|
|
|
|
|
|
| Author |
Message |
Jedi-V
*nix forums beginner
Joined: 23 Feb 2005
Posts: 32
|
 Posted: Tue Jul 18, 2006 3:26 pm Post subject:
'map chains' - recursive address validation
|
|
|
I was pointed to 'map chains' as a possible solution for a
*need/desire* of recursive addresses validation - or more correctly a
rewrite and then validate (first.lastname> flastname => check LDAP)
I only seem to find reference to 'map chains' as a request for
considersation and some higher level discussion. Had this ever moved
past the drawing board??
Along those same lines, I understand (now) that address validation
during the SMTP conversation is not recursive. Seeing how many of the
rewrite threads always clearly point out 'do not use wildcards' - and
I completely understand why - is there a higher level reason as to why
wildcard matches during address validation don't recursively get
verified (similiar to sending) - or any rewrite for that matter?
therefore, address gets a rewrote, that then gets validated/rewrote
again -- granted there are the scenarios of a circular rewrite, but
that is the case on sending/rewrite as well - and Postfix catches and
logs those appropriately.
Just a thought - seeing how 'wildcards' are always warned against.
Thanks
--
----------------------------------
please respond to the list .. if you need to contact me direct
cgmckeever is the account
prupref.com is the domain
<A href="http://www.prupref.com">Simply Chicago Real Estate</A> |
|
| Back to top |
|
 |
Wietse Venema
*nix forums Guru
Joined: 27 Feb 2005
Posts: 2697
|
| Posted: Tue Jul 18, 2006 3:44 pm Post subject:
Re: 'map chains' - recursive address validation
|
|
|
Chris McKeever:
| Quote: | I was pointed to 'map chains' as a possible solution for a
*need/desire* of recursive addresses validation - or more correctly a
rewrite and then validate (first.lastname> flastname => check LDAP)
|
The Postfix SMTP server currently does not validate addresses except
to check existence non-recursively. Address validation had to
be added years after the architecture was designed and implemented.
It cant' be done 100% accurately without major restructuring.
While it's cool and could solve some problems, I am not convinced
that 'map chains' would solve the address validation problem.
It would have to implement not only the input address rewriting
that is currently done in cleanup and trivial-rewrite, but also
the output address rewriting that happens in, for example, the
local delivery agent (to maintain consistency between virtual(5)
and local( aliases).
Wietse
| Quote: | I only seem to find reference to 'map chains' as a request for
considersation and some higher level discussion. Had this ever moved
past the drawing board??
Along those same lines, I understand (now) that address validation
during the SMTP conversation is not recursive. Seeing how many of the
rewrite threads always clearly point out 'do not use wildcards' - and
I completely understand why - is there a higher level reason as to why
wildcard matches during address validation don't recursively get
verified (similiar to sending) - or any rewrite for that matter?
therefore, address gets a rewrote, that then gets validated/rewrote
again -- granted there are the scenarios of a circular rewrite, but
that is the case on sending/rewrite as well - and Postfix catches and
logs those appropriately.
Just a thought - seeing how 'wildcards' are always warned against.
Thanks
--
----------------------------------
please respond to the list .. if you need to contact me direct
cgmckeever is the account
prupref.com is the domain
A href="http://www.prupref.com">Simply Chicago Real Estate</A
|
|
|
| Back to top |
|
|
Victor Duchovni
*nix forums Guru
Joined: 28 Feb 2005
Posts: 2927
|
| Posted: Tue Jul 18, 2006 3:49 pm Post subject:
Re: 'map chains' - recursive address validation
|
|
|
On Tue, Jul 18, 2006 at 11:44:55AM -0400, Wietse Venema wrote:
| Quote: | It would have to implement not only the input address rewriting
that is currently done in cleanup and trivial-rewrite, but also
the output address rewriting that happens in, for example, the
local delivery agent (to maintain consistency between virtual(5)
and local( aliases).
|
Perhaps another reason why address validation should stop at the input
to virtual expansion, verifying the validity of that address, and not
its expanded value, but in any case, I agree that map chains would
solve a different problem (more flexible maps). For accurate recipient
verification it seems that Postfix would have to do the work internally
by doing at least the 1-to-1 (canonical and masquerade) expansion in
smtpd( and perhaps also virtual(5) and perhaps aliases(5), but here
is some diversity of opinion.
--
Viktor.
P.S. Morgan Stanley is looking for a New York City based, Senior Unix
system/email administrator to architect and sustain the Unix email
environment. If you are interested, please drop me a note.
Disclaimer: off-list followups get on-list replies or get ignored.
Please do not ignore the "Reply-To" header.
To unsubscribe from the postfix-users list, visit
http://www.postfix.org/lists.html or click the link below:
<mailto:majordomo@postfix.org?body=unsubscribe%20postfix-users>
If my response solves your problem, the best way to thank me is to not
send an "it worked, thanks" follow-up. If you must respond, please put
"It worked, thanks" in the "Subject" so I can delete these quickly. |
|
| Back to top |
|
|
Google
|
|
| Back to top |
|
|
|
|
The time now is Thu Jan 08, 2009 7:03 am | All times are GMT
|
|
Photography | Watch Naruto Online | Yugioh | Credit Cards | Bankruptcy
|
|
Copyright © 2004-2005 DeniX Solutions SRL
|
|
|
|
Other DeniX Solutions sites:
Unix/Linux blog |
electronics forum |
medicine forum |
science forum |
|
|
Privacy Policy
|
Powered by phpBB © 2001, 2005 phpBB Group
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
Forum index
»
Apps
»
Postfix
