RE: [Exim] Extra line from -bt after changing lookup config

Top Page
This message is part of the following thread:
Mthe complete thread tree sorted by date
MStian Grytøyr at <-
MStian Grytøyr at ->
Delete this message
Reply to this message
Author: Luzynski, Steve
Date:  
To: exim-users
Subject: RE: [Exim] Extra line from -bt after changing lookup config
Stian Grytøyr wrote:
> Trying to get Exim to look up aliases in Active Directory, using LDAP
> lookups. After changing the config I get an extra line when testing
> with -bt.
>
> This is what I am used to, when Exim queries eDirectory (also LDAP):
>
>    # ../bin/exim -C origs/exim.conf -bt stian.grytoyr@???
>    stian@???
>        <-- stian.grytoyr@???
>      router = procmail, transport = procmail_pipe

>
> But with the new LDAP config in place, I get this:
>
>    # ../bin/exim -bt stian.grytoyr@???
>    stian@???
>        <-- stian@???
>        <-- stian.grytoyr@???
>      router = procmail, transport = procmail_pipe

>
> The alias is matched to a username, so the LDAP query apparently
> works, but I'm very curious about that extra <-- line. What does it
> mean? I couldn't find the exact meaning of those lines in the manual.
>
> Thanks for any insights.

It looks like your AD query is returning multiple email addresses, which is fairly typical - many AD setups have more than one email address in them, especially if they were migrated from an NT 4.0 environment. One is generally the old NT4 short login name and the other is generally the actual email address.

You didn't list your configuration out to have a look at, but this is what I'm doing in a router for incoming email to make sure that the email address the message is addressed to actually matches to a person: 

exchangemaillookup:
  driver = redirect
  hide data = ${lookup ldap {user=CN=user,OU=Users,DC=company,DC=com pass=password \
    ldap:///dc=company,dc=com?mail?sub?(proxyAddresses=smtp:${quote_ldap:$local_part}@${quote_ldap:$domain})}}
  domains = dbm;/etc/mail/localdomains.db
  verify_recipient
  self = pass
  pass_router = exchangeroute
  no_more


It runs this lookup on incoming traffic if the addressed domain is in the localdomains.db file. The pass_router then points to a manualroute router that uses the remote_smtp transport to deliver to the internal (Exchange) servers:

exchangeroute:
driver = manualroute
transport = remote_smtp
route_data = internal_machine:internal_machine2

By constructing the lookup the way I did above, it is basically starting with an email address and making sure it exists before attempting to route the message inward.

If there is some reason why you're looking up an alias (I assume a cn or samAccountName in AD terms) instead of an entire email address you'll probably need to post more of your configuration to have a look at.

-Steve

--
Steve Luzynski
Aquila, Inc.


This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [Exim] Build problem on OSX 10.1.4Re: [Exim] Authentication problem.->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)