Приветствую сообщество. Есть почтовый сервер настроенный на аутентификацию через Dovecot, который в свою очередь идентифицирует пользователей через керберос и ищет реципиентов в AD. Это всё работает только если один почтовый домен на пользователя. А если их несколько, вида:
user@domain.com - первичный записанный в атрибуте mail, и user1@domain.net, user2@domain.org, etc... записаные в атрибуте otherMailbox.
LogFile="perl /usr/bin/awstats_maillogconvert.pl standard < /var/log/maillog |"
LogFile="gzip −cd /var/log/maillog.0.gz | /usr/bin/awstats_maillogconvert.pl standard |"
queue_directory = /var/spool/postfix
command_directory = /usr/sbin
daemon_directory = //usr/lib64/postfix
data_directory = /var/lib/postfix
mail_owner = postfix
default_privs = nobody
myhostname = energo.cg.ukrtel.net
inet_interfaces = 10.71.0.50, 127.0.0.1
unknown_local_recipient_reject_code = 550
#mynetworks_style = subnet
mynetworks = 127.0.0.0/8 10.71.0.50/32
smtpd_banner = energo.cg.ukrtel.net ESMTP $mail_name
debug_peer_level = 2
debugger_command =
PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
ddd $daemon_directory/$process_name $process_id & sleep 5
sendmail_path = /usr/sbin/sendmail
newaliases_path = /usr/bin/newaliases
mailq_path = /usr/bin/mailq
setgid_group = postdrop
html_directory = /usr/share/doc/postfix-2.7.2/html
manpage_directory = /usr/share/man
sample_directory = /etc/postfix
readme_directory = /usr/share/doc/postfix-2.7.2/readme
smtpd_milters = unix:/var/run/clamav/clamav-milter.sock
milter_default_action = accept
mailbox_command = /usr/libexec/dovecot/deliver
dovecot_destination_recipient_limit=1
line_length_limit = 3048
lmtp_line_length_limit = 990
smtp_line_length_limit = 990
virtual_mailbox_base = /var/spool/mail
virtual_mailbox_maps = ldap:/etc/postfix/ldap-users.cf
virtual_alias_maps = ldap:/etc/postfix/ldap-groups.cf
virtual_uid_maps = static:1000
virtual_gid_maps = static:1000
#virtual_mailbox_domains = /etc/postfix/domains.cf
#virtual_transport = hash:/etc/postfix/transport
#transport_maps = hash:/etc/postfix/transport
#### TLS bits ####
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
## Location of key, cert and CA-cert.
## These files need to be generated using openssl
smtpd_tls_key_file = /etc/ssl/dovecot/cn.energy/cn.energy.key
smtpd_tls_cert_file = /etc/ssl/dovecot/cn.energy/cn.energy.crt
smtpd_tls_CAfile = /etc/ssl/dovecot/cn.energy/cacert.pem
tls_random_exchange_name = /var/run/prng_exch
tls_random_source = dev:/dev/urandom
tls_smtp_use_tls = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_application_name = smtpd
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $virtual_mailbox_domains
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
server_host = srv-ad.cn.energy
search_base = dc=cn,dc=energy
version = 3
bind = yes
bind_dn = admin@cn.energy
bind_pw = passwd
query_filter = (otherMailbox=%s)
result_attribute = otherMailbox
result_format = %s/
postmap -q simbios@oblr.cn.energy.gov.ua ldap:/etc/postfix/ldap-users.cf
sysadmin@cn.energy/,simbios@oblr.cn.energy.gov.ua/
Спасибо за вашу помощь.
