Problem with relay_domains using ldap

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

Problem with relay_domains using ldap

Peter Koinange-2

Hi,

 I am trying to configure postfix to use ldap. I am going to use the mail server as a secondary mx for mail. I have managed to sort out using ldap  directory as a source for transport maps but I am having a problem configuring relay_domain lookup table to use LDAP. Below are the results from postmap check. However whenever I try send mail I keep getting the error Relay access denied. Can someone point me in the right direction


Peter

#postmap -q [hidden email] ldap:relay
khoi.com


mail from: [hidden email]
250 2.1.0 Ok
rcpt to: [hidden email]
554 5.7.1 <[hidden email]>: Relay access denied
Reply | Threaded
Open this post in threaded view
|

Re: Problem with relay_domains using ldap

mouss-2
Peter Koinange wrote:

> Hi,
>
>  I am trying to configure postfix to use ldap. I am going to use the mail server as a secondary mx for mail. I have managed to sort out using ldap  directory as a source for transport maps but I am having a problem configuring relay_domain lookup table to use LDAP. Below are the results from postmap check. However whenever I try send mail I keep getting the error Relay access denied. Can someone point me in the right direction
>
>
> Peter
>
> #postmap -q [hidden email] ldap:relay
> khoi.com
>
>
> mail from: [hidden email]
> 250 2.1.0 Ok
> rcpt to: [hidden email]
> 554 5.7.1 <[hidden email]>: Relay access denied
>  

http://www.postfix.org/DEBUG_README.html#mail

Reply | Threaded
Open this post in threaded view
|

Re: Problem with relay_domains using ldap

Peter Koinange-2
In reply to this post by Peter Koinange-2


I have gone through the documentation when setting the transport_maps to reach from a hash database


1) relay_domains = $mydestinations, hash:/usr/local/etc/postfix/test
postmap -q khoi.com hash:/usr/local/etc/postfix/test
OK

and the domain relay works


2) When I set the Ldap to return the same value as per DATABASE_README
relay_domains = $mydestinations,  ldap:relay
postmap -q [hidden email] ldap:relay
OK


I still get the relay 554 5.7.1 <[hidden email]>: Relay access denied, Still trying to figure it out  
(postfix 2.6-20080411 on bsd 7)
K

----- "mouss" <[hidden email]> wrote:

> Peter Koinange wrote:
> > Hi,
> >
> >  I am trying to configure postfix to use ldap. I am going to use the
> mail server as a secondary mx for mail. I have managed to sort out
> using ldap  directory as a source for transport maps but I am having a
> problem configuring relay_domain lookup table to use LDAP. Below are
> the results from postmap check. However whenever I try send mail I
> keep getting the error Relay access denied. Can someone point me in
> the right direction
> >
> >
> > Peter
> >
> > #postmap -q [hidden email] ldap:relay
> > khoi.com
> >
> >
> > mail from: [hidden email]
> > 250 2.1.0 Ok
> > rcpt to: [hidden email]
> > 554 5.7.1 <[hidden email]>: Relay access denied
> >  
>
> http://www.postfix.org/DEBUG_README.html#mail

Reply | Threaded
Open this post in threaded view
|

Re: Problem with relay_domains using ldap

Victor Duchovni
On Mon, May 12, 2008 at 05:58:55PM +0300, Peter Koinange wrote:

>
>
> I have gone through the documentation when setting the transport_maps to reach from a hash database
>
>
> 1) relay_domains = $mydestinations, hash:/usr/local/etc/postfix/test
> postmap -q khoi.com hash:/usr/local/etc/postfix/test
> OK
>
> and the domain relay works
>
>
> 2) When I set the Ldap to return the same value as per DATABASE_README
> relay_domains = $mydestinations,  ldap:relay
> postmap -q [hidden email] ldap:relay
> OK

Same value, but not the same lookup key.

--
        Viktor.

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.

To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:[hidden email]?body=unsubscribe%20postfix-users>

If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.
Reply | Threaded
Open this post in threaded view
|

Re: Problem with relay_domains using ldap

Peter Koinange-2
In reply to this post by Peter Koinange-2


I get it I have change my code


relay_domains = ldap:relay
relay_server_host = xxx.xxx.com
relay_search_base = dc=yyyyy
relay_query_filter = (&(dc=%d)(objectClass=organization))
relay_result_attribute = dc
relay_result_filter = %s


postmap  -q [hidden email] ldap:relay
khoi.com


From the Postfix documentation "A file name is replaced by its contents; a type:name table is matched when a (parent) domain appears as lookup key"

but it mail relay still will not work. I am at witts end and actually think of auto generating a file nad running postmap every couple of hours.  Can anybody help me.


Peter
 
----- "Victor Duchovni" <[hidden email]> wrote:

> On Mon, May 12, 2008 at 05:58:55PM +0300, Peter Koinange wrote:
>
> >
> >
> > I have gone through the documentation when setting the
> transport_maps to reach from a hash database
> >
> >
> > 1) relay_domains = $mydestinations,
> hash:/usr/local/etc/postfix/test
> > postmap -q khoi.com hash:/usr/local/etc/postfix/test
> > OK
> >
> > and the domain relay works
> >
> >
> > 2) When I set the Ldap to return the same value as per
> DATABASE_README
> > relay_domains = $mydestinations,  ldap:relay
> > postmap -q [hidden email] ldap:relay
> > OK
>
> Same value, but not the same lookup key.
>
> --
> Viktor.
>
> Disclaimer: off-list followups get on-list replies or get ignored.
> Please do not ignore the "Reply-To" header.
>
> To unsubscribe from the postfix-users list, visit
> http://www.postfix.org/lists.html or click the link below:
> <mailto:[hidden email]?body=unsubscribe%20postfix-users>
>
> If my response solves your problem, the best way to thank me is to
> not
> send an "it worked, thanks" follow-up. If you must respond, please
> put
> "It worked, thanks" in the "Subject" so I can delete these quickly.

Reply | Threaded
Open this post in threaded view
|

Re: Problem with relay_domains using ldap

Victor Duchovni
On Tue, May 13, 2008 at 10:02:08AM +0300, Peter Koinange wrote:

>
>
> I get it I have change my code
>
>
> relay_domains = ldap:relay
> relay_server_host = xxx.xxx.com
> relay_search_base = dc=yyyyy
> relay_query_filter = (&(dc=%d)(objectClass=organization))
> relay_result_attribute = dc
> relay_result_filter = %s
>
>
> postmap  -q [hidden email] ldap:relay
> khoi.com

NO. This is wrong. The lookup key for relay domais is JUST the domain
not the address. Do not use "%d", use "%s". When testing, test with
the domain not the address.

--
        Viktor.

Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.

To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:[hidden email]?body=unsubscribe%20postfix-users>

If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly.
Reply | Threaded
Open this post in threaded view
|

Re: Problem with relay_domains using ldap

Peter Koinange-2


Thank you very much

K


----- "Victor Duchovni" <[hidden email]> wrote:

> On Tue, May 13, 2008 at 10:02:08AM +0300, Peter Koinange wrote:
>
> >
> >
> > I get it I have change my code
> >
> >
> > relay_domains = ldap:relay
> > relay_server_host = xxx.xxx.com
> > relay_search_base = dc=yyyyy
> > relay_query_filter = (&(dc=%d)(objectClass=organization))
> > relay_result_attribute = dc
> > relay_result_filter = %s
> >
> >
> > postmap  -q [hidden email] ldap:relay
> > khoi.com
>
> NO. This is wrong. The lookup key for relay domais is JUST the domain
> not the address. Do not use "%d", use "%s". When testing, test with
> the domain not the address.
>
> --
> Viktor.
>
> Disclaimer: off-list followups get on-list replies or get ignored.
> Please do not ignore the "Reply-To" header.
>
> To unsubscribe from the postfix-users list, visit
> http://www.postfix.org/lists.html or click the link below:
> <mailto:[hidden email]?body=unsubscribe%20postfix-users>
>
> If my response solves your problem, the best way to thank me is to
> not
> send an "it worked, thanks" follow-up. If you must respond, please
> put
> "It worked, thanks" in the "Subject" so I can delete these quickly.