[POSTFIX] How to check if user exists in case of postfix proxy Exchange with Active Directory / LDAP

In case if postfix is Exchange proxy mail filter,
much email going to spamassasin (grow up load), and then relay to Exchange
( made fake reply to non existing address ) so it’s good idea to check if recipient exists:

This is in case of EFA – work nice.

1) Install postfix-ldap package
2) nano /etc/postfix/ldap-users.cf
3) Insert:

server_host = srv.domain.local

search_base = dc=domain,dc=local
bind = yes
bind_dn = CN=Some User,OU=SBSUsers,OU=Users,OU=MyBusiness,DC=domain,DC=local
bind_pw = [******** Your PW here *********]
query_filter = (|(mail=%s)(proxyAddresses=smtp:%s))
leaf_result_attribute = mail
# result_format = %S OK
result_format = OK

4) Modify your /etc/postfix/main.cf to achieve this one:

smtpd_recipient_restrictions =  permit_sasl_authenticated,
                                permit_mynetworks,
                                reject_unauth_destination,
                                reject_non_fqdn_recipient,
                                reject_unknown_recipient_domain,
                                check_recipient_access ldap:/etc/postfix/ldap-users.cf, hash:/etc/postfix/recipient_access,
                                reject

5) service postfix reload

6) tail -f /var/log/maillog

If some user shoud be passed, but it’s no in active directory,
edit /etc/postfix/recipient_access
and put:

email@domain.com    OK

postmap /etc/postfix/recipient_access

Done. Enjoy!

#ff