[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: SENDMAIL and mail500 delivery agent
My organization has thousands of users. In an attempt to make management
of user accounts easier I have been assigned with creating an LDAP directory
service
for our relay mail server(mail hub).
I want to register all user accouts on the LDAP server which the
relay mail server(mail hub) will look up for email routing to our three mail
servers.
**That is, the mail hub will refer to LDAP to know to which
mail host(mail server) it should relay the mail for a particular user** WHICH
AT THE SAME
TIME OFFERS A SECURITY FUNCTION AS MAIL SENT TO OR FROM A USER
NOT REGISTERED ON THE LDAP SERVER WILL NOT BE RELAYED THE MAIL BY THE
MAIL HUB** (Below is a basic diagram)
Upon reading the Man pages for mail500 I need to write a base array which
corresponds my LDAP. HOWEVER, MY FIRST QUESTION IS
WHAT OBJECT CLASSES AND ATTRIBUTES DO I USE IN LDAP TO CONTAIN
THE EMAIL ADDRESS AND MAIL SERVER OF USERS?
At first, I thought I should use the "inetOrgPerson" objectclass as it has an
optional "mail" attribute and I thought that putting users of server1 as one
ou, and
users of server2 under another ou. However, I am confused because the
example in the man page of mail500 does not use the mail attribute, it uses
"uid" and "cn".
Then again, there is a "rfc822mailbox" which talks about maildrop and
........!
Please guide me in what I should do! Is mail500 the best option here? and
how do I set up my LDAP objectclasses and attributes.
Thanks so very much for all your replies ...........I look forward to many
more!!
See ya,
Kristina
Internet
│
│
↓
┌───┐ ┌───┐
│ │ │ │
│ │<-------> │ │
│ │ │ │
└───┘ └───┘
LDAP Server Mail Hub for Entire Domain(domain.com)
(relays mail for user@server1.domain.com etc to
the appropriate server. This case, server1
│
│
↓
Mail Server 1 or Mail Server2 or MailServ
er3
The end****
At 08:14 99/11/04 -0800, you wrote:
> At 04:17 PM 11/4/99 +0900, Kristina wrote:
> >
> >I was just wondering if I need to recompile Sendmail 8.9.3 to be
> >able to use the mail500 delivery agent.
>
> No. mail500 is a add-on. It provides additional handling not
> offerred by sendmail integrated LDAP code.
>
> mail500 understands a messaging schema and uses directory
> information conforming to this schema to provide services beyond
> simple mapping. It knows, for example, that members of a group
> may be specified by DN and that it must fetch the e-mail address
> from member entries.
>
> Though mail500 is not for everyone, it does provide
> functionality not found in so-called LDAP-aware MTAs (including
> sendmail w/ integrated LDAP support). These MTAs tend to only
> provide basic mapping services based upon simple ldap searches.
>
> The significant drawback to mail500 is that it is not integrated
> into the MTA. The means that it must resubmit messages back to
> the MTA.
>
> >Also, how do I configure
> >OpenLDAP to use the mail500 delivery agent?
>
> In OpenLDAP 1.2, mail500 is configured (primarily) by modifying
> the actual code and recompiling. This could be considerred by
> some an additional drawback.
>
> In the long term, we hope that such capabilities will integrated
> directly into MTAs (sendmail or others). I am still looking for
> a quality, open-source Directory-enabled MTA. A directory-enabled
> MTA would be able to utilize information conforming to a
> sophisticated messaging schema. (Again, most open source MTAs are
> only "LDAP-aware", that is, they can only use LDAP to do simple
> mappings).
>
> Kurt
>
>
>
> ----
> Kurt D. Zeilenga <kurt@boolean.net>
> Net Boolean Incorporated <http://www.boolean.net/>
>