ietf-smtp
[Top] [All Lists]

Re: Mail Routing and LDAP

1998-03-14 02:41:33

Various people have implemented various approaches for LDAP-based
Routing of SMTP Messages. At least three are commonly known:
 
  1. UMich's approach (implemented in the "mail500" mailer)
  2. Netscape's approach (implemented in the Netscape MTA)
  3. Stanford's approach (implemented in Sendmail 8.8.X)

There will be a generic ldap: lookup mechanism in the next major
release of exim (currently available for testing).

It allows ldap to be used for any data lookup by specifying a standard
LDAP URL. There are two different search modes available. One for
use when you expect a single entry to be returned and multiple entries
are an error (although it permits multiple values from a single entry).
And a second that allows for multiple entries (each with multiple values).

Exim supports various lookup mechanism's, flat file, dbm, db, NIS, NIS+
and now LDAP. For the most part any lookup type can be used wherever
a lookup can be specified. So for example spam filter lists, host relay
control lists, and many other configuration items could be brought in
via LDAP.

The following exim router configuration will utilize ldap to search for
a user with a mail attribute and then use the mailforwardingattribute
to determine what to do with it (using the older Netscape mailrecipient
definition).

  virtual_fireplug_net_aliasfile_ldap:
    condition = "${if match{$self_hostname}{virtual..fireplug.net}{$domain}}"
    driver = aliasfile;
    search_type = ldap,
    expand,
    errors_to = sl(_at_)whiskey(_dot_)poste(_dot_)com
    queries = 
"ldap:://wilt.fireplug.net/?mailforwardingaddress?sub?(&(mail=$local_part(_at_)$domain)(ou=accounts)):\
                       
ldap:://wilt.fireplug.net/?mailforwardingaddress?sub?(&(mail=\\\\2a(_at_)$domain)(ou=accounts))"

This is in use here using the older Netscape definition for mailrecipient.
I'll have to re-deploy and try out the newer version of mailrecipient
and which probably means just converting to MailRoutingAddress and
adding provision for the mailHost attribute (which I currently don't
use).

I've been trying variations on the Netscape approach for the last six
months or so. I'm basically happy with the it. 

-- 
Stuart Lynne <sl(_at_)poste(_dot_)com>      604-916-4741      
<http://www.poste.com>
PGP Fingerprint: 28 E2 A0 15 99 62 9A 00  88 EC A3 EE 2D 1C 15 68

<Prev in Thread] Current Thread [Next in Thread>