| Commit message (Collapse) | Author | Age | Files |
|
|
|
|
|
|
|
|
|
|
| |
See http://www.postfix.org/POSTSCREEN_README.html and
http://rob0.nodns4.us/postscreen.html
It's infortunate that smtpd(8) cannot be chrooted any longer, which
means that we have to un-chroot cleanup(8) as well. Indeed, currently
smtpd(8) uses $virtual_alias_maps for recipient validation; later
cleanup(8) uses it again for rewriting. So these processes need to be
both chrooted, or both not.
|
|
|
|
|
| |
We can therefore spare some lookups on the MDA, and use static:all
instead.
|
|
|
|
|
|
|
|
| |
Postfix interprets Error Code 32 (No Such Object) as lookup failures,
but that's ugly...
Also, make Postfix simple bind against
cn=postfix,ou=services,dc=fripost,dc=org.
|
|
|
|
|
|
| |
So our suffix is now a mere 'dc=fripost,dc=org'. We're also using the
default '/var/lib/ldap' as olcDbDirectory (hence we don't clear it
before hand).
|
|
We introduce a limitation on the domain-aliases: they can't have
children (e.g., lists or users) any longer.
The whole alias resolution, including catch-alls and domain aliases, is
now done in 'virtual_alias_maps'. We stop the resolution by returning a
dummy alias A -> A for mailboxes, before trying the catch-all maps.
We're still using transport_maps for lists. If it turns out to be a
bottleneck due to the high-latency coming from LDAP maps, (and the fact
that there is a single qmgr(8) daemon), we could rewrite lists to a
dummy subdomain and use a static transport_maps instead:
virtual_alias_maps:
mylist@example.org -> mylist#example.org@mlmmj.localhost.localdomain
transport_maps:
mlmmj.localhost.localdomain mlmmj:
|