[Mimedefang] Custom Configuration

[Kevin A. McGrail]

----- Excerpt from Original Message ----- 
From: "Yang Xiao" <yxiao2004 at gmail.com>

> I took a rough look at the script, I wonder how should I modify it to
> work with our AD LDAP, something like this?
>
> our $filter  ="(&(proxyAddresses=smtp:$recipient))")
>
> the reason being we have 2 domains and each user are allowed two forms
> of email address in each domain, FLast at domain.com,
> First.Last at domain.com, and they are stored in the proxyAddresses.

Ying,

I'll bow out of the MD / Amavis / Sendmail questions as that's not related
to the access generation and looks too complex to solve via email but the
default query in adexport.pl will pull out all smtp addresses that are valid
on a AD (Windows 2000) server

Let's say your AD server is at 192.168.0.100, your AD Domain is
yourdomain.com (not necessarily relevant to your internet domain) change the
adexport.pl constants to something like:

our $bind    = 'cn=administrator,cn=users,dc=yourdomain,dc=com';  # AD
account
our $passwd  = 'your admin password';                                 # AD
password
our $base    = 'dc=yourdomain,dc=com';                           # Start
from root
our @servers = qw( 192.168.0.100 );
our $filter  = '(|(objectClass=publicFolder)(&(sAMAccountName=*)(mail=*)))';

Get it to work using your administrator account and then tighten up the
script to use the lowest permission account you can that can read the AD.

If you are using what I will refer to as a "real" LDAP server rather than
Windows 2000 Server, you are on your own.  I've typically implemented this
as a method to extend valid exchange email address to the edge of the
network.  I know with Exchange 2003, you can configure it to use MD's check
against SMTP feature but I would still use this technique as it is pure
sendmail and very fast.

Regards,
KAM