[Postfixbuch-users] Postfix & Aliase im ldap
Michael Polenske
mpolenske at hpce.nec.com
Fr Dez 28 08:36:40 CET 2007
Moinsen,
unser Mailserver verwaltet seine User im ldap-Baum, Aufbau ist
z.B. "molenske at maildomain".Interne Umstrukturierungen machen es nun
notwendig, das unsere User auch unter alternative Mailadressen (z.B.
michael.polenske at maildomain) erreichbar ist. Dazu haben wir den jeweiligen
ldap eintrag um das Fled "alias" erweitert und der alias_maps eine passende
ldap-Anfrage hinzugefügt.
Wenn ich nun eine Mail an die alias-Adresse eines Users zu senden, dann
passiert das:
------------------------------------------------------------
<michael.polenske at hpce.nec.com>: data format error. Command output:
michael.polenske: Message contains invalid header
------------------------------------------------------------
Im Header sieht IMHO aber alles "normal" aus:
------------------------------------------------------------
--CC4C579A4065.1198826284/mail.hpce.nec.com
Content-Description: Delivery report
Content-Type: message/delivery-status
Reporting-MTA: dns; mail.hpce.nec.com
X-Postfix-Queue-ID: CC4C579A4065
X-Postfix-Sender: rfc822; mpolenske at hpce.nec.com
Arrival-Date: Fri, 28 Dec 2007 08:18:03 +0100 (CET)
Final-Recipient: rfc822; michael.polenske at hpce.nec.com
Action: failed
Status: 5.0.0
Diagnostic-Code: X-Postfix; data format error. Command output:
michael.polenske: Message contains invalid header
--CC4C579A4065.1198826284/mail.hpce.nec.com
Content-Description: Undelivered Message
Content-Type: message/rfc822
Content-Transfer-Encoding: 8bit
Received: from localhost (av.hpce.nec.com [193.141.139.214])
by mail.hpce.nec.com (Postfix) with ESMTP id CC4C579A4065
for <michael.polenske at hpce.nec.com>; Fri, 28 Dec 2007 08:18:03 +0100 (CET)
Received: from localhost [127.0.0.1] for localhost (EHLO localhost) via
SMTP; Fri, 28 Dec 2007 08:19:35 +0100
Received: from localhost
by localhost (AvMailGate-2.1.0-19) id 23335-Ulj2x0;
Fri, 28 Dec 2007 08:19:35 +0100
Received: from mail.hpce.nec.com ([193.141.139.212])
by localhost (av.hpce.nec.com [10.10.12.4]) (amavisd-new, port 10025)
with ESMTP id 22498-04 for <michael.polenske at hpce.nec.com>;
Fri, 28 Dec 2007 08:19:35 +0100 (CET)
Received: from lp-mpolenske.hpce.tld (lp-mpolenske.hpce.tld [192.168.100.20])
by mail.hpce.nec.com (Postfix) with ESMTP id 40E0379A4065
for <michael.polenske at hpce.nec.com>; Fri, 28 Dec 2007 08:18:03 +0100 (CET)
From: Michael Polenske <mpolenske at hpce.nec.com>
Organization: NEC High Performance Computing Europe GmbH
To: michael.polenske at hpce.nec.com
Subject: test mit result ist mail
Date: Fri, 28 Dec 2007 08:18:01 +0100
User-Agent: KMail/1.9.6 (enterprise 20070904.708012)
MIME-Version: 1.0
Content-Type: text/plain;
charset="utf-8"
Content-Transfer-Encoding: 8bit
Content-Disposition: inline
Message-Id: <200712280818.02076.mpolenske at hpce.nec.com>
X-AntiVirus: checked by AntiVir MailGate (version: 2.1.0-19; AVE: 7.6.0.46;
VDF: 7.0.1.165; host: av.hpce.nec.com)
X-GData-Scanner: Clean, Agent: GData SMTP PROXY 1.6.1 on
av.hpce.nec.com
------------------------------------------------------------
Die händische ldap-Abfrage per postmap funktioniert ohne Probleme:
------------------------------------------------------------
mail:~ # postmap -q "michael.polenske at hpce.nec.com"
ldap:/etc/postfix/ldap/ldap_aliases.cf
mpolenske at hpce.nec.com
mail:~ # postmap -q "mpolenske at hpce.nec.com"
ldap:/etc/postfix/ldap/ldap_recipients.cf
mpolenske
------------------------------------------------------------
Kann mir jemand einen Hinweis geben wo mein (oder Postfixens) Problem liegt ?
Danke und Grüße,
Michael
------------------------------------------------------------
mail:/etc/postfix/ldap # cat ldap_aliases.cf
server_host = ldap.tld
server_port = 389
bind = yes
version = 3
bind_dn = uid=postfix,ou=auth,dc=necd,dc=tld
bind_pw = xxxxxxx
search_base= ou=Users,ou=OxObjects,dc=necd,dc=tld
query_filter= (&(|(alias=%s)(alias=%u))(objectclass=shadowAccount)
(mailEnabled=OK))
# result_attribute= uid
result_attribute= mail
------------------------------------------------------------
mail:/etc/postfix/ldap # postconf -n
address_verify_map = btree:/var/spool/postfix/verified_sender
alias_maps = hash:/etc/aliases hash:/var/lib/mailman/data/aliases
proxy:ldap:/etc/postfix/ldap/ldap_aliases.cf
biff = no
broken_sasl_auth_clients = yes
canonical_maps = hash:/etc/postfix/canonical
command_directory = /usr/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[av.tld]:10025
daemon_directory = /usr/lib/postfix
debug_peer_level = 4
defer_transports =
disable_dns_lookups = no
disable_mime_output_conversion = no
hopcount_limit = 100
inet_interfaces = 127.0.0.1 193.141.139.212 10.10.12.3
inet_protocols = all
local_recipient_maps = proxy:ldap:/etc/postfix/ldap/ldap_recipients.cf
$alias_maps
mail_owner = postfix
mail_spool_directory = /var/mail
mailbox_size_limit = 0
mailbox_transport = cyrus
mailq_path = /usr/bin/mailq
manpage_directory = /usr/share/man
masquerade_classes = envelope_sender, header_sender, header_recipient
masquerade_domains =
masquerade_exceptions = root
message_size_limit = 20480000
mime_header_checks = pcre:/etc/postfix/checks/mime_header_checks
mydestination = $mydomain $myhostname localhost
localhost.$mydomain
mydomain = hpce.nec.com
myhostname = mail.hpce.nec.com
mynetworks = 10.10.12.0/29 10.10.11.16/28
193.141.139.0/24 192.168.50.0/24 192.168.51.0/27
192.168.99.0/24 192.168.100.0/24 192.168.101.0/24
192.168.200.0/24 192.168.201.0/24
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases
queue_directory = /var/spool/postfix
recipient_delimiter = +
relocated_maps = hash:/etc/postfix/relocated
sender_canonical_maps = hash:/etc/postfix/sender_canonical
sendmail_path = /usr/sbin/sendmail
setgid_group = maildrop
smtp_bind_address = 193.141.139.212
smtp_sasl_auth_enable = no
smtp_tls_CApath = /etc/ssl/certs
smtp_tls_session_cache_database = btree:/etc/postfix/smtp_session_cache
smtp_tls_session_cache_timeout = 3600s
smtp_use_tls = yes
smtpd_data_restrictions = reject_multi_recipient_bounce
smtpd_helo_required = yes
smtpd_helo_restrictions =
smtpd_recipient_restrictions = reject_non_fqdn_recipient
reject_non_fqdn_sender reject_unknown_sender_domain
reject_unknown_recipient_domain permit_sasl_authenticated permit_mynetworks
reject_unauth_destination reject_unlisted_sender
check_recipient_access hash:/etc/postfix/checks/roleaccount_exceptions
reject_non_fqdn_hostname reject_invalid_hostname check_helo_access
pcre:/etc/postfix/checks/helo_checks check_sender_mx_access
cidr:/etc/postfix/checks/bogus_mx check_sender_access
hash:/etc/postfix/checks/common_spam_senderdomains check_sender_access
regexp:/etc/postfix/checks/common_spam_keywords reject_rbl_client
ix.dnsbl.manitu.net reject_rbl_client zen.spamhaus.org
check_recipient_access hash:/etc/postfix/recipient_access
check_sender_access hash:/etc/postfix/sender_access warn_if_reject
reject_unverified_sender permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_tls_security_options = noanonymous
smtpd_sender_login_maps = ldap:/etc/postfix/ldap/mail_from_login.cf
smtpd_sender_restrictions = hash:/etc/postfix/access
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/ssl/private/mail.hpce.nec.com-cert.pem
smtpd_tls_key_file = /etc/ssl/private/mail.hpce.nec.com-key.pem
smtpd_tls_loglevel = 1
smtpd_tls_session_cache_database = btree:/etc/postfix/smtpd_session_cache
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
strict_8bitmime = no
strict_rfc821_envelopes = no
tls_random_source = dev:/dev/urandom
transport_maps = ldap:/etc/postfix/ldap/ldap_trans.cf
unknown_local_recipient_reject_code = 450
virtual_alias_maps = pcre:/etc/postfix/virtual_regexp
-
Michael Polenske
System Analyst
High Performance Computing Department
NEC Deutschland GmbH
Hansaallee 101, D-40549 Duesseldorf, Germany
Tel: +49 211 53 69 145 <mpolenske at hpce.nec.com>
Fax: +49 211 53 69 199 <http://www.nec.de>
AIM: polenskeHPCE GPG / PGP-Key available
NEC Deutschland GmbH, Reichenbachstr. 1, D-85737 Ismaning
Geschäftsführer: Makoto Tsukakoshi Handelsregister München, HRB 81803
Sitz der Gesellschaft: Ismaning, WEEE-Reg. Nr. DE42479769
Mehr Informationen über die Mailingliste Postfixbuch-users