Page 1 of 1
Allowing email to known Exchange recipients only
Posted: 17 Sep 2014 14:39
by colin
I am trying to restrict inbound email to only those addresses registered in Microsoft Exchange and have tried editing /etc/postfix/recipient_access but this has no effect.
Is there any documentation that describes how to do this, preferably using LDAP so that as users are added to MS Exchange, they are automatically allowed to receive email through EFA.
Thanks
Colin
Re: Allowing email to known Exchange recipients only
Posted: 17 Sep 2014 21:58
by shawniverson
When you created recipient_access, did you compile it with postmap and restart postfix?
Code: Select all
sudo postmap /etc/postfix/recipient_access
If you want to automate this, you can use a script to rebuild the recipient_access list periodically and automate with a cron job...check out this post...
/viewtopic.php?f=14&t=433
Re: Allowing email to known Exchange recipients only
Posted: 25 Oct 2014 10:29
by colin
Ok I have got the LDAP integration to work to a fashion (I will come back to this in another post later once this is working)
The process now generates /etc/postfix/relay_recipients (or /etc/postfix/recipient_access I have tried both) and then runs postmap /etc/postfix/relay_recipients (or /etc/postfix/recipient_access as appropriate) and this generates a /etc/postfix/relay_recipients.db
The content of /etc/postfix/relay_recipients is in the format:
user1@mydomain.co.uk OK
user2@mydomain.co.uk OK
and so on.
When I send an email from external to say
fred@mydomain.co.uk (who doesn't exist), it still gets passed through to my Exchange server.
What am I missing? And is there a definitive step by step guide?
Re: Allowing email to known Exchange recipients only
Posted: 25 Oct 2014 11:13
by colin
Got it working with the following commands:
postconf -e "relay_recipient_maps = hash:/etc/postfix/relay_recipients"
postfix reload
Now back to the other issue I have. I cannot get the the script to work with OUs. It works with a CN though. And if I use $hqbase="dc=example,dc=com" then it picks up everything (CNs and OUs)
Re: Allowing email to known Exchange recipients only
Posted: 25 Oct 2014 14:45
by shawniverson
Can you PM me your script?
I would like to test it against my domain...
Re: Allowing email to known Exchange recipients only
Posted: 26 Oct 2014 13:51
by colin
Thanks for helping me fix this. I have one final but very important question:
How do you undo all this if it fails to work or you no longer want it implemented?
Re: Allowing email to known Exchange recipients only
Posted: 27 Oct 2014 23:45
by shawniverson
Just empty out the relay_recipients. Remove it and replace it with a zero length file of the same name and postmap it.