Postfix

tiv · 10-20-2014, 06:26 AM

Hi there!

I have Postfix + BitDefender FRAMS running as hygiene gateway before few Exchanges.
BD FRAMS can learn it's Baesian filter by download SPAM and HAM emails from dedicated mailboxes.
Because we have sustain flow of SPAM to unknown recipients, I have idea to redirect this useful source of SPAM emails directly to SPAM-learning mailbox.

My configs:

main.cf:

Code:

myhostname = postfix.domain1.com
mynetworks = 127.0.0.0/8 xxx.xxx.xxx.xxx

relay_domains = hash:/etc/postfix/relay-domains
transport_maps = hash:/etc/postfix/transport
relay_recipient_maps = hash:/etc/postfix/relay-users
show_user_unknown_table_name = no
smtpd_delay_reject = yes
smtpd_banner = $myhostname
unknown_local_recipient_reject_code = 550

# Added by BitDefender on Fri Oct 17 13:20:04 UTC 2014
smtpd_milters=unix:/var/spool/postfix/BitDefender/bdmilterd.sock
milter_protocol = 2
milter_default_action = tempfail
milter_connect_timeout = 30s
milter_command_timeout = 30s
milter_content_timeout = 30s
# End of added lines

relay-domains:

Code:

#MyOrg1 Exchange
domain1.com OK

#MyOrg2 Exchange
domain2.com OK

relay-users:

Code:

user1@domain1.com OK
user2@domain1.com OK
user1@domain2.com OK
user2@domain2.com OK

transport:

Code:

#MyOrg1 Exchange
domain1.com smtp:exchange.domain1.com

#MyOrg2 Exchange
domain2.com smtp:exchange.domain2.com

my script for fill relay-users from AD (kindly share for you) for cron:

Code:

#!/bin/bash

#Global
LDAP_QUERY='(&(proxyAddresses=smtp:*)(!(objectClass=contact)))'

#Exchange Server 1
EX_SRV='exchange.domain1.com'
LDAP_SRV='ldap.domain1.com'
LDAP_SRV_USER='DOMAIN1\user'
LDAP_SRV_PASSWORD='password'
LDAP_SRV_BASEDN='DC=domain1,DC=com'
ldapsearch -xLLL -H ldap://$LDAP_SRV -s sub -D $LDAP_SRV_USER -w $LDAP_SRV_PASSWORD -b $LDAP_SRV_BASEDN $LDAP_QUERY | perl -p00e 's/\r?\n //g' | grep -i smtp: | cut -d: -f3- | sort | uniq > /etc/postfix/ldap-query-result-temp
cat /etc/postfix/ldap-query-result-temp | cut -d@ -f2- | sort | uniq | sed "s/$/ smtp:$EX_SRV/" > /etc/postfix/transport-temp
cat /etc/postfix/ldap-query-result-temp | cut -d@ -f2- | sort | uniq | sed 's/$/ OK/' > /etc/postfix/relay-domains-temp
cat /etc/postfix/ldap-query-result-temp | sort | uniq | sed 's/$/ OK/' > /etc/postfix/relay-users-temp
#Exchange Server 1

#Exchange Server 2
EX_SRV='exchange.domain2.com'
LDAP_SRV='ldap.domain2.com'
LDAP_SRV_USER='DOMAIN2\user'
LDAP_SRV_PASSWORD='password'
LDAP_SRV_BASEDN='DC=domain2,DC=com'
ldapsearch -xLLL -H ldap://$LDAP_SRV -s sub -D $LDAP_SRV_USER -w $LDAP_SRV_PASSWORD -b $LDAP_SRV_BASEDN $LDAP_QUERY | perl -p00e 's/\r?\n //g' | grep -i smtp: | cut -d: -f3- | sort | uniq > /etc/postfix/ldap-query-result-temp
cat /etc/postfix/ldap-query-result-temp | cut -d@ -f2- | sort | uniq | sed "s/$/ smtp:$EX_SRV/" >> /etc/postfix/transport-temp
cat /etc/postfix/ldap-query-result-temp | cut -d@ -f2- | sort| uniq | sed 's/$/ OK/' >> /etc/postfix/relay-domains-temp
cat /etc/postfix/ldap-query-result-temp | sort | uniq | sed 's/$/ OK/' >> /etc/postfix/relay-users-temp
#Exchange Server 2

#Exchange Server 3
#EX_SRV=''
#LDAP_SRV=''
#LDAP_SRV_USER=''
#LDAP_SRV_PASSWORD=''
#LDAP_SRV_BASEDN=''
#ldapsearch -xLLL -H ldap://$LDAP_SRV -s sub -D $LDAP_SRV_USER -w $LDAP_SRV_PASSWORD -b $LDAP_SRV_BASEDN $LDAP_QUERY | perl -p00e 's/\r?\n //g' | grep -i smtp: | cut -d: -f3- | sort | uniq > /etc/postfix/ldap-query-result-temp
#cat /etc/postfix/ldap-query-result-temp | cut -d@ -f2- | sort | uniq | sed "s/$/ smtp:$EX_SRV/" >> /etc/postfix/transport-temp
#cat /etc/postfix/ldap-query-result-temp | cut -d@ -f2- | sort| uniq | sed 's/$/ OK/' >> /etc/postfix/relay-domains-temp
#cat /etc/postfix/ldap-query-result-temp | uniq | sed 's/$/ OK/' >> /etc/postfix/relay-users-temp
#Exchange Server 3

mv -f /etc/postfix/relay-domains-temp /etc/postfix/relay-domains
mv -f /etc/postfix/relay-users-temp /etc/postfix/relay-users
mv -f /etc/postfix/transport-temp /etc/postfix/transport

rm -f /etc/postfix/ldap-query-result-temp

rm -f /etc/postfix/relay-domains.db
rm -f /etc/postfix/relay-users.db
rm -f /etc/postfix/transport.db

postmap hash://etc/postfix/relay-domains
postmap hash://etc/postfix/relay-users
postmap hash://etc/postfix/transport

postfix reload

If somebody know, how to do this, I will appreciated.
Thanks.

linosaurusroot · 10-23-2014, 05:27 AM

luser_relay defines the disposition of unknown recipients.
http://www.postfix.org/postconf.5.html#luser_relay