Miloslav Hůla
2015-Aug-27 16:09 UTC
Allow delivery to existing accounts only with LDAP and static
Hi, we are using LDAP binding as a passdb, and static with allow_all_users=yes as an userdb. Works fine, but problem is, Maildirs are created for non-existent accounts too. We would like to prevent it. The LDAP binding does not supporta user lookups. Is the correct way to use checkpassword as a passdb before LDAP, check for account existency here and: result_success=continue result_failure=return-fail ? Thank you, regards, Miloslav
Steffen Kaiser
2015-Aug-28 07:56 UTC
Allow delivery to existing accounts only with LDAP and static
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Thu, 27 Aug 2015, Miloslav H?la wrote:> we are using LDAP binding as a passdb, and static with allow_all_users=yes as > an userdb. > > Works fine, but problem is, Maildirs are created for non-existent accounts > too. We would like to prevent it. > > The LDAP binding does not supporta user lookups. Is the correct way to use > checkpassword as a passdb before LDAP, check for account existency here and:"the correct way" is to reject messages to non-existant users by the MTA. Which one do you use? - -- Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEVAwUBVeAUFHz1H7kL/d9rAQKdQQgAsewxfUyP2p67bpQNCZQSOJz+kVmkMVl5 LBFu+fjOoPh9KH2qRsiK0ldrAj2sMljZURInedrakw9AgKQbj8HNiPkPoPylhJh7 nWfkTdMGTJc82hfN1MGDlNG0LlTErsts92UVxrJ//LzTezqwYPBXRImnYg604zLx 06ePXrgUKoQ5xXdxJUMfUzWDfC2k/JeNu3dqECGFkhuZQfcJT+Y9T9zfeJYqjJGS 6QEBJknqYihBp9Dpr3a2eJckiEaC1qqYIiYE4/6+QIDmJkWqyveRtuD/oNGmUy1P D964VNyY/jExYRCbWZjLk7Lg/TUmkAbSWIhcydctmBQZZGeRpmIHZw==Of1j -----END PGP SIGNATURE-----
Miloslav Hůla
2015-Aug-28 08:45 UTC
Allow delivery to existing accounts only with LDAP and static
Dne 28.8.2015 v 9:56 Steffen Kaiser napsal(a):>> we are using LDAP binding as a passdb, and static with >> allow_all_users=yes as an userdb. >> >> Works fine, but problem is, Maildirs are created for non-existent >> accounts too. We would like to prevent it. >> >> The LDAP binding does not supporta user lookups. Is the correct way to >> use checkpassword as a passdb before LDAP, check for account existency >> here and: > > "the correct way" is to reject messages to non-existant users by the MTA. > > Which one do you use?We are using Postfix. Thanks in advance. -- Miloslav