From 9304813d505baaa50294ed0d37a11d9e3f0f6c79 Mon Sep 17 00:00:00 2001 From: Guilhem Moulin Date: Wed, 15 Jan 2014 07:32:20 +0100 Subject: Fix the catch-all resolution again. We introduce a limitation on the domain-aliases: they can't have children (e.g., lists or users) any longer. The whole alias resolution, including catch-alls and domain aliases, is now done in 'virtual_alias_maps'. We stop the resolution by returning a dummy alias A -> A for mailboxes, before trying the catch-all maps. We're still using transport_maps for lists. If it turns out to be a bottleneck due to the high-latency coming from LDAP maps, (and the fact that there is a single qmgr(8) daemon), we could rewrite lists to a dummy subdomain and use a static transport_maps instead: virtual_alias_maps: mylist@example.org -> mylist#example.org@mlmmj.localhost.localdomain transport_maps: mlmmj.localhost.localdomain mlmmj: --- roles/MX/templates/etc/postfix/virtual/alias.cf.j2 | 8 ++++++++ roles/MX/templates/etc/postfix/virtual/alias_domains.cf.j2 | 9 +++++++++ roles/MX/templates/etc/postfix/virtual/alias_maps.cf.j2 | 6 ------ roles/MX/templates/etc/postfix/virtual/catchall.cf.j2 | 8 ++++++++ roles/MX/templates/etc/postfix/virtual/catchall_maps.cf.j2 | 7 ------- roles/MX/templates/etc/postfix/virtual/list.cf.j2 | 9 +++++++++ roles/MX/templates/etc/postfix/virtual/mailbox.cf.j2 | 9 +++++++++ .../MX/templates/etc/postfix/virtual/reserved_alias.pcre.j2 | 5 +++++ .../MX/templates/etc/postfix/virtual/reserved_alias_maps.j2 | 4 ---- .../etc/postfix/virtual/transport_catchall_maps.cf.j2 | 8 -------- roles/MX/templates/etc/postfix/virtual/transport_list.cf.j2 | 13 +++++++++++++ .../etc/postfix/virtual/transport_lists_maps.cf.j2 | 12 ------------ .../etc/postfix/virtual/transport_mailbox_maps.cf.j2 | 12 ------------ .../etc/postfix/virtual/transport_reserved_alias.j2 | 1 + .../etc/postfix/virtual/transport_reserved_maps.pcre.j2 | 6 ------ 15 files changed, 62 insertions(+), 55 deletions(-) create mode 100644 roles/MX/templates/etc/postfix/virtual/alias.cf.j2 create mode 100644 roles/MX/templates/etc/postfix/virtual/alias_domains.cf.j2 delete mode 100644 roles/MX/templates/etc/postfix/virtual/alias_maps.cf.j2 create mode 100644 roles/MX/templates/etc/postfix/virtual/catchall.cf.j2 delete mode 100644 roles/MX/templates/etc/postfix/virtual/catchall_maps.cf.j2 create mode 100644 roles/MX/templates/etc/postfix/virtual/list.cf.j2 create mode 100644 roles/MX/templates/etc/postfix/virtual/mailbox.cf.j2 create mode 100644 roles/MX/templates/etc/postfix/virtual/reserved_alias.pcre.j2 delete mode 100644 roles/MX/templates/etc/postfix/virtual/reserved_alias_maps.j2 delete mode 100644 roles/MX/templates/etc/postfix/virtual/transport_catchall_maps.cf.j2 create mode 100644 roles/MX/templates/etc/postfix/virtual/transport_list.cf.j2 delete mode 100644 roles/MX/templates/etc/postfix/virtual/transport_lists_maps.cf.j2 delete mode 100644 roles/MX/templates/etc/postfix/virtual/transport_mailbox_maps.cf.j2 create mode 100644 roles/MX/templates/etc/postfix/virtual/transport_reserved_alias.j2 delete mode 100644 roles/MX/templates/etc/postfix/virtual/transport_reserved_maps.pcre.j2 (limited to 'roles/MX/templates/etc/postfix/virtual') diff --git a/roles/MX/templates/etc/postfix/virtual/alias.cf.j2 b/roles/MX/templates/etc/postfix/virtual/alias.cf.j2 new file mode 100644 index 0000000..c7d2f0a --- /dev/null +++ b/roles/MX/templates/etc/postfix/virtual/alias.cf.j2 @@ -0,0 +1,8 @@ +server_host = ldapi://%2Fprivate%2Fldapi/ +version = 3 +search_base = fvl=%u,fvd=%d,ou=virtual,o=mailHosting,dc=fripost,dc=org +domain = static:all +scope = base +bind = none +query_filter = (&(objectClass=FripostVirtualAlias)(fvl=%u)) +result_attribute = fripostMaildrop diff --git a/roles/MX/templates/etc/postfix/virtual/alias_domains.cf.j2 b/roles/MX/templates/etc/postfix/virtual/alias_domains.cf.j2 new file mode 100644 index 0000000..dec8bce --- /dev/null +++ b/roles/MX/templates/etc/postfix/virtual/alias_domains.cf.j2 @@ -0,0 +1,9 @@ +server_host = ldapi://%2Fprivate%2Fldapi/ +version = 3 +search_base = fvd=%d,ou=virtual,o=mailHosting,dc=fripost,dc=org +domain = static:all +scope = base +bind = none +query_filter = (&(objectClass=FripostVirtualAliasDomain)(fvd=%d)) +result_attribute = fripostMaildrop +result_format = %U@%s diff --git a/roles/MX/templates/etc/postfix/virtual/alias_maps.cf.j2 b/roles/MX/templates/etc/postfix/virtual/alias_maps.cf.j2 deleted file mode 100644 index 8e3a778..0000000 --- a/roles/MX/templates/etc/postfix/virtual/alias_maps.cf.j2 +++ /dev/null @@ -1,6 +0,0 @@ -server_host = ldapi://%2Fprivate%2Fldapi/ -version = 3 -search_base = fvl=%u,fvd=%d,ou=virtual,o=mailHosting,dc=fripost,dc=org -scope = base -query_filter = (&(objectClass=FripostVirtualAlias)(fvl=%u)) -result_attribute = fripostMaildrop diff --git a/roles/MX/templates/etc/postfix/virtual/catchall.cf.j2 b/roles/MX/templates/etc/postfix/virtual/catchall.cf.j2 new file mode 100644 index 0000000..8ac40fd --- /dev/null +++ b/roles/MX/templates/etc/postfix/virtual/catchall.cf.j2 @@ -0,0 +1,8 @@ +server_host = ldapi://%2Fprivate%2Fldapi/ +version = 3 +search_base = fvd=%d,ou=virtual,o=mailHosting,dc=fripost,dc=org +domain = static:all +scope = base +bind = none +query_filter = (&(objectClass=FripostVirtualDomain)(!(objectClass=FripostVirtualAliasDomain))(fvd=%d)(fripostOptionalMaildrop=*)) +result_attribute = fripostOptionalMaildrop diff --git a/roles/MX/templates/etc/postfix/virtual/catchall_maps.cf.j2 b/roles/MX/templates/etc/postfix/virtual/catchall_maps.cf.j2 deleted file mode 100644 index f8324f6..0000000 --- a/roles/MX/templates/etc/postfix/virtual/catchall_maps.cf.j2 +++ /dev/null @@ -1,7 +0,0 @@ -server_host = ldapi://%2Fprivate%2Fldapi/ -version = 3 -search_base = fvd=%d,ou=virtual,o=mailHosting,dc=fripost,dc=org -scope = base -bind = none -query_filter = (&(objectClass=FripostVirtualDomain)(fvd=%d)(fripostOptionalMaildrop=*)) -result_attribute = fripostOptionalMaildrop diff --git a/roles/MX/templates/etc/postfix/virtual/list.cf.j2 b/roles/MX/templates/etc/postfix/virtual/list.cf.j2 new file mode 100644 index 0000000..8bcd5df --- /dev/null +++ b/roles/MX/templates/etc/postfix/virtual/list.cf.j2 @@ -0,0 +1,9 @@ +server_host = ldapi://%2Fprivate%2Fldapi/ +version = 3 +search_base = fvl=%u,fvd=%d,ou=virtual,o=mailHosting,dc=fripost,dc=org +domain = static:all +scope = base +bind = none +query_filter = (&(objectClass=FripostVirtualList)(fvl=%u)) +result_attribute = fvl +result_format = %S diff --git a/roles/MX/templates/etc/postfix/virtual/mailbox.cf.j2 b/roles/MX/templates/etc/postfix/virtual/mailbox.cf.j2 new file mode 100644 index 0000000..b421e9a --- /dev/null +++ b/roles/MX/templates/etc/postfix/virtual/mailbox.cf.j2 @@ -0,0 +1,9 @@ +server_host = ldapi://%2Fprivate%2Fldapi/ +version = 3 +search_base = fvl=%u,fvd=%d,ou=virtual,o=mailHosting,dc=fripost,dc=org +domain = static:all +scope = base +bind = none +query_filter = (&(objectClass=FripostVirtualUser)(fvl=%u)) +result_attribute = fvl +result_format = %S diff --git a/roles/MX/templates/etc/postfix/virtual/reserved_alias.pcre.j2 b/roles/MX/templates/etc/postfix/virtual/reserved_alias.pcre.j2 new file mode 100644 index 0000000..6f62a01 --- /dev/null +++ b/roles/MX/templates/etc/postfix/virtual/reserved_alias.pcre.j2 @@ -0,0 +1,5 @@ +/^(?:postmaster|abuse)(?:\+.*)?@fripost\.org$/ admin@fripost.org +# For other domains, RFC 822 section 6.3 and RFC 2142 section 4 +# mandatory aliases are forwarded to OUR admin team and to the domain +# owner or postmaster, if there are any. +/^((?:postmaster|abuse)(?:\+.*)?@.*)/ $1@reserved.locahost.localdomain diff --git a/roles/MX/templates/etc/postfix/virtual/reserved_alias_maps.j2 b/roles/MX/templates/etc/postfix/virtual/reserved_alias_maps.j2 deleted file mode 100644 index fe04715..0000000 --- a/roles/MX/templates/etc/postfix/virtual/reserved_alias_maps.j2 +++ /dev/null @@ -1,4 +0,0 @@ -# RFC 822 section 6.3 and RFC 2142 section 4 mandatory aliases are -# forwarded to the admin team. -postmaster@fripost.org admin@fripost.org -abuse@fripost.org admin@fripost.org diff --git a/roles/MX/templates/etc/postfix/virtual/transport_catchall_maps.cf.j2 b/roles/MX/templates/etc/postfix/virtual/transport_catchall_maps.cf.j2 deleted file mode 100644 index cc189cf..0000000 --- a/roles/MX/templates/etc/postfix/virtual/transport_catchall_maps.cf.j2 +++ /dev/null @@ -1,8 +0,0 @@ -server_host = ldapi://%2Fprivate%2Fldapi/ -version = 3 -search_base = fvd=%d,ou=virtual,o=mailHosting,dc=fripost,dc=org -scope = base -bind = none -query_filter = (&(objectClass=FripostVirtualDomain)(fvd=%d)(fripostOptionalMaildrop=*)) -result_attribute = fvd -result_format = smtpl:[127.0.0.1]:2599 diff --git a/roles/MX/templates/etc/postfix/virtual/transport_list.cf.j2 b/roles/MX/templates/etc/postfix/virtual/transport_list.cf.j2 new file mode 100644 index 0000000..eb696db --- /dev/null +++ b/roles/MX/templates/etc/postfix/virtual/transport_list.cf.j2 @@ -0,0 +1,13 @@ +server_host = ldapi://%2Fprivate%2Fldapi/ +version = 3 +search_base = fvl=%u,fvd=%d,ou=virtual,o=mailHosting,dc=fripost,dc=org +domain = static:all +scope = base +bind = none +query_filter = (&(objectClass=FripostVirtualList)(fvl=%u)) +result_attribute = fvl +{% if 'lists' in group_names %} +result_format = smtpl:[127.0.0.1]:{{ lists.port }} +{% else %} +result_format = smtps:[{{ lists.host }}]:{{ lists.port }} +{% endif %} diff --git a/roles/MX/templates/etc/postfix/virtual/transport_lists_maps.cf.j2 b/roles/MX/templates/etc/postfix/virtual/transport_lists_maps.cf.j2 deleted file mode 100644 index 6a0965f..0000000 --- a/roles/MX/templates/etc/postfix/virtual/transport_lists_maps.cf.j2 +++ /dev/null @@ -1,12 +0,0 @@ -server_host = ldapi://%2Fprivate%2Fldapi/ -version = 3 -search_base = fvl=%u,fvd=%d,ou=virtual,o=mailHosting,dc=fripost,dc=org -scope = base -bind = none -query_filter = (&(|(objectClass=FripostVirtualList)(objectClass=FripostVirtualListCommand))(fvl=%u)) -result_attribute = fvl -{% if 'lists' in group_names %} -result_format = smtpl:[127.0.0.1]:{{ lists.port }} -{% else %} -result_format = smtps:[{{ lists.host }}]:{{ lists.port }} -{% endif %} diff --git a/roles/MX/templates/etc/postfix/virtual/transport_mailbox_maps.cf.j2 b/roles/MX/templates/etc/postfix/virtual/transport_mailbox_maps.cf.j2 deleted file mode 100644 index 3e003db..0000000 --- a/roles/MX/templates/etc/postfix/virtual/transport_mailbox_maps.cf.j2 +++ /dev/null @@ -1,12 +0,0 @@ -server_host = ldapi://%2Fprivate%2Fldapi/ -version = 3 -search_base = fvl=%u,fvd=%d,ou=virtual,o=mailHosting,dc=fripost,dc=org -scope = base -bind = none -query_filter = (&(objectClass=FripostVirtualUser)(fvl=%u)) -result_attribute = fvl -{% if 'LDA' in group_names %} -result_format = smtpl:[127.0.0.1]:{{ LDA.port }} -{% else %} -result_format = smtps:[{{ LDA.host }}]:{{ LDA.port }} -{% endif %} diff --git a/roles/MX/templates/etc/postfix/virtual/transport_reserved_alias.j2 b/roles/MX/templates/etc/postfix/virtual/transport_reserved_alias.j2 new file mode 100644 index 0000000..4af5318 --- /dev/null +++ b/roles/MX/templates/etc/postfix/virtual/transport_reserved_alias.j2 @@ -0,0 +1 @@ +reserved.locahost.localdomain reserved-alias: diff --git a/roles/MX/templates/etc/postfix/virtual/transport_reserved_maps.pcre.j2 b/roles/MX/templates/etc/postfix/virtual/transport_reserved_maps.pcre.j2 deleted file mode 100644 index e240e91..0000000 --- a/roles/MX/templates/etc/postfix/virtual/transport_reserved_maps.pcre.j2 +++ /dev/null @@ -1,6 +0,0 @@ -if !/@fripost\.org$/ -# For other domains, RFC 822 section 6.3 and RFC 2142 section 4 -# mandatory aliases are forwarded to OUR admin team and to the domain -# owner or postmaster, if there are any. -/^(?:postmaster|abuse)(?:\+.*)?@/ reserved-alias: -endif -- cgit v1.2.3