LDAP verification only for some domains (or "verify receivers" only for some domains)

F

frank1

New Member
Jan 27, 2022
2
0
1
45
We are running multiple Mailservers behind Proxmox Mail Gateway and only some of them with LDAP Support. So some domains will need LDAP verification and others not.

Unfortunately, the other way with the option “Verify Receivers” does also not work. Because it can only be enabled globally and not for only some of our relay domains.

Because not all of the Mailservers behind Proxmox are under our control, LDAP with all Servers does not work and a correct “Verify Receivers” setup for all Mailservers is also not doable.

After reading many postings in the proxmox forum, we are testing now with the following Mail Filter configuration with LDAP but it seems not to work reliable:

1) User Management -> LDAP -> add a LDAP configuration 2) Mail Filter -> Who Object -> LDAP Group -> Match “Unknown LDAP address, any profile” 3) Mail Filter -> What Object -> Match Field -> Field: “to”, Value: “domain.com” 4) Mail Filter -> Add Rule -> Direction “In” -> Used Objects -> Action: Block, To: (see 2), What: (see 3)

Sometimes it works and mails are blocked and sometime not.
Besides, sometimes even existing addresses are blocked with the filter above. Weird!

Any Ideas how to solve this problem?

There is and old posting from @felipe asking the same question in 2020.
But his "solution" seems ugly with multiple rules. Is no better solution available in 2022?
(see https://forum.proxmox.com/threads/ldap-verification-only-for-some-domains.76245/)
 
frank1 said:
We are running multiple Mailservers behind Proxmox Mail Gateway and only some of them with LDAP Support. So some domains will need LDAP verification and others not.

Unfortunately, the other way with the option “Verify Receivers” does also not work. Because it can only be enabled globally and not for only some of our relay domains.
Click to expand...
consider setting up multiple PMG instances to cover all of the setups you need to provide service for

frank1 said:
Sometimes it works and mails are blocked and sometime not.
Besides, sometimes even existing addresses are blocked with the filter above. Weird!
Click to expand...
the logs for one of the cases where it does not work as expected might help in analyzing further - else it's not really possible to tell where the issues might be

I hope this helps!
 
You must log in or register to reply here.
Top Bottom