Hi folks,
I'm trying to get my check_rcpt ACL to accept a recipient who is listed
in my LDAP directory. I'm still at the "keep everything simple, albeit
ugly" stage.
I'm using the following macro, because I reuse it in my
ldap_localdelivery router:
LDAP_MANAGER = user="cn=Manager,dc=clue,dc=bz" pass=secret
LDAP_LOCAL_USER = \
${if \
eq \
{$local_part@$domain} \
{ \
lookup{$local_part@$domain} \
ldap{LDAP_MANAGER \
ldap:///cn=$local_part@$domain,dc=clue,dc=bz?mail?base \
} \
} \
{yes}{no} \
}
Here's my check_rcpt ACL condition:
accept condition = LDAP_LOCAL_USER
My example doesn't use quote_ldap to avoid line-wrapping. You'll see
from the error message that I am using quote_ldap, but I haven't got to
the point where that's important yet.
When I test this ACL, I get the following:
processing "accept"
check condition = ${if eq {$local_part@$domain} { lookup{$local_part@$domain} ldap{user="cn=Manager,dc=clue,dc=bz" pass=secret ldap:///cn=${quote_ldap:$local_part@$domain},dc=clue,dc=bz?mail?base } } {yes}{no} }
= {yes}{no} }
accept: condition test deferred
451 Temporary local problem - please try later
LOG: MAIN REJECT
H=axl.seasidesoftware.co.za (axl) [10.0.0.2] F=<sheldonh@???> temporarily rejected RCPT <sheldonh@???>: invalid "condition" value " {yes}{no} }"
I'm going cross-eyed. Can anyone see my mistake?
Ciao,
Sheldon.
