Re: [Exim] antispam with ldap

Góra strony
Delete this message
Reply to this message
Autor: Oliver Eikemeier
Data:  
Dla: Thomas Baumann
CC: exim-users@exim.org
Temat: Re: [Exim] antispam with ldap
Hi Thomas,

> I have a ldap-directory with valid users, and I only want to accept
> users in this directory.
>
> ldapsearch -h ldapsrv -b "ou=DE,o=tirili" -x mail="my.user@???" mail
>
> returns
>
> dn: CN=My User,OU=DE,O=tirili
> mail: my.user@???
>
> I thought about a ACL like this
>
> acl_check_rcpt:
>
>    deny   message   = User Unknown
>           condition = ${lookup ldap query = ?????????}

>
> But how is the correct syntax for the ldap query ?
>
> Or do you have better Ideas for my accept-only-users-in-ldap-directory ?
>
> Thanks for any help in advance.


begin routers

  check_ldapuser:
    driver = accept
    verify_only
    no_more
    address_data = ${lookup ldap {ldap:///ou=DE,o=tirili?dn?one?(mail=${quote_ldap:$local_part}@$domain)} {$value}fail}
    cannot_route_message = Unknown recipient <${quote:$local_part}@$domain>


and verify = sender in an check_rcpt acl.

(Sorry, untested).

The advantage is that you can run this *after* alias expansion.