Postfix

Postfix 中繼 ldap 查找和傳輸

  • May 25, 2012

我正在嘗試實現 postfix + policyd/amavis + dspam。問題是我需要進行 ldap 查找才能獲得下一跳。但同時我需要將一些“電子郵件地址”重定向到“dspam-retrain”。我不知道該怎麼做,我的意思是,我的配置如下:

main.cf

queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
mail_owner = postfix
mydomain = ddol-test.com
myorigin = $myhostname
inet_interfaces = localhost, 192.168.66.98
inet_protocols = all
mydestination = $myhostname, localhost.$mydomain, localhost
unknown_local_recipient_reject_code = 550
mynetworks = 192.168.66.0/24, 127.0.0.0/8
relay_domains = $mydestination
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases

#transport_maps = ldap:/etc/postfix/perditionMailhost_ldap
transport_maps = hash:/etc/postfix/transport
content_filter = amavisd-new:[127.0.0.1]:10024

debug_peer_level = 2
debugger_command =
        PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
        ddd $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
setgid_group = postdrop
html_directory = no
manpage_directory = /usr/share/man
sample_directory = /usr/share/doc/postfix-2.6.6/samples
readme_directory = /usr/share/doc/postfix-2.6.6/README_FILES
local_recipient_maps =

master.cf

smtp      inet  n       -       n       -       200       smtpd -v
pickup    fifo  n       -       n       60      1       pickup
cleanup   unix  n       -       n       -       0       cleanup
qmgr      fifo  n       -       n       300     1       qmgr
tlsmgr    unix  -       -       n       1000?   1       tlsmgr
rewrite   unix  -       -       n       -       -       trivial-rewrite
bounce    unix  -       -       n       -       0       bounce
defer     unix  -       -       n       -       0       bounce
trace     unix  -       -       n       -       0       bounce
verify    unix  -       -       n       -       1       verify
flush     unix  n       -       n       1000?   0       flush
proxymap  unix  -       -       n       -       -       proxymap
proxywrite unix -       -       n       -       1       proxymap
smtp      unix  -       -       n       -       -       smtp
relay     unix  -       -       n       -       -       smtp
       -o smtp_fallback_relay=
       -o disable_dns_lookups=yes
showq     unix  n       -       n       -       -       showq
error     unix  -       -       n       -       -       error
retry     unix  -       -       n       -       -       error
discard   unix  -       -       n       -       -       discard
local     unix  -       n       n       -       -       local
virtual   unix  -       n       n       -       -       virtual
lmtp      unix  -       -       n       -       -       lmtp
anvil     unix  -       -       n       -       1       anvil
scache    unix  -       -       n       -       1       scache
amavisd-new unix      -      -             n      -    2       smtp
       -o smtp_data_done_timeout=1200s
       -o disable_dns_lookups=yes
127.0.0.1:10025      inet  n       -       n       -       -       smtpd
       -o content_filter=lmtp:unix:/tmp/dspam.sock
       -o dspam_destination_recipient_limit=1
localhost:10026 inet  n -       n       -       -        smtpd
 -o content_filter=
 -o receive_override_options=no_unknown_recipient_checks,no_header_body_checks
 -o smtpd_helo_restrictions=
 -o smtpd_client_restrictions=
 -o smtpd_sender_restrictions=
 -o smtpd_recipient_restrictions=permit_mynetworks,reject
 -o mynetworks=127.0.0.0/8
 -o smtpd_authorized_xforward_hosts=127.0.0.0/8
dspam-retrain   unix    -       n       n       -       10      pipe
flags=Ru user=dspam argv=/usr/bin/dspam --user mgimeno@pre.ddol.es --class=$nexthop --source=error

貓 /etc/postfix/transport

spam@pre.ddol.es    dspam-retrain:spam
ham@pre.ddol.es     dspam-retrain:innocent
notspam@pre.ddol.es     dspam-retrain:innocent

貓 /etc/postfix/perditionMailhost_ldap

server_host = ldap1-1.ddol-test.com:1389
version = 3
search_base = ou=mymensajes,ou=pre_ddolcontext,dc=org
scope = sub
query_filter = mail=%s
result_attribute = perditionMailhost
ldap_bind = no
result_filter = relay:[%s]

所以,我需要:

如果郵件是 spam@pre.ddol.es 重定向到 dspam-retrain:spam 否則使用 ldap 表獲取下一跳。

但我不知道應該使用哪個額外選項,因為我不能使用兩個 transport_maps 定義。

我不確定我是否正確地解釋了自己,我希望如此:)

謝謝!

您不能使用多個transport_maps定義,但您可以根據需要將任意數量的數據源列到一個transport_maps中。所以,

transport_maps = hash:/etc/postfix/transport ldap:perdition

應該管用。只需在您的所有/etc/postfix/perditionMailhost_ldap定義前面加上這個詞perdition,比如

perdition_server_host = ldap1-1.ddol-test.com:1389
perdition_version = 3
perdition_search_base = ou=mymensajes,ou=pre_ddolcontext,dc=org
(and so on)

您的 query_filter 也很可能是perdition_query_filter = (mail=%s),LDAP 對括號很挑剔。

引用自:https://serverfault.com/questions/392532