Re: [exim] Further details about Exchange/Exim routing - doe…

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Ruairi Hickey
Dátum:  
Címzett: exim-users
Tárgy: Re: [exim] Further details about Exchange/Exim routing - does anyone have this working as per the website?
We've taken a different approach to this and run a nightly cron job gets a list
of valid email addresses from the ldap server and compares it against the
current valid list - if there are changes it emails the changes to me and I
can manually recreate the list. It would be trivial to make this automatic if
you so wished .
The valid addresses are stored in a local DBM and the valid recipient lookup
is done against this.... Generally we went this way as it is less resource
intensive to do a dbm lookup as opposed to an ldap lookup, and in the event of
an LDAP failure you could end up bouncing good emails.......


Ruairi

cat /usr/local/sbin/validEmailAddresses
#!/bin/sh

get_ldap_mailaddresses()
{
ldapsearch -x -h MyLdapServer -b "My Top Level OU" '(!
(&(objectCategory=person)(objectClass=user)
(userAccountControl:1.2.840.113556.1.4.803:=3)))' mail proxyAddresses | grep -
i -e ^mail: -e '^proxyAddresses: smtp:' | sed -e 's/mail: //i' -e
's/proxyAddresses: SMTP://i' | awk '{ print tolower($1); }; ' | sort -n | grep
-v .local | uniq > /etc/exim4/validEmailAddresses.NEW
}

case "$1" in
    showchanges)
        touch /etc/exim4/validEmailAddresses
        get_ldap_mailaddresses
        if ((cat /etc/exim4/validEmailAddresses | fgrep -v -f 
/etc/exim4/validEmailAddresses.NEW > /dev/null) || \
            (cat /etc/exim4/validEmailAddresses.NEW | fgrep -v -f 
/etc/exim4/validEmailAddresses > /dev/null))
        then
                echo "-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
=-=-=-=-=-=-=-=-=-="
                echo "  Email addresses waiting to be removed from `hostname -
f` exim DBM file:"
                echo "-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
=-=-=-=-=-=-=-=-=-="
                cat /etc/exim4/validEmailAddresses | fgrep -v -f 
/etc/exim4/validEmailAddresses.NEW
                echo
                echo "-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
=-=-=-=-=-=-=-=-=-="
                echo "  Email addresses waiting to be added to `hostname -f` 
exim DBM file:"
                echo "-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
=-=-=-=-=-=-=-=-=-="
                cat /etc/exim4/validEmailAddresses.NEW | fgrep -v -f 
/etc/exim4/validEmailAddresses
        fi
#       diff /etc/exim4/validEmailAddresses /etc/exim4/validEmailAddresses.NEW 

| grep [\>\<]

    ;;


    check-dups)
        get_ldap_mailaddresses
        cat /etc/exim4/validEmailAddresses.NEW | sort | uniq -id || echo 
"ERROR: something bad just happened while checking for duplicate addresses"
    ;;


    simulate-builddb)
        get_ldap_mailaddresses
        echo "Simulating exim users DB build"
        exim_dbmbuild /etc/exim4/validEmailAddresses.NEW 
/etc/exim4/validEmailAddresses_temp.dbm || echo "ERROR: could not simulate 
database build"
        rm /etc/exim4/validEmailAddresses_temp.dbm || echo "ERROR: could not 
remove temporary database file"
    ;;


    builddb)
        get_ldap_mailaddresses
        exim_dbmbuild /etc/exim4/validEmailAddresses.NEW 
/etc/exim4/validEmailAddresses.dbm || echo "WARNING: there were problems while 
building the database"
        cp /etc/exim4/validEmailAddresses.NEW /etc/exim4/validEmailAddresses 

|| echo "ERROR: could not update the /etc/exim4/validEmailAddresses file"

        #echo "The email database script on `hostname -f` ran successfully" | 
mail -s "`hostname -f` - email list updated" hickey@???


    ;;


    usercount)
        get_ldap_mailaddresses
        echo -n "Current email users number count: "
        cat /etc/exim4/validEmailAddresses | wc -l
        echo -n "New email users number count: "
        cat /etc/exim4/validEmailAddresses.NEW | wc -l
    ;;
    view)
        get_ldap_mailaddresses
        echo -n "Current email users : "
        cat /etc/exim4/validEmailAddresses
   ;;


    *)
        echo "Usage: /usr/local/sbin/validEmailAddresses {showchanges|check-
dups|builddb|simulate-builddb|usercount|view}" >&2
        exit 1
    ;;




esac

exit 0






The ACL to check for valid recipients is

acl_check_rcpt:
  deny
    log_message = Recipient Verification Failed
    message = local error
    condition = 
${lookup{$local_part@$domain}dbm{CONFDIR/validEmailAddresses.dbm} {no} {yes} }