I'm trying to configure Exim to use an LDAP directory for a list of
domains to relay for. What I'd like to do, is have a single entry in
the directory, with a multi-valued attribute, such as:
dn:cn=relayDomains,ou=config,dc=flirble,dc=org
cn: relayDomains
objectClass: flirbleDomainList
objectClass: top
associatedDomain: poptart.org
associatedDomain: flirble.org
associatedDomain: testing.org
... etc
I've put this into my exim config:
domainlist relay_to_domains = \
${lookup ldap {user=LDAP_BIND pass=LDAP_PWD
\
ldaps:///cn=relayDomains,LDAP_CONFIG?associatedDomain?base?(associatedDomain=$domain)
}}
Now, the lookup succeeds - but relaying is always denied. I think this
is becasue the LDAP lookup returns all the associatedDomain attribute
values, comma separated. From the debug output:
>>> check domains = +relay_to_domains
>>> poptart.org in "poptart.org, flirble.org, testing.org"? no (end
of list)
>>> poptart.org in "+relay_to_domains"? no (end of list)
>>> accept: condition test failed
Is there a way to make this work, or is this really not a good way to go
about this? Presumably I need to make the lookup return colon-separated
values instead of comma-separated values?...
Any help much appreciated!
Jake
