HOLDing certain recipients during migration

> On Feb 11, 2013 7:56 PM, "Miha Valencic" <[hidden email]
> <mailto:[hidden email]>> wrote:
>
>     Hi!
>
>     Just want to double check if I am planning this correctly. We're
>     migrating users from one system to another, and want to HOLD
>     incoming messages for certain recipients during migration. For
>     that purpose, we'll create a file with users listed:
>
>     /hold-users:
>     [hidden email] <mailto:[hidden email]> HOLD
>     [hidden email] <mailto:[hidden email]> HOLD
>     ...
>
>     postmap that file and configure this HOLD queue in recipient
>     restrictions:
>
>     smtpd_recipient_restrictions = check_recipient_access
>     hash:/opt/zimbra/conf/postfix_recipient_access_ldapcheck,
>     reject_non_fqdn_recipient,  permit_sasl_authenticated,
>     permit_mynetworks, reject_unknown_sender_domain,
>     reject_unauth_destination, permit
>
>     In order to HOLD messages, I need to put "check_recipient_access
>     hash:/hold-users" somewhere.
>
>     If I put it before "permit_sasl_authenticated", this should do
>     the trick, correct?
>
>     Thanks,
>      Miha.
>

> On Tue, Feb 12, 2013 at 4:28 PM, Noel Jones <[hidden email]> wrote:
>>
>> put it under smtpd_sender_restrictions so you don't have to muck
>> around with your existing smtpd_recipient_restrictions.
>
> Noel,
>
> just want to make sure: postfix 2.7 evaluates
> smtpd_sender_restrictions *after* RCPT TO? Couldn't find which version
> of postfix changed the time of the evaluation. From the docs: "Early
> Postfix versions evaluated SMTP access restrictions lists as early as
> possible..."

> On Thu, Feb 14, 2013 at 4:34 AM, Sahil Tandon <[hidden email]> wrote:
>> The HOLD action affects all recipients; you can be more specific by
>> using the retry service.  See the following thread:
>>   http://article.gmane.org/gmane.mail.postfix.user/197989
>
> Thanks Sahil! I'll consider it. It also makes sense, though delivery
> of rejected emails is somewhat delayed (due to unknown retry
> interval). What do you mean by 'HOLD action affects all recipients'?
> HOLD action affects only recipients listed in the "hold file" - at
> least that's how I understand it.
>
> Miha
>

>
> On Tue, Feb 19, 2013 at 9:20 PM, Sahil Tandon <[hidden email]> wrote:
>>
>> On Thu, 2013-02-14 at 13:13:54 +0100, Miha Valencic wrote:
>>
>> > On Thu, Feb 14, 2013 at 1:01 PM, Noel Jones <[hidden email]> wrote:
>> > > HOLD acts at the message level, not the recipient level.
>> > > If one recipient of a multi-recipient message is put on HOLD, all
>> > > recipients of that message will be affected.
>> >
>> > I see. I believe the HOLD is better suited to our scenario as a
>> > temporary reject and this (HOLDing messages for all recipients if one
>> > matches) is acceptable.
>>
>> I do not understand your response; the HOLD action is not a temporary
>> reject.  Anyway, my involvement earlier in the thread is for others who
>> might chance upon this chain in the archives, and prefer the alternative
>> (and IMHO more robust) approach.
>>
>
> Hello,
>
> I looked up the other thread where it is suggested to use transport_maps
> file with entry like:
>
> [hidden email] retry:4.0.0 Mailbox being migrated
>
> I've tested it, and it works fine if I use the target address of virtual_alias_maps,
> but not if I list the address in the email.  In our case this is to hold/suspend email
> until the mailbox is copied to a second system, where we continue to
> run mail on both mailbox systems.
>
> If I set up entries like:
>
> [hidden email] retry:4.0.0 Mailbox being migrated
>
> That will keep it in the queue all right, but how to release it so it
> will deliver to [hidden email] after mailboxes have
> been moved?  I'd think we'd need a way to hold it prior to getting
> processed by the virtual mapping.
>
>