What We Do
Postfix Schema File
Patrick Ni
RedAnt IT Support Inc.
March, 2011
Postfix schema file for aliases lookup and virtual domain aliases lookup
Status of this memo
Operating system: Debian Lenny 5.0.8
OpenLDAP: 2.4.11-1+lenny2
Postfix: 2.5.5-1.1
Abstract
This document outlines the major steps to make Postfix aliases lookup and
virtual domain aliases lookup against an OpenLDAP directory work
1. Background
I tested this on a Debian VM behind a D-link NAT device. It has a static IP
192.168.0.3 and hostname lake.redwok.ca. Obviously, redwok.ca here is the
canonical domain. 2ndAnt.ca as a virtual domain is hosted on lake.redwok.ca.
MX records for redwok.ca and 2ndAnt.ca point to the external IP of
the NAT device.
lake authentication is through OpenLDAP. localhost is the OpenLDAP server
for "dc=redwok,dc=ca" and "dc=2ndant, dc=ca"
"pni" is the Linux account for receiving aliases in the redwok.ca domain,
and "pni2" is the linux account for receiving aliases in the "2ndAnt.ca"
domain.
2. Postfix schema file
lake:/etc/ldap/schema/redant# more postfix.schema
objectIdentifier raRoot 1.3.6.1.4.1.50000
objectIdentifier raSNMP raRoot:1
objectIdentifier raLDAP raRoot:2
objectIdentifier raAttributeType raLDAP:1
objectIdentifier raObjectClass raLDAP:2
attributetype ( raAttributeType:1 NAME 'mailacceptinggeneralid'
DESC 'like patrick.ni, or patrick.ni@artcrft.com, same as the mail attribute'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
attributetype ( raAttributeType:2 NAME 'maildrop'
DESC 'like patrick.ni@artcrft.com, same as the mail attribute'
EQUALITY caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
objectclass ( raObjectClass:1 NAME 'raVirtualaccount'
DESC 'aliases class for Postfix'
SUP top STRUCTURAL
MUST mailacceptinggeneralid
MAY maildrop )
3. OpenLDAP configuration
backend hdb
database hdb
suffix "dc=redwok,dc=ca"
rootdn "cn=root,dc=redwok,dc=ca"
rootpw {SSHA}gWbnI95IiIbm3vyaWw5N0oIKvH1sI0k6
directory "/var/lib/ldap"
database hdb
suffix "dc=2ndant,dc=ca"
rootdn "cn=root,dc=2ndant,dc=ca"
rootpw {SSHA}gWbnI95IiIbm3vyaWw5N0oIKvH1sI0k6
directory "/var/lib/ldap2"
4. Postfix configuration
alias_maps = hash:/etc/aliases, ldap:/etc/postfix/ldap-aliases.cf
virtual_alias_domains = 2ndant.ca
virtual_alias_maps = ldap:/etc/postfix/ldap-aliases2.cf
4.1 the ldap-aliases.cf file
server_host = localhost
search_base = ou=Aliases,dc=redwok,dc=ca
4.2 the ldap-aliases2.cf file
server_host = localhost
search_base = ou=Aliases,dc=2ndant,dc=ca
5. Populate the OpenLDAP database
# Aliases, redwok.ca
dn: ou=Aliases,dc=redwok,dc=ca
ou: Aliases
objectClass: organizationalUnit
# patrick.ni, Aliases, redwok.ca
dn: mailacceptinggeneralid=patrick.ni,ou=Aliases,dc=redwok,dc=ca
mailacceptinggeneralid: patrick.ni
objectClass: raVirtualaccount
maildrop: pni
maildrop: a11024@yahoo.com
# Aliases, 2ndant.ca
dn: ou=Aliases,dc=2ndant,dc=ca
ou: Aliases
objectClass: organizationalUnit
# 2ndant.ca, 2ndant.ca
dn: mailacceptinggeneralid=2ndant.ca,dc=2ndant,dc=ca
objectClass: raVirtualaccount
mailacceptinggeneralid: 2ndant.ca
maildrop: pni@redwok.ca
# patrick.ni@2ndant.ca, Aliases, 2ndant.ca
dn: mailacceptinggeneralid=patrick.ni@2ndant.ca,ou=Aliases,dc=2ndant,dc=ca
mailacceptinggeneralid: patrick.ni@2ndant.ca
objectClass: raVirtualaccount
maildrop: pni2
maildrop: a11024@yahoo.com
6. Author's Address
Patrick Ni
RedAnt IT Support Inc.
Phone: 778 988 3178
E-mail: Patrick.Ni@RedAnt.ca
