[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

(semi-manual) smtp-policy.mx via LDAP


since I'm currently using LDAP to store, not only users, but also the 
local domains for which I accept mail, I need a way to tell smtpserver to 
accept messages for these domains.

Since my programming skills are far below what you may need to 
incorporate LDAP queries into smtpserver (and I don't even know if that'd 
be a good idea), I opted for a more pedestrian way... and edited the 
policy-builer.sh script so it reads a series of domains from somewhere in 
the LDAP directory.

Now, for a change, I did it in a way that might be useful for someone 
else, so I'm sending it in case someone is interested in it.

You'll need the ldapsearch client tool that is included with openldap, 
grep, cut and sed in your path (alright, if I remotely rememberd how, I 
could've managed to do it with awk... but since I started using perl, 
eons ago, I can't even remember how awk worked) )-:

You have to create an ldap configuration file in 
$MAILVAR/db/smtp-policy.ldap.mx filling in the following variables:

HOST= hostname or ip address of your ldap server (default=localhost)
PORT= port address of the LDAP service (default=389)
BINDDN= dn to bind to the server (you have to fill in this)
BINDPW= the above user's password (you also have to fill this in)
BASE= dn where to start the search
FILTER= LDAP filter to apply in the search (default = '(objectClass=*)' )
ATTR= LDAP attribute where the domain name will be returned
                          (default = associatedDomain)
SCOPE= scope of the search: sub/one/base (default=sub)

Here's an example $MAILVAR/db/smtp-policy.ldap.mx:
BASE="ou=Servicio mail domain,ou=Servicios,o=Pert Consultores"
BINDDN="cn=admin,ou=Servicios,o=Pert Consultores"

You then apply the attached patch to policy-builder.sh and run it, and 
you get your directory domains right into smtp-policy.db (you can browse 
smtp-policy.dat to verify everything looks like you want it).


Mariano Absatz
El Baby
Marriage is a fine institution - but I'm not ready for an institution.
      -- Mae West

--- bin/policy-builder.sh.ORI	Mon Feb  9 22:57:11 2004
+++ bin/policy-builder.sh	Mon Feb  9 23:55:27 2004
@@ -152,6 +152,44 @@
     awk '/^#/{next;} NF >= 1 {printf "%s = _relaytarget\n",$0;}'
+  if [ -f smtp-policy.ldap.mx ] ; then
+    # get LDAP configuration data
+    . smtp-policy.ldap.mx
+    echo "# --------------------"
+    echo "# smtp-policy.ldap.mx:"
+    if [ -z "$HOST" ] ; then
+      HOST=localhost
+    fi
+    if [ -z "$PORT" ] ; then
+      PORT=389
+    fi
+    if [ -z "$SCOPE" ] ; then
+      SCOPE=sub
+    fi
+    if [ -z "$FILTER" ] ; then
+      FILTER="(objectClass=*)"
+    fi
+    if [ -z "$BINDDN" ] ; then
+      echo '#!!!!!LDAP configuration error. Must specify $BINDDN'
+    fi
+    if [ -z "$BINDPW" ] ; then
+      echo '#!!!!!LDAP configuration error. Must specify $BINDPW'
+    fi
+    if [ -z "$BASE" ] ; then
+      echo '#!!!!!LDAP configuration error. Must specify $BASE'
+    fi
+    if [ -z "$ATTR" ] ; then
+      ATTR=associatedDomain
+    fi
+    if [ -z "$LDAPCONFERR" ] ; then
+      ldapsearch -x -h $HOST -p $PORT -D "$BINDDN" -w "$BINDPW" -b "$BASE" -s "$SCOPE" "$FILTER" $ATTR | \
+        grep -i ^$ATTR | cut -d' ' -f 2 |  sed -e 's/$/ = _relaytarget/'
+    fi
+  fi
   # smtp-policy.spam
   # (Lists users, and domains that are known spam sources)
   # (We use file from "http://www.webeasy.com:8080/spam/spam_download_table"