Re: [exim] Mailing list in Exim

Top Page
Delete this message
Reply to this message
Author: Schramm, Dominik
Date:  
To: exim-users
Subject: Re: [exim] Mailing list in Exim
Hi,

Rafal Kupka on Sunday, August 17, 2008 11:11 PM:

> [...]
> ${sg{
> ${map
>   {<\n ${sg{${lookup ldapm
>                {LDAP_CRED ldap:///LDAP_BASE?member?sub?LDAP_FILT}
>              }
>            }{\N, \N}{\n}
>         }
>   }
>   {${lookup ldap{LDAP_CRED ldap:///${quote_ldapdn:$item}?mail?base?}}}
>  }
> }{\N\n\N}{, }}
> 
> [...]
> 
> It's only lightly tested[2] but should work well.
> But it's quote inefficient -- one additional ldap query per 
> recipient.


There is one slight trap in the above code: if the returned DNs
in the first lookup contain instances of ", ", then the search
fails (which is the case in our AD). The following expression 
works even under such circumstances:

${sg{${lookup ldapm
        {LDAP_CRED ldap:///LDAP_BASE?member?sub?LDAP_FILT}
      }
    }{\N(?<!\\), \N}{\n}
 }

The second lookup also fails, however, and that one was a nasty 
beast to solve -- this may even be a bug in the Exim quoting 
code!?

# exim4 -be '${map {<\n ${sg{${lookup ldapm {user="cn=binduser" pass=bindpass ldap:///DC=example,DC=com?member?sub??(objectclass=group)}}}
                         {\N(?<!\\), \N}
                         {\n}}} {$item}}'
CN=Schramm\, Dominik,OU=Ah\, more spaces!,DC=example,DC=com
#

So far, so good. But feeding this to quote_ldap 
(or quote_ldap_dn) yields the wrong  LDAP base (note the 
"%5C5C" and "%5C%5C%5C"):

# exim4 -be '${map {<\n ${sg{${lookup ldapm {user="cn=binduser" pass=bindpass ldap:///DC=example,DC=com?member?sub??(objectclass=group)}}}
                         {\N(?<!\\), \N}
                         {\n}}} {${quote_ldap:$item}}}'
CN%3DSchramm%5C5C%2C%20Dominik%2COU%3DAh%5C5C%2C%20more%20spaces!%2CDC%3Dexample%2CDC%3Dcom
# exim4 -be '${map {<\n ${sg{${lookup ldapm {user="cn=binduser" pass=bindpass ldap:///DC=example,DC=com?member?sub??(objectclass=group)}}}
                         {\N(?<!\\), \N}
                         {\n}}} {${quote_ldap_dn:$item}}}'
CN%3DSchramm%5C%5C%5C%2C%20Dominik%5C%2COU%3DAh%5C%5C%5C%2C%20more%20spaces!%5C%2CDC%3Dexample%5C%2CDC%3Dcom
# exim4 -be '${map {<\n ${sg{${lookup ldapm {user="cn=binduser" pass=bindpass ldap:///DC=example,DC=com?member?sub??(objectclass=group)}}}
                         {\N(?<!\\), \N}
                         {\n}}} {${lookup ldap {user="cn=binduser" pass=bindpass ldap:///${quote_ldap:$item}?mail}}}}'

# exim4 -be '${map {<\n ${sg{${lookup ldapm {user="cn=binduser" pass=bindpass ldap:///DC=example,DC=com?member?sub??(objectclass=group)}}}
                         {\N(?<!\\), \N}
                         {\n}}} {${lookup ldap {user="cn=binduser" pass=bindpass ldap:///${quote_ldap_dn:$item}?mail}}}}'

#
Nothing, and not rightly so! -- Here is the ugly 
workaround that yields the correct result:

# exim4 -be '${map {<\n ${sg{${lookup ldapm {user="cn=binduser" pass=bindpass ldap:///DC=example,DC=com?member?sub??(objectclass=group)}}}
                         {\N(?<!\\), \N}
                         {\n}}} {${lookup ldap {user="cn=binduser" pass=bindpass ldap:///${sg{${quote_ldap:$item}}{%5C5C}{%5C}}?mail}}}}'
dominik.schramm@???
# 

What's wrong here: what I'm doing or what exim is doing?

Regards,
Dominik