Pkg exim4 users - Apr 2005 - please review this short doc (exim4, ldap)

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enigFCA0D6934AA0DCD2386F83B1
Content-Type: text/plain; charset=ISO-8859-15; format=flowed
Content-Transfer-Encoding: 7bit

Hi folks,

I use the gosa package which is a neat LDAP frontend for user
management.  I would like to contribute a short doc for the gosa
package, how to integrate this management tool into Exim.  Before I send
this to the gosa maintainer, would you like to review this?  Especially
these point are interesting:

1.) One of the kind guys at exim-users@exim.org gave me a template for
my gosa_forwarding router and included the allow_defer option, but I
don''t know *exactly* what this is doing.  This option is included in
the
system_aliases router which is shipped by the debian package as well
which seem to be analogue.  Does this option mean, that I can specify an
value ":defer:" instead of an address so the message will be defered
once!? What''s the intention?

2.) Is the ldap_quoting correct?  Is there another quote necessary?

3.) I am unconfident with the syntax of the third search command below,
which uses the mail attribute instead of the uid attribute.

TIA,
Wollie

Here we go:

Some of the email features of GOsa are implemented with sieve script, so
there is only the mail forwarding and the alternate addresses left which
have to be configured into your MTA.

I use these two routers below in Exim4.  Their definition must be placed
in the "routers" section just before the "local_user" router
(the order
of routers matters).  If you are using the split config file scheme of
Debian (which I recommend) and the default exim4-config package, then
just put these two snippets into files, name them
"850_exim4-gosa_aliases" respective
"870_exim4-gosa_forwarding" and move
them to "/etc/exim4/conf.d/router/", invoke
"update-exim4.conf" and
reload Exim''s config with "invoke-rc.d exim4 reload".

### router/850_exim4-gosa_aliases
#################################

gosa_aliases:
  debug_print = "R: gosa_aliases for $local_part@$domain"
  driver = redirect
  data = \
    ${lookup ldapm { \

ldap://localhost/dc=example,dc=com?mail?sub?(gosaMailAlternateAddress=${quote_ldap:${local_part}@${domain}})
\
      } \
    }

### router/870_exim4-gosa_forwarding
#################################
gosa_forwarding:
 debug_print = "R: gosa_forwarding for $local_part@$domain"
 driver = redirect
 allow_defer
 unseen
 data = \
 ${lookup ldapm { \

ldap://localhost/dc=example,dc=com?gosaMailForwardingAddress?sub?(uid=${quote_ldap:${local_part}})
\
   } \
 }

The "ldapm" lookup type gives back multiple values if defined in your
LDAP tree. So if you specify more than one forwarding or alternate
address, they are all used.  My gosa_forwarding relies on the assumption
that every user has the canonical mail address of the format
%uid@example.com.  If your scheme is different, you might use a more
generic search command instead like
(mail=${quote_ldap:${local_part}@${domain}}).

The "unseen" option at the forwarding router says, that every message
that get redirected there will be handed to the following routers (i.e.
local_user) as well.  That means if you want a forwarding only mail
address, you have to check "no delivery to local mailbox" in the GOsa
interface. Then, during local delivery, that copy of the mail will be
discarded by the sieve filter.

See the exim specification (package exim4-doc), section 9, "File and
database lookups" for more information.

Hasta luego,
Wollie


--------------enigFCA0D6934AA0DCD2386F83B1
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFCV/Acm4EW9pCk3sARAj88AKCGdbGQKQlZTVBWganairXQHt/KegCeMdAO
uICyTn1ruXadLTj02SORwew=2vIo
-----END PGP SIGNATURE-----

--------------enigFCA0D6934AA0DCD2386F83B1--

Hi,

On Sat, Apr 09, 2005 at 05:09:11PM +0200, Wolfgang Kohnen
wrote:
> I use the gosa package which is a neat LDAP frontend for user
> management.  I would like to contribute a short doc for the gosa
> package, how to integrate this management tool into Exim.  Before I send
> this to the gosa maintainer, would you like to review this?
I can review it, but as I am not using LDAP at all, I cannot comment
on the technical parts of the document.
> 1.) One of the kind guys at exim-users@exim.org gave me a template for
> my gosa_forwarding router and included the allow_defer option, but I
> don''t know *exactly* what this is doing.  This option is included
in the
> system_aliases router which is shipped by the debian package as well
> which seem to be analogue.  Does this option mean, that I can specify an
> value ":defer:" instead of an address so the message will be
defered
> once!?
allow_defer             Use: redirect   Type: boolean    Default: false

    Setting this option allows the use of :defer: in non-filter redirection
    data, or the "defer" command in an Exim filter file.
> What''s the intention?
allow_defer has always been part of the system_aliases router. I have
used it to defer delivery to accounts while maintenance work was done
on the account''s mailboxes.
> 2.) Is the ldap_quoting correct?  Is there another quote necessary?
> 
> 3.) I am unconfident with the syntax of the third search command below,
> which uses the mail attribute instead of the uid attribute.
I cannot comment about that, sorry.
> I use these two routers below in Exim4.  Their definition must be placed
> in the "routers" section just before the "local_user"
router (the order
> of routers matters).  If you are using the split config file scheme of
> Debian (which I recommend) and the default exim4-config package, then
> just put these two snippets into files, name them
> "850_exim4-gosa_aliases" respective
"870_exim4-gosa_forwarding" and move
> them to "/etc/exim4/conf.d/router/", invoke
"update-exim4.conf" and
> reload Exim''s config with "invoke-rc.d exim4 reload".
invoke-rc.d exim4 reload will call update-exim4.conf, so calling it
explicitly is redundant.

Greetings
Marc

-- 
-----------------------------------------------------------------------------
Marc Haber         | "I don''t trust Computers. They | Mailadresse
im Header
Mannheim, Germany  |  lose things."    Winona Ryder | Fon: *49 621 72739834
Nordisch by Nature |  How to make an American Quilt | Fax: *49 621 72739835