At 07:35 AM 2/10/2004 +0530, you wrote:
>ISP List wrote:
>
>>I am using a cluster of Exim 4.x machines to front-end my main mailhost,
>>which never appears in the MX records for the domains I handle mail for
>>(the exim boxes do all the mail processing and then passes it on to the
>>main mailhost via a smart route). At the moment, our users send out/relay
>>mail through the main mailhost which runs CommuniGate Pro. I want to shift
>>this duty to the exim boxes. The problem is that no local accounts exist
>>on the exim boxes, so I need a way to handle SMTP AUTH for those folks that
>>are not on our trusted IP blocks. I suspect I'll need to use an ACL, but
>>I'm not sure how to do some sort of callback or something to CommuniGate
>>Pro for SMTP AUTH.
>
>Run an ldap server or something on the communigate pro machine?
It is already running a LDAP server. In fact, I have a ACL that already
checks for a valid E-mail address against the CGP database when accepting mail:
deny message = user unknown
domains = +relay_to_domains
!recipients = ${lookup ldap \
{user="ldap_search@???" pass=XXXXXX \
ldap:///uid=${quote_ldap:$local_part},cn=${quote_ldap:$domain}?mail} \
{$value}fail}
The question is, how to interface with the LDAP/CGP server to validate SMTP
AUTH requests to the exim machines. Presumably the query would need to
authenticate with the SMTP AUTH username and password passed to exim, and
result in a pass/fail type of response.
-----------------------------------------
Mike Bacher / isp-list@???
TCIS - TulsaConnect Internet Services
Phone: 918-584-1100x110 Fax: 918-582-5776
-----------------------------------------
