[Exim] exim exchange2000 ldap

Top Page
Delete this message
Reply to this message
Author: Bauer, Felix
Date:  
To: exim-users
Subject: [Exim] exim exchange2000 ldap
Hi,

I'm trying to get my setup working (wow) which will be the following:

___
Incoming email -> exim
            = get spam-scanned by exiscan-acl's/spamassassin
            = get virus-scanned by clamd
            = maybe do some more mailfiltering
              = relay to internal mailserver which holds the
users mailboxes
___


my bad, internal mailserver is M$-exchange 2000. I'm not an experienced
exim-user, but it works pretty well for my @home-setup and I have a
personal preference
to stay with exim, so I wont to get this done. My current problem is the
recipient-verification.
I had a look at
http://exim.planetmirror.com/exim-html-4.30/doc/html/C043.txt which
looks good,
but copy-pasting isn't enough of course. For a productive environment it
is also important (IMHO)
to understand what my stuff is doing. What I'm not understanding is the
whole LDAP-stuff. Where
can I get the informations I should replace the following:

[snip]
exchangemaillookup:
driver = redirect
data = ${lookup ldap
{ldap:///?mail?sub?(mail=${quote_ldap:$local_part}@${quote_ldap:$domain}
)}}
domains = dbm;/etc/exim/db/localdomains.db
verify_recipient
self = pass
pass_router = exchangeroute
no_more
[snip]
(?mail?sub? ??)

I don't keep my localdomains in a dbm-file but use +local_domains which
should be ok, I guess.
Another thing I don't understand is, why are those exchange-routers
after dnslookup,system_aliases
and localuser. If I get it right, I don't wont those routers but only
the router which does
"User is in exchange-db (lookup ok), go on and send it to him or else
bounce the mail".

I tried those routers and resulted in the following


Connected to mail02.domain.tld.
Escape character is '^]'.
220 mail02.domain.tld ESMTP Exim 4.21 Mon, 05 Apr 2004 16:11:08 +0200
HELO domain.tld
250 mail02.domain.tld Hello domain.tld [213.131.253.12]
MAIL FROM: user@???
250 OK
RCPT TO: user@???
451 Temporary local problem - please try later


I started exim in debug mode, here is some output

23497 --------> exchangemaillookup router <--------
23497 local_part=user domain=domain.tld
23497 checking domains
23497 domain.tld in "@:domain.tld:localhost"? yes (matched "domain.tld")
23497 domain.tld in "+local_domains"? yes (matched "+local_domains")
23497 calling exchangemaillookup router
23497 rda_interpret (string): ${lookup ldap
{ldap:///LDAPSERVER(mail=${quote_ldap:$local_part}@${quote_ldap:$domain}
)}}
23497 search_open: ldap "NULL"
23497 search_find: file="NULL"
23497 key="ldap:///LDAPSERVER(mail=user@???)" partial=-1
affix=NULL starflags=0
23497 LRU list:
23497 internal_search_find: file="NULL"
23497 type=ldap key="ldap:///LDAPSERVER(mail=user@???)"
23497 database lookup required for
ldap:///LDAPSERVER(mail=user@???)
23497 LDAP parameters: user=NULL pass=NULL size=0 time=0 connect=-1
23497 perform_ldap_search: ldap URL
="ldap:///LDAPSERVER/(mail=user@???)" server=172.16.1.2 port=0
sizelimit=0 timelimit=0 tcplimit=-1
23497 after ldap_url_parse: host=172.16.1.2 port=0
23497 ldap_initialize with URL ldap://172.16.1.2:389/
23497 initialized for LDAP (v3) server 172.16.1.2:389
23497 LDAP_OPT_X_TLS_TRY set
23497 binding with user=NULL password=NULL
23497 Start search
23497 search ended by ldap_result yielding 101
23497 ldap_parse_result yielded 1: Operations error
23497 LDAP search failed - error 1: Operations error/000020D6: SvcErr:
DSID-0310067F, problem 5012 (DIR_ERROR), data 0
23497
23497 lookup deferred: LDAP search failed - error 1: Operations
error/000020D6: SvcErr: DSID-0310067F, problem 5012 (DIR_ERROR), data 0
23497
23497 exchangemaillookup router: defer for user@???
23497 message: failed to expand "${lookup ldap
{ldap:///LDAPSERVER/(mail=${quote_ldap:$local_part}@${quote_ldap:$domain
})}}": lookup of "ldap:///LDAPSERVER/(mail=user@???)" gave DEFER:
LDAP search failed - error 1: Operations error/000020D6: SvcErr:
DSID-0310067F, problem 5012 (DIR_ERROR), data 0
23497
23497 ----------- end verify ------------
23497 require: condition test deferred
23497 LOG: MAIN REJECT


I guess, I have the wrong syntax for ldap-access but I seriously don't
know where to look for informations
that belong in there or where to find some docs which could get me the
informations (without starting studying
LDAP, in fact I don't care about LDAP, it just got in my way...) I need
to get this working. user@??? exists
on the exchange server fyi. Is there a way to test a ldap connection
with a straight-forward-client or something.


thx for any advice
-fe