2009/11/04

How to Sync domain emails to Postfix's relay_recipient_maps? 如何同步domain email到Postfix的relay_recipient_maps

http://itessential.blogspot.com/2009/11/how-to-sync-domain-emails-to-postfixs.html
http://itessential.blogspot.com/2009/11/how-to-sync-domain-emails-to-postfixs.html

如何同步domain email到Postfix的relay_recipient_maps?
How to Sync domain emails to Postfix's relay_recipient_maps?

Due to Linux's better network performance in nature, many are using postfix as the mail gateway. To stop getting spam from internet, you can setup RBL list in Postfix's main.cf. This will only stop those blacklist servers, however, but not those not on list. And even when someone is sending your server a unknown@example.comto, your server will accept that mail since it doesn't know who is on your recipient list. To reduce such spam or misspelling, you can setup the relay_recipient_maps table for Postfix server. This table will help Postfix to judge which recipient should be accepted and which one is not.

To do so, you need to make sure your Postfix's relay_recipient_maps table is updated and always synchronized with your domain server.

"ldapsearch" is a good tool for getting domain information in Linux.
To customize a LDAP search filter, here is for you: http://confluence.atlassian.com/display/DEV/How+to+write+a+LDAP+search+filter

Below is the script for you to sync email list from domain (LDAP) server and save as relay_recipient_maps for Postfix service.
As for how to configure the relay_recipient_maps in Postfix, you can take a look here: http://www.postfix.org/postconf.5.html#relay_recipient_maps

Here comes the script:

#!/bin/bash
OF=/etc/postfix/relay_recipient_maps
TMP=/tmp/relay_recipient_maps
LIST=/tmp/last_relay_list
LS=/tmp/sync_log.txt
#MinimalCount to make sure list is not partially loaded
MinimalCount=1500

ldapsearch -b 'DC=example,DC=com' -h 'server.add.re.ss' -D 'username' -xw 'password' '(&(sAMAccountName=*)(mail=*))' proxyAddresses | grep -i 'smtp:' | cut -d ":" -f3 | uniq -i > $TMP
SIG=$?

if [ -s $TMP ]; then
NUM=`wc -l $TMP | cut -f1 -d' '`
if [ $NUM > $MinimalCount]; then
#Backup last workable list
cat $TMP > $LIST

cat $TMP | sed -s 's/$/ OK/' > $OF
/usr/sbin/postmap $OF
RES="`date` : $SIG (AD Sync OK) :$NUM"

else
RES="AD User list is too short!! :$NUM"
fi
else
RES="`date` : AD query failed!! "
fi

rm -f $TMP
echo $RES >> $LS


Before adding it to the crontab with your desired schedule for automatically periodical update, remember to chmod this script so it can be run as a script.

沒有留言: