|
VAMsoft has indicated on their newsgroup that they consider supporting
non-AD LDAP validation. It has been requested several times
after they introduced the AD synch and VAMsoft has been very responsive to
customer requests in the past.
(If
Sandy's idea was to EXPORT the user and alias and import it into LDAP (or Active
Directory), then, yes, that could be workable way. However he was very specific
in saying "if you use IMail's NT integration"
and that would be the feature where you make all your users
NT users (or AD users).)
Best
Regards
Andy Schmidt
H&M Systems Software, Inc.
600 East Crescent
Avenue, Suite 203
Upper Saddle River, NJ 07458-1846
Phone: +1 201 934-3414 x20
(Business)
Fax: +1 201 934-9206
http://www.HM-Software.com/
Andy,
I think
what he meant was that you would import the data from IMail into AD.
IMail would still use it's own methods for storing and accessing account
information, but ORF would make use of the AD stuff that you exported to
it.
Personally, I don't use AD on my server because it doesn't seem to
offer me anything of value and adds complexity. The server is a
stand-alone box, and from a security standpoint, I believe it is best for it
to remain that way.
I'm asking my buddy to look into this. We
certainly wouldn't come out with something that did RBL scanning (DNSBL if
Scott's listening :) ), but I'm pretty sure we could get this to make use of a
text file dump fairly easily. ORF was written for an Exchange
environment and it might be easier to write something more appropriate for
ours. If Vamsoft came out with a different tool, then I would be all for
giving them money instead.
Matt
Andy Schmidt wrote:
Hi Sandy:
It's no-brainer if you use IMail's NT integration on an AD DC. <<
I don't want to reinvent the wheel, so I'm trying to research this by
reading the Imail 8 manual. It doesn't reference AD directly (only the NT
User setup and that you have to run on a DC). So before I invest time and
play around with it, I have three "no-brainer" questions, which I could not
answer myself:
- It says that you can't use the Imail "Explorer" to manage accounts (users,
aliases, etc.) - does that imply that my clients wouldn't be able to use
WebMail to add/administer their own mailboxes either?
- Does the AD only store "Users" (mailboxes) - or also "Alias" (e.g., simple
alias, group alias, program alias, etc.)? If not, then how do you
accomplish using the AD information to verify "valid" RCTP TO information?
A good portion of the email we process is addressed to an alias!?
- Does the Imail/NT/AD integration support (multiple) virtual domains
(ip-less) - or will it only create users for the AD domain name?
Accordingly, how will it know that two mailboxes and/or aliases by the same
name, but on two different mail domains, should be kept as two different
entities in AD?
Best Regards
Andy Schmidt
H&M Systems Software, Inc.
600 East Crescent Avenue, Suite 203
Upper Saddle River, NJ 07458-1846
Phone: +1 201 934-3414 x20 (Business)
Fax: +1 201 934-9206
http://www.HM-Software.com/
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]] On Behalf Of Sanford Whiteman
Sent: Monday, February 09, 2004 03:47 PM
To: Andy Schmidt
Subject: Re[2]: [Declude.JunkMail] [Declude.Junkmail] MS SMTP LDAP Routing
I would seriously consider funding some of the development for an
IMAIL/LDAP lookup event sink as it would help my SMTP server to
"disconnect" on dictionary attacks.
I already use ORF to reject at the envelope using LDAP lookups and
really have no need for any other intermediary. It's no-brainer if you use
IMail's NT integration on an AD DC. All you need to do is add the Exchange
schema extensions to the AD domain, since ORF is expecting the extended
schema--you don't have to install or purchase Exchange itself. You can
run the ORF queries against any server in the domain (which doesn't have
to be the same as your primary domain), meaning that you can scale out
from hitting the mailbox server directly to hitting dedicated AD DCs that
only service such MX lookups.
Building anything designed to interact with IMail's own ILDAP daemon is a
very bad move, as the service is barely functional, compliant, or stable.
AD's LDAP services, on the other hand, are mature and resilient.
The other options that involve local text files would certainly work, but
performance under load could not exceed that of indexed LDAP lookups.
--Sandy
------------------------------------
Sanford Whiteman, Chief Technologist
Broadleaf Systems, a division of
Cypress Integrated Systems, Inc.
e-mail: [EMAIL PROTECTED]
SpamAssassin plugs into Declude!
http://www.mailmage.com/download/software/freeutils/SPAMC32/Release/
---
[This E-mail was scanned for viruses by Declude Virus
(http://www.declude.com)]
---
This E-mail came from the Declude.JunkMail mailing list. To unsubscribe,
just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe
Declude.JunkMail". The archives can be found at
http://www.mail-archive.com.
---
[This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)]
---
This E-mail came from the Declude.JunkMail mailing list. To
unsubscribe, just send an E-mail to [EMAIL PROTECTED], and
type "unsubscribe Declude.JunkMail". The archives can be found
at http://www.mail-archive.com.
--
=====================================================
MailPure custom filters for Declude JunkMail Pro.
http://www.mailpure.com/software/
=====================================================
|
