[prev in list] [next in list] [prev in thread] [next in thread] 

List:       exim-users
Subject:    Re: [exim] Further details about Exchange/Exim routing - does
From:       Ruairi Hickey <Ruairi.Hickey () collon ! ie>
Date:       2009-06-16 18:31:10
Message-ID: 200906161931.10426.Ruairi.Hickey () collon ! ie
[Download RAW message or body]

We've taken a different approach to this and run a nightly cron job gets a list 
of valid email addresses from the ldap server and compares it against the 
current valid list - if there are changes it emails the changes to me and I 
can manually recreate the list.  It would be trivial to make this automatic if 
you so wished .
The valid addresses are stored in a local DBM and the valid recipient lookup 
is done against this....  Generally we went this way as it is less resource 
intensive to do a dbm lookup as opposed to an ldap lookup, and in the event of 
an LDAP failure you could end up bouncing good emails.......


Ruairi

cat /usr/local/sbin/validEmailAddresses
#!/bin/sh

get_ldap_mailaddresses()
{
   ldapsearch -x -h MyLdapServer  -b "My Top Level OU" '(!
(&(objectCategory=person)(objectClass=user)
(userAccountControl:1.2.840.113556.1.4.803:=3)))' mail proxyAddresses | grep -
i -e ^mail:  -e '^proxyAddresses: smtp:' | sed -e 's/mail: //i' -e 
's/proxyAddresses: SMTP://i' | awk '{ print tolower($1); }; ' | sort -n | grep 
-v .local | uniq > /etc/exim4/validEmailAddresses.NEW
}

case "$1" in
    showchanges)
        touch /etc/exim4/validEmailAddresses
        get_ldap_mailaddresses
        if ((cat /etc/exim4/validEmailAddresses | fgrep -v -f 
/etc/exim4/validEmailAddresses.NEW > /dev/null) || \
            (cat /etc/exim4/validEmailAddresses.NEW | fgrep -v -f 
/etc/exim4/validEmailAddresses > /dev/null))
        then
                echo "-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
=-=-=-=-=-=-=-=-=-="
                echo "  Email addresses waiting to be removed from `hostname -
f` exim DBM file:"
                echo "-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
=-=-=-=-=-=-=-=-=-="
                cat /etc/exim4/validEmailAddresses | fgrep -v -f 
/etc/exim4/validEmailAddresses.NEW
                echo
                echo "-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
=-=-=-=-=-=-=-=-=-="
                echo "  Email addresses waiting to be added to `hostname -f` 
exim DBM file:"
                echo "-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
=-=-=-=-=-=-=-=-=-="
                cat /etc/exim4/validEmailAddresses.NEW | fgrep -v -f 
/etc/exim4/validEmailAddresses
        fi
#       diff /etc/exim4/validEmailAddresses /etc/exim4/validEmailAddresses.NEW 
| grep [\>\<]
    ;;

    check-dups)
        get_ldap_mailaddresses
        cat /etc/exim4/validEmailAddresses.NEW | sort | uniq -id || echo 
"ERROR: something bad just happened while checking for duplicate addresses"
    ;;

    simulate-builddb)
        get_ldap_mailaddresses
        echo "Simulating exim users DB build"
        exim_dbmbuild /etc/exim4/validEmailAddresses.NEW 
/etc/exim4/validEmailAddresses_temp.dbm || echo "ERROR: could not simulate 
database build"
        rm /etc/exim4/validEmailAddresses_temp.dbm || echo "ERROR: could not 
remove temporary database file"
    ;;

    builddb)
        get_ldap_mailaddresses
        exim_dbmbuild /etc/exim4/validEmailAddresses.NEW 
/etc/exim4/validEmailAddresses.dbm || echo "WARNING: there were problems while 
building the database"
        cp /etc/exim4/validEmailAddresses.NEW /etc/exim4/validEmailAddresses 
|| echo "ERROR: could not update the /etc/exim4/validEmailAddresses file"
        #echo "The email database script on `hostname -f` ran successfully" | 
mail -s "`hostname -f` - email list updated" hickey@msre.ie

    ;;

    usercount)
        get_ldap_mailaddresses
        echo -n "Current email users number count: "
        cat /etc/exim4/validEmailAddresses | wc -l
        echo -n "New email users number count: "
        cat /etc/exim4/validEmailAddresses.NEW | wc -l
    ;;
    view)
        get_ldap_mailaddresses
        echo -n "Current email users : "
        cat /etc/exim4/validEmailAddresses
   ;;

    *)
        echo "Usage: /usr/local/sbin/validEmailAddresses {showchanges|check-
dups|builddb|simulate-builddb|usercount|view}" >&2
        exit 1
    ;;



esac

exit 0






The ACL to check for valid recipients is

acl_check_rcpt:
  deny
    log_message = Recipient Verification Failed
    message = local error
    condition = 
${lookup{$local_part@$domain}dbm{CONFDIR/validEmailAddresses.dbm} {no} {yes} }


  

-- 
## List details at http://lists.exim.org/mailman/listinfo/exim-users 
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
[prev in list] [next in list] [prev in thread] [next in thread]