![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
Now that I'm motivated for once...
We've been given the semi-official go-ahead at work to replace our current VMS-based email gateway with Postfix running on RHEL. Yay! Trouble is, I know as much about Unix MTAs as I do about Unix in general (ok, I'm typing this on my Ubuntu lappie, but ls -l is about my limit. ps -ef | grep < something > is when I'm being really techie).
The fun part will be figuring out a way to deliver mail onto each of our Exchange servers individually. Normal organisations deliver Exchange mail to bridgehead servers, which take care of the internal routing themselves. My colleague who currently runs the gateway is pretty insistent on individual "channels" for each Exchange box. *sigh* (my theory is that this is his attempt at maintaining "control" of the Exchange mail... it's tedious, anyway). At the moment, this is achieved by a hack to the Active Directory; getting rid of said hack is my absolute requirement for any solution that we implement.
So, there are various ways of getting the Active Directory information. Postfix natively supports OpenLDAP, which means it could connect to the AD and get the info needed to verify recipients in the AD domain. There are also methods of dumping the AD information and then secure-copying it to the Postfix server and turning it into a hashtable there (more secure, and much more efficient for lookups). And if we had bridgehead servers, that would be it.
However. The information we require to deliver to individual mailservers is contained in two LDAP attributes. One contains all the user's email addresses; the other contains the server their mailbox is on. Postfix cannot parse this for message delivery. There is, however, another solution. We dump the AD information onto the Postfix server, and then we process the raw data with Perl to munge all the AD info into sets of aliases in the format of < username >@< server >.domain.tld (which is the format used at present).
Great! You say. I got home all ready to start experimenting with scripts ... and I can't find my two Perl books! Ok, my knowledge of Perl is slightly greater than that of the Unix OS, but not much. For the life of me, I can't find my Wrox (Perl for "dummies") book or my Scripting for Win32 one (which may have some stuff on parsing AD-style LDAP, but I can't remember). Wuargh! Neither of them are in my bookshelf so they must be somewhere together. I'm sure I don't have any random piles of possessions left anywhere else in the world right now?
Time to hunt around on the web, then. And have a rummage for those bloody books tomorrow.
ETA: Schtuuuupid typos fixed after Scott kindly pointed them out for me!
And I found my Win32 Perl book. Still no sign of the Wrox one. Maybe check at work? (We don't use Perl at all there, at present).
The fun part will be figuring out a way to deliver mail onto each of our Exchange servers individually. Normal organisations deliver Exchange mail to bridgehead servers, which take care of the internal routing themselves. My colleague who currently runs the gateway is pretty insistent on individual "channels" for each Exchange box. *sigh* (my theory is that this is his attempt at maintaining "control" of the Exchange mail... it's tedious, anyway). At the moment, this is achieved by a hack to the Active Directory; getting rid of said hack is my absolute requirement for any solution that we implement.
So, there are various ways of getting the Active Directory information. Postfix natively supports OpenLDAP, which means it could connect to the AD and get the info needed to verify recipients in the AD domain. There are also methods of dumping the AD information and then secure-copying it to the Postfix server and turning it into a hashtable there (more secure, and much more efficient for lookups). And if we had bridgehead servers, that would be it.
However. The information we require to deliver to individual mailservers is contained in two LDAP attributes. One contains all the user's email addresses; the other contains the server their mailbox is on. Postfix cannot parse this for message delivery. There is, however, another solution. We dump the AD information onto the Postfix server, and then we process the raw data with Perl to munge all the AD info into sets of aliases in the format of < username >@< server >.domain.tld (which is the format used at present).
Great! You say. I got home all ready to start experimenting with scripts ... and I can't find my two Perl books! Ok, my knowledge of Perl is slightly greater than that of the Unix OS, but not much. For the life of me, I can't find my Wrox (Perl for "dummies") book or my Scripting for Win32 one (which may have some stuff on parsing AD-style LDAP, but I can't remember). Wuargh! Neither of them are in my bookshelf so they must be somewhere together. I'm sure I don't have any random piles of possessions left anywhere else in the world right now?
Time to hunt around on the web, then. And have a rummage for those bloody books tomorrow.
ETA: Schtuuuupid typos fixed after Scott kindly pointed them out for me!
And I found my Win32 Perl book. Still no sign of the Wrox one. Maybe check at work? (We don't use Perl at all there, at present).
no subject
no subject
I must remember not to try and type anything of a techical nature after two cocktails. I really don't know what planet I was on - I've been obsessing about Postfix for months, and have had nothing to do with Postscript for literally years. Will fix. :-)