USTRLLC
asked on
Active directory authentication with postfix
I want to relay mails from postfix machine to exchange server after verifying an email address exists with Active directory (AD authentication with postfix).
What are the steps to follow and configuration file changes
What are the steps to follow and configuration file changes
/etc/postfix/main.cf:
smtpd_recipient_restrictio ns =
permit_mynetworks
reject_unauth_destination
...
reject_unknown_recipient_d omain
reject_unverified_recipien t
smtpd_recipient_restrictio
permit_mynetworks
reject_unauth_destination
...
reject_unknown_recipient_d
reject_unverified_recipien
You can also have postfix cache the lookup results if you want to.
address_verify_map = btree:/var/lib/postfix/ver ify
address_verify_map = btree:/var/lib/postfix/ver
If you wanted to use Active Directory for SMTP AUTH for your remote users,
see
http://www.linuxmail.info/active-directory-cyrus-sasl-authentication/
see
http://www.linuxmail.info/active-directory-cyrus-sasl-authentication/
ASKER
We need postfix do LDAP lookups LDAP and query for valid recipients then relaying to the exchange server
Why does it have to use LDAP?
ASKER
We dont need to pull users' SMTP addresses from your Active Directory because it will take some processing time and not practical.We need to have a direct look to AD this is a valid mailid or not.
AD Authentican is for avoiding bulk mails
AD Authentican is for avoiding bulk mails
You don't need to use AD to know if the email address is valid.
There are other much easier ways to achive this.
Postfix has a special feature desgined for exactly this purpose.
It is call email address verification and can be use to verify the validy of sender address or recipient address.
See my first comment for details.
There are other much easier ways to achive this.
Postfix has a special feature desgined for exactly this purpose.
It is call email address verification and can be use to verify the validy of sender address or recipient address.
See my first comment for details.
ASKER
We need only our internal mail authentication via AD.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Not recvd any practical solutions
postfix can do this with SMTP.
see
http://www.postfix.org/ADDRESS_VERIFICATION_README.html