Discussion:
Handling of AD proxyaddress
(too old to reply)
j***@wkg1.umac.mo
2015-04-14 01:54:47 UTC
Permalink
Hi all,



Since MS Exchange email servers need to add additional entry in proxyaddress
of MS AD server, such as: "smtp: ***@exchange.xxx", in our previous
configuration, postfix powered email servers are able to query the entries
in the field of proxyaddress and relay email, but once the query result
contains "smtp: ***@exchange.xxx", postfix will try to delivery with the
username as "smtp: xxx" and then generate a user not found bounce email.



I would like to ask is there any way to avoid the bounce?



Thanks again for your time.



Best,

Jacky
Viktor Dukhovni
2015-04-14 02:31:38 UTC
Permalink
Post by j***@wkg1.umac.mo
Since MS Exchange email servers need to add additional entry in proxyaddress
configuration, postfix powered email servers are able to query the entries
in the field of proxyaddress and relay email, but once the query result
username as "smtp: xxx" and then generate a user not found bounce email.
This is silly, the "proxyAddresses" attribute is a fine field to
use in your LDAP query, but it must not be your result attribute.
Post by j***@wkg1.umac.mo
I would like to ask is there any way to avoid the bounce?
Don't misconfigure your LDAP table definition to use proxyAddresses
as a result attribute for rewrite tables.
--
Viktor.
j***@wkg1.umac.mo
2015-04-14 03:06:04 UTC
Permalink
Thanks Viktor, in practical what is the suggested field to use as a result
attribute? Thanks again.

-----Original Message-----
From: owner-postfix-***@postfix.org
[mailto:owner-postfix-***@postfix.org] On Behalf Of Viktor Dukhovni
Sent: Tuesday, April 14, 2015 10:32 AM
To: postfix-***@postfix.org
Subject: Re: Handling of AD proxyaddress
Post by j***@wkg1.umac.mo
Since MS Exchange email servers need to add additional entry in
our previous configuration, postfix powered email servers are able to
query the entries in the field of proxyaddress and relay email, but
try to delivery with the username as "smtp: xxx" and then generate a user
not found bounce email.

This is silly, the "proxyAddresses" attribute is a fine field to use in your
LDAP query, but it must not be your result attribute.
Post by j***@wkg1.umac.mo
I would like to ask is there any way to avoid the bounce?
Don't misconfigure your LDAP table definition to use proxyAddresses as a
result attribute for rewrite tables.
--
Viktor.
Viktor Dukhovni
2015-04-14 03:21:07 UTC
Permalink
Post by j***@wkg1.umac.mo
Thanks Viktor, in practical what is the suggested field to use as a result
attribute? Thanks again.
http://www.postfix.org/ldap_table.5.html

# The "mail" attribute holds the user's primary address
#
result_attribute = mail

OR
# upper case %S returns the lookup key
#
result_format = %S

depending on whether you want to canonicalize or simply validate
the address.
--
Viktor.
Loading...