Chris Shenton wrote:
>
> Our current mail system here uses sendmail interfaced to X.500 to
> deliver mail to unique usernames as well as CommonName variants, e.g.,
>
> [EMAIL PROTECTED]
> [EMAIL PROTECTED]
> Christopher.S.Shenton @hq.nasa.gov
>
> I'm working to replace this with qmail-ldap and missing one feature we
> now have which our users and correspondents rely upon.
Are the CommonName variants stored as such in the X.500 or LDAP
directory? Or do you put every possible combination into 'mail' and
'alternateMailAddress' fields in the ldap entry?
I can imagine some ways to handle this. Some more complex than others.
Probably the best way to handle such a situation is to make an account
'[EMAIL PROTECTED]' which will catch all email to unknown users.
It could then do a program delivery with an expanded lookup with
extented attributes.
Is such a reply generated every time when not the unique email address
is used? Or is it delivering with all the variants if there is no
conflict?
For this variant some sort of alias user should be invoked when search
hits > 1. Then same story with program delivery and extended lookup.
Hmm... Should be not too hard to put a such a handler into qmail-ldap.
Will have look at that tomorrow with Claudio. Would be helpful if you
could answer the questions until then.
--
Andre
> If you send mail to an ambiguous address, like "[EMAIL PROTECTED]",
> the mail-X.500 gateway notices it gets multiple hits and replies with
> a bounce message indicating likely targets:
>
> From: [EMAIL PROTECTED]
> Subject: undeliverable mail
> To: [EMAIL PROTECTED]
> Date: Mon, 29 Sep 2003 17:29:21 -0400 (EDT)
>
> The following errors occurred when trying to deliver the attached mail:
>
> smith: Ambiguous user. First 10 matches found:
>
> Brian C Smith-1 Education Specialist
> Jonathan H Smith-1 Senior Consultant
> Eric P Smith-1 Program Scientist
> Dennis Smith-1
> Timothy Smith-1 Cmptg.Syst.Program Analyst 3 (Media)
> Vickie Smith-1 Secretary
> Mark Allen Smith-1 Criminal Investigator
> Robert N Smith-1 HQ IFMP Manager
> Barbara J Smith-1
> Margaret Patricia Smith-1 Trip Coordinator to Administrator
>
> When qmail-ldap finds an ambiguous address, it replies with a bounce
> but doesn't provide any helpful information; you can't tell whether
> there's no likely recipient or there are multiple likely recipients.
> Below, I've intentionally created a near-duplicate entry with same
> mailAlternateAddress -- similar to what our X.500 system might
> encounter from ambiguous CommonNames:
>
> From: [EMAIL PROTECTED]
> Subject: failure notice
> To: [EMAIL PROTECTED]
> Date: 29 Sep 2003 21:35:44 -0000
>
> Hi. This is the qmail-send program at saddam.saic.hq.nasa.gov.
> I'm afraid I wasn't able to deliver your message to the following addresses.
> This is a permanent error; I've given up. Sorry it didn't work out.
> [custombouncetext] Message bounced; contact [EMAIL PROTECTED]
>
> <[EMAIL PROTECTED]>:
> Sorry, no mailbox here by that name. (#5.1.1)
>
> --- Below this line is a copy of the message.
> [...]
>
>
> I'm not sure but I believe this is initiated in qldap-ldaplib.c in
> qldap_lookup():
>
> int qldap_lookup(searchinfo *search, char **attrs, userinfo *info,
> extrainfo *extra)
> /* searches a db entry as specified in search, and fills up info and extra with
> * the coresponding db entries or NULL if not available.
> * Returns 0 if a entry was found, 1 if more than one or no corresponding entry
> * was found. On error it returns -1 and sets the appropriate qldap_errno. */
>
> Later in the function:
>
> /* count the results, we must have exactly one */
> if ( (num_entries = ldap_count_entries(ld,msg)) != 1) {
> log(64, "qldap_lookup: Too many (less) entries found (%i)\n",
> num_entries);
> if ( num_entries )
> qldap_errno = LDAP_COUNT;
> else
> qldap_errno = LDAP_NOSUCH;
> return -1;
> }
>
> So it doesn't distinguish between "not found" and "multiple found".
>
> If I'm reading it right, this is called when trying to deliver mail by
> qmail-lspawn.c in qldap_get():
>
> /* do the search for the email address */
> ret = qldap_lookup(&search, attrs, &info, extra);
>
> if ( ret == 0 || i == 0 ) break; /* something found or nothing found */
>
> I'm unlikely to get approval to deploy this system here unless I can
> replicate the current functionality. Can anyone suggest how I might
> be able to bounce with a "helpful" message for ambiguous usernames?
>
> Many thanks.
