> Hi, > > Not to highjack the thread, but there are also other things to consider. > > I have no idea how on Postfix, but this could help you too Scott Lavoie. > > If there are multiple exchange backends for postfix/spamasassin > gateway ... how could one validate that users exists, given that you > only have a list of valid users for some of the exchange servers and > the mailahead/milterahead/smtp are not an option? > > I'm looking for a pointer here ... > > transport_maps is for the entire domain and where to send the mail ... > but, I'm lost about the validations of users for some of the domains > ...
>Theoretically you could do that with LDAP. Assuming a cluster of Exchange >servers for one AD Domain, all users should have an entry in the GAL. >So in your filtering front end you could do an LDAP query against the >GAL for each recipient and reject the message if not found. > >However if that is a busy system you would do a -lot- of queries and >risk running your DC out of LDAP threads, causing real problems. >(we ran into a similar problem with a password checking module under >heavy authetication loads ;(. > >If your user population is not too dynamic, it might be more efficient >to do user list exports & map rebuilds on a periodic basis. >You could pull the user list using LDAP and build the maps on the postifx >box using a cron job. Take a look at: http://www2.origogeneris.com:4000/relay_recipients.html This script is what we're using at our organization to update the list of exchange emails. PS: You really started something there Scott :P
