Re: mail validation for multiple active directory domains [ldap_routing]

jk04 <jk04@xxxxxxxxxxxx> wrote:
We have set up a testbed with a linux server running sendmail-8.13.8-2
acting as a mail hub and a windows server 2003 running exchange. The
idea is that all outgoing mail messages to the windows server are
received by the linux server which then forward them to the windows
server only if the recipients have valid accounts.

Using the available howtos[1] I have already configured sendmail to
check the windows active directory and the setup works as expected.


FEATURE(`ldap_routing',null, `ldap -1 -T<TMPF> -v mail -k
proxyAddresses=SMTP:%0',`bounce')
LDAPROUTE_DOMAIN(`testdomain1.local')
define(`confLDAP_DEFAULT_SPEC', `-H "ldap://testdomain1.local"; -b
"cn=users,dc=testdomain1,dc=local" -d
"cn=sendmail,cn=users,dc=testdomain1,dc=local" -M simple -P /etc/mail/
win-passwd')


Now we are adding a second windows server to the testbed. The new
server will be having diffrent domain (testdomain2.local) and users.
However it seems to me that sendmail checks only a single windows
server as the default ldap configuration (confLDAP_DEFAULT_SPEC) is
domain-dependent. Is there a way to make sendmail check a particular
windows servers based on recipient's domain?

Regards
Jamshid

[1] HOWTO: Looking up recipients before relaying in an exchange active
directory with your linux sendmail and ldap

Sendmail-8.14.0 added support for expanding %1 - %9 in LDAP queries
(replies has been expanded earlier). *Simple* cf/m4/proto.m4 patch of
ldap_routing implementation would allow to use %1 as recipient's domain
in ldap_routing queries [no need to recompile binaries].

<quote src="RELEASE_NOTES">
8.14.0/8.14.0 2007/01/31
New option -K for LDAP maps to replace %1 through %9 in the
lookup key with the LDAP escaped contents of the
arguments specified in the map lookup. Loosely based
on patch from Wolfgang Hottgenroth.
</quote>

Earlier sendamail versions would require more "messy" patching of files
used to generate sendamil.cf.

--
[pl>en Andrew] Andrzej Adam Filip : anfi@xxxxxxx : anfi@xxxxxxxx
Open-Sendmail: http://open-sendmail.sourceforge.net/
The typewriting machine, when played with expression, is no more
annoying than the piano when played by a sister or near relation.
-- Oscar Wilde
.

Relevant Pages

  • Re: upgrading file/print clusters
    ... We're running Exchange 2003 on the new clusters. ... Check out the Print Server migration toolkit on microsoft.com. ... >> Windows 2000 Advanced Server to new hardware and Windows Server 2003. ...
    (microsoft.public.windows.server.clustering)
  • Re: format of service principal name (SPN)
    ... I can't speak to DsWriteAccountSpn. ... I justed used my own admod (simple LDAP mod tool) to set an SPN with spaces in both the service name and service class. ... Joe Richards Microsoft MVP Windows Server Directory Services ...
    (microsoft.public.windows.server.security)
  • RE: DC migrated from NT4 to 2003: cannot LDAP top level search dc=
    ... Unified Messaging ... As far as I know within the tool LDAP V2 is used, ... > more about the error you mentioned in an upgraded Windows Server 2003 ... > the flash installed Windows Server 2003 system, it should be no problem to ...
    (microsoft.public.windows.server.migration)
  • Printing Issue Not Sure If This Is The Best Place To Post This
    ... I'm posting this here to see if any of you guys have come across this ... There is an SBS 2003 DC at site A and on Site B there is Windows Server 2003 ... Standard also a DC running Exchange. ... Both sites are running identical versions of PowerPoint, ...
    (microsoft.public.windows.server.sbs)
  • Re: KB 822820
    ... > I have recently upgraded to Windows server 2003 as a DC which is also ... > running exchange 2003. ... > totally unresponsive and I have to do a restart. ... > hotfix for this you have to contact microsoft and pay to speak to a support ...
    (microsoft.public.windows.server.general)