Postfix & Exchange 2000/2003 how to
Rescued from Google cache - original document at http://www-personal.umich.edu/~malth/gaptuning/postfix/
by Chris Covington - malth@umich.edu
Tired
of wasting cycles and generating Exchange bounces with invalid recipients on
your Postfix relay system?
An alternative to the Exchange 5.5 method of exporting valid users on an Exchange server, then processing the output and copying to a Postfix server.
This method consists of a simple perl script which uses Net::LDAP to retrieve Active Directory users' "proxyAddresses" which are both primary and secondary SMTP addresses (as opposed to using "mail" which would only retrieve a user's primary SMTP address). Nothing needs to be run on the Active Directory domain controllers; this script requires only TCP port 389 access to your Active Directory domain controllers.
The resulting output is in the format: "user@example.com OK" which then must be postmap(ped).
Add the following to your Postfix 2.0+ main.cf to use the
relay_recipient_maps feature of Postfix, which will now reject unknown
users:
relay_recipient_maps = hash:/etc/postfix/your_recipients
Note: the Exchange domains in question MUST be entered in relay_domains, and NOT in mydestination.
Also note if you would like to prevent Postfix from rejecting with "User unknown in relay recipient table" and would rather Postfix say "User unknown" set show_user_unknown_table_name = no in main.cf.
I have the script cronned every hour with the following cron job:
#!/bin/shConceivably this script can be easily modified to support other LDAP servers by changing the M$-specific "proxyAddresses" search base and output modification.