Skip to content

ldap aliases let forwards behave odd #58

New issue
New issue
Open
Open
ldap aliases let forwards behave odd#58
Assignees
juliaschroeder
@crpb

Description

@crpb
crpb
opened on Nov 28, 2025

Hi,

this is in reference to the community discussion email-forward-type-redirect-also-delivers-to-original-mailbox

admin-api/services/ldap.py

Lines 119 to 140 in 0a2d18a

def userdata(self, props=None):
if self.type == "contact":
return self.contactdata(props)
elif self.type == "group":
return self.groupdata(props)
self._chkConvert("user")
ldap = self._ldap
ldapuser = self.data
username, aliases = self._reduce(ldapuser[ldap._config["users"]["username"]], tail=True)
userdata = dict(username=username.lower(), aliases=aliases)
userdata["properties"] = props or ldap._defaultProps.copy()
userdata["properties"].update({prop: " ".join(str(a) for a in ldapuser[attr]) if isinstance(ldapuser[attr], list)
else ldapuser[attr] for attr, prop in ldap._userAttributes.items() if attr in ldapuser})
if ldap._config["users"].get("aliases"):
aliasattr = ldap._config["users"]["aliases"]
if ldapuser.get(aliasattr) is not None:
from tools import formats
aliases = ldapuser[aliasattr]
aliases = aliases if isinstance(aliases, list) else [aliases]
aliases = [alias[5:] if alias.lower().startswith("smtp:") else alias for alias in aliases]
userdata["aliases"] += [alias for alias in aliases if formats.email.match(alias)]
return userdata

it seems because the strtolower function is used here it won't handle the difference in smtp:secondary@somethind.tld to SMTP:primary@something.tld as describe in Fun with changing E-Mail Addresses.

This lead to entries that refer to itself. e.g. mariadb grommunio <<< "SELECT * FROM aliases WHERE mainname = aliasname;" . And these entries will not be disregarded by virtual_alias_maps = mysql:/etc/postfix/grommunio-virtual-mailbox-alias-maps.cf in postfix.

https://github.com/grommunio/admin-configs/blob/9fd4fb310baabb3b106b9485800a267f0ad21193/usr/sbin/grommunio-postfix#L27-L35

SELECT mainname FROM aliases WHERE aliasname='%s' UNION select destination FROM forwards WHERE username='%s' AND forward_type = 1

So we either should not create those entries at all and skip anything from proxyAddresses which start with capital SMTP: or update the sql query for postfix to disregard those entries.

I guess it would be the "safer" way to modify the later as this will take care of any falsely configured entries but one shouldn't enter BS in the directory aswell 🙊.

Metadata

Metadata

Assignees

Labels

No labels
No labels

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions