ldap:$config_directory/virtual/lists_maps.cf
                           ldap:$config_directory/virtual/alias_catchall_maps.cf
 virtual_mailbox_maps    = ldap:$config_directory/virtual/mailbox_maps.cf
-mailbox_transport_maps  = cdb:$config_directory/virtual/reserved_transport_maps
+                          # it's a bit stupid to lookup for lists here
+                          # and in transport, but we need to tell
+                          # postfix to accept the recipient
+                          # (virtual_mailbox_maps) *before* sending away
+                          # to the list server (transport_maps)
                           ldap:$config_directory/virtual/transport_lists_maps.cf
+mailbox_transport_maps  = cdb:$config_directory/virtual/reserved_transport_maps
 
 # Don't rewrite remote headers
 local_header_rewrite_clients     =
author	Guilhem Moulin <guilhem@fripost.org>	2013-12-18 14:34:10 +0100
committer	Guilhem Moulin <guilhem@fripost.org>	2015-06-07 02:51:31 +0200
commit	e98d17cca0011ead0bb89c7674a2209760dce59f (patch)
tree	77be1b1e3ab980906e2d29ad0b665488edfea49c /roles/MX
parent	b51df24e3b1b64c17a3aac652b142e2082c77a26 (diff)