User Alias Mapping and Mail Transport with Postfix & LDAP

From Zimbra :: Wiki

Jump to: navigation, search

This is a description of how the Zimbra MTA, namely Postfix, does user alias mapping and mail transport using LDAP during delivery to the mail store. This can be useful information if you have mail in the deferred or hold queues waiting for delivery and you need to know what Postfix is expecting to do next. Both alias mapping and mail transport functions are handled with LDAP queries to the Zimbra directory from Postfix. The configuration files are /opt/zimbra/conf/ldap-vam.cf and ldap-transport.cf respectively.

Virtual alias mapping (user alias mapping) - /opt/zimbra/conf/ldap-vam.cf

If an email in queue is addressed to a alias recipient, Postfix is going to query the Zimbra directory for the zimbraMailAlias attribute asking for the zimbraDeliveryAddress value as the result. For example, if a mail comes in to alias user.alias@domain.com, a query for zimbraMailAlias=user.alias@domain.com is performed and Postfix asks for the value of the zimbraMailDeliveryAddress in the result. Postfix then maps the alias recipient to the zimbraMailDeliveryAddress and delivers the mail.

Postfix does not know if the recipient address is an alias until the LDAP query is performed. In fact, during alias mapping, Postfix asks the directory for the zimbraMailDeliveryAddress, zimbraMailAlias, or zimbraMailCatchAllAddress attributes using the recipient address in order to find the zimbraMailDeliveryAddress. Postfix also asks for other result attributes like zimbraMailForwardingAddress, zimbraPrefMailForwardingAddress and zimbraMailCatchAllForwardingAddress for delivery to those destinations.

Mail transport (user mail transport) - /opt/zimbra/conf/ldap-transport.cf

In order to deliver mail to the correct mailbox server, Postfix performs an LDAP query for the zimbraMailTransport attribute using the value of zimbraMailDeliveryAddress found when performing virtual alias mapping. As you know, zimbraMailTransport contains the protocol, mail host, and TCP port. So, when Postfix receives the value of zimbraMailTransport of lmtp:servername.domain.com:7025, it knows to deliver the mail to host sansome.eiu.edu over TCP 7025 via the LMTP protocol.

Deferred mail and making changes to the directory

Any changes made in the directory to the mail transport or email aliases will be seen by Postfix every time it attempts delivery of a message. Postfix performs the LDAP queries again when a message comes out of deferred and into active. If for any reason you need to requeue messages, run postsuper -r ALL or postsuper -r <queue_id> (find the queue_id with the mailq command). You shouldn't have to do this when making LDAP changes.

Personal tools