You will likely get better results if you let postfix to validate recipients with LDAP first. This way it can already refuse to accept mail for invalid recipients, and this reduces backscatter spam.
Aki > On 09/05/2023 10:11 EEST Moritz Pflanzer <mor...@pflanzer.eu> wrote: > > > Thanks for the hints. I already followed that guide. > > The question about best practices was more a conceptual one. Should dovecot > and postfix talk independently to the LDAP database? Or should dovecot be the > gateway for postfix to get the information out of the LDAP database? > > Cheers, > Moritz > > > On 09/05/2023 08:30 CEST Aki Tuomi via dovecot <dovecot@dovecot.org> wrote: > > > > > > > On 08/05/2023 23:06 EEST Marc <m...@f1-outsourcing.eu> wrote: > > > > > > > > > > > > > > so far I had a setup where Dovecot was using a passwd file as userdb and > > > > passdb. Postfix was then authenticating with Dovecot via SASL to > > > > validate user accounts. > > > > > > > > Now I added an LDAP backend and would like to use that for Dovecot and > > > > Postfix. My first approach was to change the passdb to use the LDAP > > > > driver with the following settings: > > > > > > > > hosts = openldap:1389 > > > > base = ou=users,dc=example,dc=com > > > > auth_bind = yes > > > > auth_bind_userdn = uid=%n,ou=users,dc=example,dc=com > > > > > > > > > > So why not handle this on the os? Have the os publish the ldap users, and > > > have dovecot handle os users. It needs to create uid's anyway for the > > > files etc. > > > > Doing "real unix UIDs" based solution only makes sense if you are gonna > > have users logging into the system over SSH or something to check their > > mails. > > > > Otherwise it's just a useless complication over virtual user system. > > > > https://doc.dovecot.org/configuration_manual/howto/simple_virtual_install/ > > > > A simple guide on how to get started with virtual users, and some > > information about how to get LDAP working > > > > https://doc.dovecot.org/configuration_manual/authentication/ldap/ > > > > Aki > > _______________________________________________ > > dovecot mailing list -- dovecot@dovecot.org > > To unsubscribe send an email to dovecot-le...@dovecot.org > _______________________________________________ > dovecot mailing list -- dovecot@dovecot.org > To unsubscribe send an email to dovecot-le...@dovecot.org _______________________________________________ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-le...@dovecot.org
