On Fri, 12 Nov 2004 09:48:02 -0500, Kevin A. McGrail <[EMAIL PROTECTED]> wrote: > Aleksander is exactly right but I would do one thing differently. I use the > code/idea that Brian Landers wrote to create an access file for sendmail for > the LDAP work. We enhanced it and it's very stable and in place on multiple > servers now for almost a year. > > http://www.peregrinehw.com/downloads/ldap/ > > Basics behind it are to connect to an LDAP server every five minutes and > generate an access.db file that can sendmail can use to deny recipients > without calling a milter, etc.
I took a rough look at the script, I wonder how should I modify it to work with our AD LDAP, something like this? our $filter ="(&(proxyAddresses=smtp:$recipient))") the reason being we have 2 domains and each user are allowed two forms of email address in each domain, [EMAIL PROTECTED], [EMAIL PROTECTED], and they are stored in the proxyAddresses. part of my sendmail-rx.mc file : ---BEGIN dnl define(`confRUN_AS_USER',`smmsp:smmsp')dnl Drop privileges (see SECURITY NOTE) define(`confPID_FILE', `/var/run/sendmail-rx.pid')dnl Non-default pid file define(`STATUS_FILE', `/etc/mail/stat-rx')dnl Non-default stat file define(`QUEUE_DIR', `/var/spool/mqueue-rx')dnl Non-default queue area define(`confQUEUE_SORT_ORDER',`Modification')dnl Modif or Random are reasonable dnl Match the number of queue runners (R=) to the number of amavisd-new child dnl processes ($max_servers). 2 to 7 OK, 10 is plenty, 20 is too many QUEUE_GROUP(`mqueue', `P=/var/spool/mqueue-rx, R=2, F=f')dnl dnl Direct all mail to be forwarded to amavisd-new at 127.0.0.1:10024 FEATURE(stickyhost)dnl Keep envelope addr "[EMAIL PROTECTED]" when fwd to MAIL_HUB define(`MAIL_HUB', `esmtp:[127.0.0.1]')dnl Forward all local mail to amavisd define(`SMART_HOST',`esmtp:[127.0.0.1]')dnl Forward all other mail to amavisd define(`confDELIVERY_MODE',`q')dnl Delivery mode: queue only (a must, dnl ... otherwise the advantage of this setup of being able to specify dnl ... the number of queue runners is lost) define(`ESMTP_MAILER_ARGS',`TCP $h 10024')dnl To tcp port 10024 instead of 25 MODIFY_MAILER_FLAGS(`ESMTP', `+z')dnl Speak LMTP (this is optional) define(`SMTP_MAILER_MAXMSGS',`10')dnl Max no. of msgs in a single connection define(`confTO_DATAFINAL',`20m')dnl 20 minute timeout for content checking define(`confSMTP_LOGIN_MSG', `Howdie v4.12 $d')dnl Fake ESMTP Server Message define(`HELP_FILE',`/etc/nohelp')dnl Disable Help command totally DAEMON_OPTIONS(`Name=MTA-RX')dnl Daemon name used in logged messages dnl .... MIMEDefang Milter Definitions INPUT_MAIL_FILTER(`mimedefang', `S=unix:/var/spool/MIMEDefang/mimedefang.sock, F=T, T=S:360s;R:360s;E:15m') define(`confINPUT_MAIL_FILTERS', `mimedefang') dnl Disable local delivery, as all local mail will go to MAIL_HUB undefine(`ALIAS_FILE')dnl No aliases file, all local mail goes to MAIL_HUB define(`confFORWARD_PATH')dnl Empty search path for .forward files undefine(`UUCP_RELAY')dnl undefine(`BITNET_RELAY')dnl undefine(`DECNET_RELAY')dnl MAILER(smtp) ---- END I had to commend out runas smmsp or mimedefang won't be able to access the queue, everything works fine until DATA, it looks like mimedefang just dies when trying to write the queue. Many thanks, Yang _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang