alternate relay after local lookup failure

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

alternate relay after local lookup failure

Matthew Riedel
Dear Postfix Community,

I have a bit of a conundrum that I can't seem to find an answer to in any of
the documentation (and believe me, I've poured over it).  Below is our
somewhat sparse output of postconf -n.

The problem is this: We currently have two machines accepting mail for
[hidden email].  One is this machine, and the other is our old machine, which
we are currently migrating away from.  Users may be located on one or the
other machine, but not both.

"Local" users are defined through the local_recipient_maps, which is an LDAP
query.  If the user is found, they're considered local, and Postfix then
attempts to send the mail through the local transport (using Dovecot's LDA).

However, there's a gotcha.  Since Postfix is set to receive mail for
*@fqdn.edu, even if the "local" user lookup (via LDAP) fails, it will sit on
the email and put it into "temporary failure."  The only way I can get these
messages relayed is to temporarily remove "fqdn.edu" from the
"mydestination" parameter.

My question is this: Is there a way to get Postfix to automatically try the
"old" machine if the user isn't found in the "local_recipient_map"?  i.e.
Postfix would receive an email to "[hidden email]", which exists in the LDAP
lookup.  Postfix passes it to Dovecot, where it gets delivered.  Everyone's
happy.  However, if a message comes in for "[hidden email]", which *isn't* in
the local_recipient_map, then to try relaying that message to host2.fqdn.net
(instead of either bouncing it or putting it into temporary failure)?

Thanks,
Matt Riedel



# postconf -n
alias_database = dbm:/etc/mail/aliases
broken_sasl_auth_clients = yes
canonical_maps = dbm:/opt/pkgsrc/etc/postfix/canonical
config_directory = /opt/pkgsrc/etc/postfix
content_filter = scan:127.0.0.1:10025
forward_path = /home/users/$user/.forward
local_recipient_maps = ldap:/opt/pkgsrc/etc/postfix/ldap-virtual.cf
mailbox_transport = dovecot
mydestination = host.fqdn.edu, fqdn.edu
myhostname = smtp.fqdn.edu
mynetworks = 10.0.0.0/24
myorigin = $mydomain
receive_override_options = no_address_mappings
relayhost = myrelayhost.fqdn.edu
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated
reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_path = /opt/pkgsrc/var/run/dovecot/auth-client
smtpd_sasl_type = dovecot
smtpd_tls_CAfile = /opt/pkgsrc/etc/cacert.pem
smtpd_tls_cert_file = /opt/pkgsrc/etc/smtp.crt
smtpd_tls_key_file = /opt/pkgsrc/etc/smtp.key
smtpd_use_tls = yes
transport_maps = dbm:/opt/pkgsrc/etc/postfix/transport_map
virtual_alias_maps = ldap:/opt/pkgsrc/etc/postfix/ldap-alias.cf


--
Matthew Riedel
Senior IT Specialist - CITS
University of Maryland, Baltimore
[hidden email]
410-706-4860

Reply | Threaded
Open this post in threaded view
|

Re: alternate relay after local lookup failure

Wietse Venema
Matthew Riedel:

> Dear Postfix Community,
>
> I have a bit of a conundrum that I can't seem to find an answer to in any of
> the documentation (and believe me, I've poured over it).  Below is our
> somewhat sparse output of postconf -n.
>
> The problem is this: We currently have two machines accepting mail for
> [hidden email].  One is this machine, and the other is our old machine, which
> we are currently migrating away from.  Users may be located on one or the
> other machine, but not both.
>

Set up virtual_alias_maps entries for the users on the other machine.
Presumably, a list of users exists, because otherwise the old machine
would not know how to deliver them.

user@fqdn [hidden email]

That's virtual_alias_maps, not virtual_alias_domains.

        Wietse