Sendmail LDAP verification questions [Sendmail]

Prev: Unable to receive mails on the solaris server
Next: how to restrict 500 messages not to go in mqueue

From: Erich Titl on 1 Dec 2009 10:21

From: Erich Titl on 1 Dec 2009 10:34

Rich Gomes wrote:
> Ok, here are my results if I coment out the HACK lines and only have
> the 3 I mentioned in the .mc file:
>
> Groups can now be queried without hard-coding the Expansion Server in
> Exchange
> HOWEVER: Only the Primary SMTP address can be queried, not any
> additional SMTP addresses.

Then the query must be adapted to your needs. We are using the
proxyAddresses=smtp:%0 syntax and this works with multiple addresses.

>
> Users addresses all show up as valid and deliverable, even the
> purposely invalid ones.

How are they invalidated? If a query returns something in the mail
attribute for a given 'proxyAddresses=smtp:foo(a)bar.com' query, then the
destination is valid.

cheers

Erich

From: Rich Gomes on 1 Dec 2009 14:44

On Dec 1, 10:34 am, Erich Titl <erich.t...(a)think.ch> wrote:
> Rich Gomes wrote:
> > Ok, here are my results if I coment out the HACK lines and only have
> > the 3 I mentioned in the .mc file:
>
> > Groups can now be queried without hard-coding the Expansion Server in
> > Exchange
> > HOWEVER: Only the Primary SMTP address can be queried, not any
> > additional SMTP addresses.
>
> Then the query must be adapted to your needs. We are using the
> proxyAddresses=smtp:%0 syntax and this works with multiple addresses.

proxyAddresses attribute contains all the smtp aliases fro the group,
however, the query only seems to look for what is in the 'mail'
attribute (the primary SMTP alias)

>
> > Users addresses all show up as valid and deliverable, even the
> > purposely invalid ones.
>
> How are they invalidated? If a query returns something in the mail
> attribute for a given 'proxyAddresses=smtp:f...(a)bar.com' query, then the
> destination is valid.

Thats's the issue, they're not being invalidated. Known bad addresses
show up as deliverable.

The orignal HACK that I posted worked great with user addresses, just
not groups. How can I get the HACK version to query groups?

Rich

From: Erich Titl on 2 Dec 2009 03:01

Rich Gomes wrote:
> On Dec 1, 10:34 am, Erich Titl <erich.t...(a)think.ch> wrote:
>> Rich Gomes wrote:
>>> Ok, here are my results if I coment out the HACK lines and only have
>>> the 3 I mentioned in the .mc file:
>>> Groups can now be queried without hard-coding the Expansion Server in
>>> Exchange
>>> HOWEVER: Only the Primary SMTP address can be queried, not any
>>> additional SMTP addresses.
>> Then the query must be adapted to your needs. We are using the
>> proxyAddresses=smtp:%0 syntax and this works with multiple addresses.
>
> proxyAddresses attribute contains all the smtp aliases fro the group,
> however, the query only seems to look for what is in the 'mail'
> attribute (the primary SMTP alias)

No, the mail attribute is used as forwarding address. It only makes
limited sense to have more than one one forwarding address peer user. If
you need to distribute the mail to groups, then use a group address to
forward to.

>
>>> Users addresses all show up as valid and deliverable, even the
>>> purposely invalid ones.
>> How are they invalidated? If a query returns something in the mail
>> attribute for a given 'proxyAddresses=smtp:f...(a)bar.com' query, then the
>> destination is valid.
>
> Thats's the issue, they're not being invalidated. Known bad addresses
> show up as deliverable.

Somehow you will neet to mark them as invalid, else the LDAP query will
return something. What is the reason to keep invalid addresses in your AD?

>
>
> The orignal HACK that I posted worked great with user addresses, just
> not groups. How can I get the HACK version to query groups?

You can analyze the HACK and see what query is used.

cheers

Erich

First | Prev |
Pages: 1 2 3 4 5
Prev: Unable to receive mails on the solaris server
Next: how to restrict 500 messages not to go in mqueue