SMTP transports per user, relay domains from LDAP, quarantine API

Discussion in 'Mail Gateway: Installation and configuration' started by Gerry, Mar 30, 2010.

  1. Gerry

    Gerry New Member

    Joined:
    Nov 15, 2008
    Messages:
    5
    Likes Received:
    0
    We're currently looking into using the Professional version for a few projects. So far we are very satisfied with the way things work, however, there are some questions remaining:

    • Can the "Relayed Domains" under "Mail Proxy" be specified as an LDAP query? Since the domains to relay mail for would be quite dynamic, it's not feasible to list them all here.
    • Can SMTP transports be specified per user from LDAP? The idea would be to deliver mail for user a@example.com on server X and mail for user b@example.com on server Y. The users can thus be in the same domain, but their mail would reside on a different server. In practice, user a could be on an Exchange, user b on a Dovecot IMAP box.
    • Can the quarantine be accessed through an API or anything similar?
     
  2. dietmar

    dietmar Proxmox Staff Member
    Staff Member

    Joined:
    Apr 28, 2005
    Messages:
    16,384
    Likes Received:
    292
    no

    no

    no
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. Gerry

    Gerry New Member

    Joined:
    Nov 15, 2008
    Messages:
    5
    Likes Received:
    0
    Hm, okay. We can work around the latter two, but the relayed domains will be a pain.
    Can you think of any way this could be made dynamic? I saw that this directly maps to the relay_domains directive in Postfix, which supports LDAP lookups provided that Postfix is compiled with the LDAP extension, which unfortunately isn't the case.
     
  4. dietmar

    dietmar Proxmox Staff Member
    Staff Member

    Joined:
    Apr 28, 2005
    Messages:
    16,384
    Likes Received:
    292
    You/we can write a script which queries ldap an write the result to '/etc/proxmox/domains'. After that a 'proxconfig -s' and maybe a '/etc/init.d/postfix reload' is needed (maybe we can optimize that and use a hash table in the postfix config instead). So I guess we can get that working, yes. The question is how often do you want to update that file? Update periodically or manually?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. Gerry

    Gerry New Member

    Joined:
    Nov 15, 2008
    Messages:
    5
    Likes Received:
    0
    Thanks for your suggestion, we'll look into that already. :)

    This would be updated quite frequently. This specific situation was for ourselves, we are an ISP doing email hosting for about 2000 domains. All provisioning is automated and realtime, so if we can think in that direction we could perhaps find an even better solution.

    The idea I had was the following, just tell me if it's completely stupid:
    - Replace the postfix package by postfix-ldap from backports.org
    - Modify /var/lib/proxmox/templates/main.cf.in and replace the relay_domains list by an LDAP query

    Seems to me that this would be the most performant and comfortable way of doing it, but I'm a bit scared of updates afterwards.
     
  6. dietmar

    dietmar Proxmox Staff Member
    Staff Member

    Joined:
    Apr 28, 2005
    Messages:
    16,384
    Likes Received:
    292
    So this will do an ldap query for each email?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. Gerry

    Gerry New Member

    Joined:
    Nov 15, 2008
    Messages:
    5
    Likes Received:
    0
    Well yes, basically. If OpenLDAP can't handle it, we'll just add more replication. Isn't that what is usually done? Or do you perhaps have another idea?

    We're using LDAP intensively for our mail setup and use it further down the chain as well for internal routing to have the mail delivered on the correct box, so it would be very convenient if everything could just come from the LDAP we already have. I'm a bit reluctant to have a delay on the publication of the relay domains, since quite a few domains are added and deleted daily.
     
  8. dietmar

    dietmar Proxmox Staff Member
    Staff Member

    Joined:
    Apr 28, 2005
    Messages:
    16,384
    Likes Received:
    292
    I think its a bad idea to add an additional delay at that stage - performance is very critical there.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. rmKarthik

    rmKarthik New Member

    Joined:
    Jan 4, 2019
    Messages:
    1
    Likes Received:
    0
    hi,

    Is this "Can the "Relayed Domains" under "Mail Proxy" be specified as an LDAP query?" still not possible.

    I'm have two sets of domains, domains of each set goes to dedicated internal email server. I've all the domain information in our LDAP server.

    thanks,
    Karthik
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice