Hello Nathan,
You DO NOT need the X2003, transport event sinks, and so on ;-)
What you need is a base familiarity with LDAP.
Just use Exim's LDAP lookup in a way something like this:
1) LDAP objectClass equal matching with either
`user', `group' or `publicFolder'
2) LDAP proxyAddresses equal matching with
SMTP:${quote_ldap:${local_part}@${domain}
You need an Active Directory account called `exim mailer', located in
Users OU or somewhere else. Do not give this account any permission
other than query AD. If you have multiple DC's or multiple exchange (or
multiple exim's), you could use DNSDB SRV and more complex setup, but
that's out of scope of this message. Making an exchange bridgehead is a
good option.
So, LDAP setup might look like this.
=cut
# somewhere in the global section
ldap_default_servers = your-dc.domain.org
INTERIOR_MX = your-exchange-bridgehead.domain.org
LDAP_AD_BINDDN = "cn=exim mailer,ou=Users,dc=domain,dc=org"
LDAP_AD_PASS = "VerySecretPassword"
LDAP_AD_BASE_DN = "dc=domain,dc=org"
LDAP_AD_MAIL_RCPT = \
user=LDAP_AD_BINDDN \
pass=LDAP_AD_PASS \
ldap:///LDAP_AD_BASE_DN\
?mail?sub?\
(&\
(|\
(objectClass=user)\
(objectClass=publicFolder)\
(objectClass=group)\
)\
(proxyAddresses=SMTP:${quote_ldap:${local_part}@${domain}})\
)
=cut
Then, use the lookups in a router. This router DOES NOT produce
transports. You need an additional router called `interior' that does
this. Just make it (driver = manualroute) and you're in.
=cut
# somewhere in routers section
adsi:
driver = redirect
domains = +relay_domains
allow_fail
allow_defer
forbid_file
forbid_pipe
redirect_router = interior
data = ${lookup ldap {LDAP_AD_MAIL_RCPT}\
{${local_part}@${domain}}{:fail: User unknown}}
=cut
That's almost all. It works just great, you do not need to touch the
Exim, only AD. Again, if your DC is down, no mail will pass in. But you
can make as many DC's as you like, and ask Exim to query them all,
fail-safe redundant setup.
Take care.
-----Original Message-----
From: exim-users-admin@??? [
mailto:exim-users-admin@exim.org] On
Behalf Of Nathan Ollerenshaw
Sent: Wednesday, August 18, 2004 12:19 PM
To: Exim users list
Subject: [Exim] OT: Problem with recipient verification to an exchange
server
I'm trying to get recipient verification working on one of our mail
relays that I just installed exim on.
I have a bunch of domains that need to have their recipient address
changed to $local_part@SOMEDOMAIN and sent to a specific server (our
exchange server).