On Wed, Apr 14, 2004 at 05:20:43PM -0400, Stephen Gran is rumored to have said:
>
> The idea is, users will check their mail on the pop/imap server, but no
> mail should ever be received directly there, only from the front-end
> machines.
Very similar to what we're doing at my office.
Here's my router (with domain and LDAP info sanitized). It's possible that it could be cleaner - I'm no LDAP or exim guru, but this seems to work perfectly.
# LDAP user router
ldap_user:
driver = manualroute
domains = example.com
address_data = ${lookup ldap {ldap:///ou=people,dc=example,dc=com?uid,mailhost?sub?\
(&(uid=${quote_ldap:$local_part})(status=1))}{$value}fail}
condition = ${if match {$local_part}{extract{uid}{$address_data}}}
transport = remote_smtp
route_list = \
example.com ${extract{mailhost}{$address_data}}
The host which is the final destination for a message to a user is stored in the 'mailhost' attribute in the user's LDAP entry. This particular setup would allow for different users to have their physical accounts on different hosts and still have their @example.com addresses routed to the appropriate box. The 'status' attribute is just an enable/disable switch for the account.
Hopefully you find the above to be of some use.
St-
--
"I'm not going to get into the ring with Tolstoy."
- Ernest Hemingway (1899-1961)
