On Mon, Nov 17, 2014 at 12:17:23AM +0100, Heiko Schlittermann wrote:
> Validation via LDAP/AD imposes several problems, I think.
>
> - The backend might have policies based on the sender.
Possible, but rare.
> - Unterstanding the AD structure of the Exchange (Forwardings,
> Aliases, Groups, ?) is probably not straight forward ?
Actually it is rather simple, I've used this for a decade:
query_filter = proxyAddresses=smtp:%s
result_attribute = mail
> - The owner of the AD might have reasons not to expose the
> directory or parts of it to the front-end gateway.
They can always expose a slave copy.
--
Viktor.
