Re: [Exim] Mail LDAP Schema

Top Page
Delete this message
Reply to this message
Author: Tony Earnshaw
Date:  
To: exim-users
Subject: Re: [Exim] Mail LDAP Schema
man, 19.05.2003 kl. 10.25 skrev artfakt:

> which LDAP schema must be used with:
> - exim 4.14
> - open LDAP 2.1


> with management of:
> - alias


"alias" in Openldap 2.1.x is cosine.schema, but you don't mean this, you
mean something else - I don't know what. Use of aliases in Openldap can
lead to all sorts of problems.

> - quota


No such attribute as such. Stuff it in "description" in cosine.schema.

> - mailing-list


That's different, there are different possibilities. E.g. a combination
of objectClass nisMailAlias and attribute rfc822MailMember, or
inetLocalMailRecipient and mailLocalAddress. However, for a mailing
list, mailing list software such as Mailman is best. It has all sorts of
refinements. My two examples are really for groups with forwarding
addresses, a la /etc/aliases.

> And, how to integrate it in exim.conf, using "mailbox(maildir) format":
> conf & queries?


Depends what you want. What have you tried up to now, after reading
chapter 9.9 in the 4.14 spec.txt, and what doesn't work?

Here's a router that works for me for forwarding mail for local users in
a group (somelist). Transport is the standard smtp or localuser
transport, depending on where it has to go. Whether it's mailbox (mbox)
or maildir format depends on your exim configuration. That's all covered
in spec.txt. You can adapt if your users aren't local, i.e. are virtual
users. It involves a proxy user, exim, who does a bind as exim and for
other purposes can even look up users' passwords. It's just an example
and involves you trying things out for your own ends and own
configuration. You have to read spec.txt!

"What you want to find" comes before the filter (i.e. rfc822MailMember)
and then you get the filter to use. Exim has been told (in the main
configure section) that unqualified names should be qualified with
billy.demon.nl - but only for this particular host:

ldif:

dn: cn=somelist,ou=people,ou=groups,dc=billy,dc=demon,dc=nl
objectClass: top
objectClass: nisMailAlias
cn: postliste
rfc822MailMember: tonye
rfc822MailMember: billy
rfc822MailMember: horde
rfc822MailMember: evy
rfc822MailMember: paul@???

router:

group_aliases:
  driver = redirect
  allow_fail
  allow_defer
  data    = ${lookup ldapm \
    {user="cn=exim,ou=services,ou=groups,dc=billy,dc=demon,dc=nl"
pass=password \
    ldaps://localhost/\
    dc=billy,dc=demon,dc=nl?rfc822MailMember?sub?\
    (&(objectClass=nisMailAlias)(cn=${quote_ldap:$local_part@$domain}))\
    }\
    {$value} fail }
# user = exim
  file_transport = address_file
  pipe_transport = address_pipe


Otherwise, for generalized LDAP questions, the Openldap or UMich mailing
lists are your best bet.

Best,

Tony

--
Tony Earnshaw

http://www.billy.demon.nl
Mail: tonni@???