SMTP transports per user, relay domains from LDAP, quarantine API

G

Gerry

New Member
Nov 15, 2008
5
0
1
We're currently looking into using the Professional version for a few projects. So far we are very satisfied with the way things work, however, there are some questions remaining:

  • Can the "Relayed Domains" under "Mail Proxy" be specified as an LDAP query? Since the domains to relay mail for would be quite dynamic, it's not feasible to list them all here.
  • Can SMTP transports be specified per user from LDAP? The idea would be to deliver mail for user a@example.com on server X and mail for user b@example.com on server Y. The users can thus be in the same domain, but their mail would reside on a different server. In practice, user a could be on an Exchange, user b on a Dovecot IMAP box.
  • Can the quarantine be accessed through an API or anything similar?
 
Gerry said:
Can the "Relayed Domains" under "Mail Proxy" be specified as an LDAP query? Since the domains to relay mail for would be quite dynamic, it's not feasible to list them all here.
Click to expand...

no

Gerry said:
Can SMTP transports be specified per user from LDAP? The idea would be to deliver mail for user a@example.com on server X and mail for user b@example.com on server Y. The users can thus be in the same domain, but their mail would reside on a different server. In practice, user a could be on an Exchange, user b on a Dovecot IMAP box.
Click to expand...

no

Gerry said:
Can the quarantine be accessed through an API or anything similar?
Click to expand...

no
 
Hm, okay. We can work around the latter two, but the relayed domains will be a pain.
Can you think of any way this could be made dynamic? I saw that this directly maps to the relay_domains directive in Postfix, which supports LDAP lookups provided that Postfix is compiled with the LDAP extension, which unfortunately isn't the case.
 
Gerry said:
Hm, okay. We can work around the latter two, but the relayed domains will be a pain.
Can you think of any way this could be made dynamic? I saw that this directly maps to the relay_domains directive in Postfix, which supports LDAP lookups provided that Postfix is compiled with the LDAP extension, which unfortunately isn't the case.
Click to expand...

You/we can write a script which queries ldap an write the result to '/etc/proxmox/domains'. After that a 'proxconfig -s' and maybe a '/etc/init.d/postfix reload' is needed (maybe we can optimize that and use a hash table in the postfix config instead). So I guess we can get that working, yes. The question is how often do you want to update that file? Update periodically or manually?
 
Thanks for your suggestion, we'll look into that already. :)

This would be updated quite frequently. This specific situation was for ourselves, we are an ISP doing email hosting for about 2000 domains. All provisioning is automated and realtime, so if we can think in that direction we could perhaps find an even better solution.

The idea I had was the following, just tell me if it's completely stupid:
- Replace the postfix package by postfix-ldap from backports.org
- Modify /var/lib/proxmox/templates/main.cf.in and replace the relay_domains list by an LDAP query

Seems to me that this would be the most performant and comfortable way of doing it, but I'm a bit scared of updates afterwards.
 
Well yes, basically. If OpenLDAP can't handle it, we'll just add more replication. Isn't that what is usually done? Or do you perhaps have another idea?

We're using LDAP intensively for our mail setup and use it further down the chain as well for internal routing to have the mail delivered on the correct box, so it would be very convenient if everything could just come from the LDAP we already have. I'm a bit reluctant to have a delay on the publication of the relay domains, since quite a few domains are added and deleted daily.
 
Gerry said:
Well yes, basically. If OpenLDAP can't handle it, we'll just add more replication. Isn't that what is usually done? Or do you perhaps have another idea?
Click to expand...

I think its a bad idea to add an additional delay at that stage - performance is very critical there.
 
hi,

Is this "Can the "Relayed Domains" under "Mail Proxy" be specified as an LDAP query?" still not possible.

I'm have two sets of domains, domains of each set goes to dedicated internal email server. I've all the domain information in our LDAP server.

thanks,
Karthik
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back