OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Re: canonical map via LDAP?
From: Keith Stevenson (k.stevensonlouisville.edu)
Date: Wed Mar 22 2000 - 12:02:20 CST

On Wed, Mar 22, 2000 at 05:27:26PM +0100, Julien Oster wrote:
>
> Yes, but how does this look like? I did not specify that postfix should use
> "mailacceptinggeneralid" and "maildrop" for the aliases, the documentation
> told me. However, it doesn't tell me how the attribute is called for the
> sender canonicals.
>
> Please don't misunderstand, I don't want to use a single LDAP object as the
> map, instead I want to specify how the sender should be canonified based on
> the attribute of each person's object.

Here are a subset of the ldap entries from my /etc/postfix/mail.cf file.

ldapoutgoing_search_base = O=University of Louisville, C=US
ldapoutgoing_query_filter = (pea=%s)
ldapoutgoing_result_attribute = nickname
ldapoutgoing_bind = no

ldapincoming_query_filter = (mail=%s)
ldapincoming_result_attribute = pea
ldapincoming_bind = no

These rules define two LDAP maps. The first, ldapoutgoing, does a search
for objects with a "pea" attribute equal to the email address being processed.
If an object is found, the map returns the value of the "nickname" attribute.

The second map, ldapincoming, does a search on the "mail" attribute and
returns the value of "pea".

In the address rewriting section I have:

recipient_canonical_maps = ldap:ldapincoming
sender_canonical_maps = ldap:ldapoutgoing

As you can see, the ldap map allows you to search and replace with arbitrary
object attributes. I have separate LDAP maps for incoming and outgoing
rewrites because my site requires it. It doesn't always have to be this
complex.

Regards,
--Keith Stevenson-- 

-- 
Keith Stevenson
System Programmer - Data Center Services - University of Louisville
k.stevensonlouisville.edu
PGP key fingerprint =  4B 29 A8 95 A8 82 EA A2  29 CE 68 DE FC EE B6 A0