[Exim] LDAP alias and receiver-verify

Top Page
Delete this message
Reply to this message
Author: Patrick von der Hagen
Date:  
To: exim-users
Subject: [Exim] LDAP alias and receiver-verify
Hi all,

I have a mail-system consisting of one mailserver connected to the
"internet" and some dedicated department mailservers. Perhaps you remember
that I asked some similar questions some month ago.

My problem was, how to find out, which local part should be delivered to
which department mailserver and the result was, to put up an alias-file like
"localpart: localpart@departmentserver" to do the lookups.

I decided to wait some time and set up an LDAP-Server first, so I don't have
to distribute alias-filed to all mailservers but only update one LDAP-Server.

Now the LDAP-Server is running and I am quite happy. It's just cool, how
easy it was to get a working setup.

Here is the BUT. ;-)

I would like to use "receiver_verify" but my list of valid adresses is
stored in LDAP. Well, perhaps I have some kind of "blind spot" but I can't
find out or imagine how to tell "receiver_verify" to do a ldap-lookup.

And another BUT.
Let's say I have an entry like "cn=hagen, delivery=hagen@???".
Now server1 receives mail for hagen, does a ldap-lookup and sends the mail
to server2. Nice.
Now I am on server2 and receive mail for hagen@domain. The alias-director is
used and a ldap-lookup yields "hagen@???". Then the
adress-reception starts again and this time looks for information about
"hagen@???". Again, alias-director, ldap-lookup yields
"hagen@???". Third run, the alias-director realises that it
already looked up "hagen@???" and skips, then .forward is checked
and finaly local delivery is invoked.

Well, the result is absolutely ok. But I don't like the design 100%. IMHO
there is one ldap-lookup more than really necessary, but it will probably be
cached. Though I don't have much traffic I wonder about performance-impacts
and if it could somehow be skipped.

And of course I would like to know, if it could be done better somehow.

BTW, there is one specific problem left. I run some mailinglists on server1,
so in ldap I would have to have "list->list@server1" but on server1 I would
run into problems. I would need an alias like "list: shell-command".
Right now I am not sure if it was possible to have two alias-directors on
server1? The first doing ldap and the second giving the shell-command?
The ldap-alias-director would be invoked once, pointing back to server1,
then it would be skipped and the second alias-director would yield the
shell-invocation?

This mail got rather long. I apologize for the inconvenience and would be
grateful for every tip/hint.

--
CU,
Patrick.
"Never run on auto-pilot" - The Pragmatic Programmer