[COLUG] Re: Exim4 Recipient Whitelisting (Dave Maxwell)

[William Yang]

Drew wrote:

> First question, why not just use exim? It seems a little redundant to
> run both exim and Exchange. My company had a client that relied almost
> exclusively on email for his buisness. He had a similar solution as
> yours. His solution to a similar problem was to setup the exim server to
> acutally have the email accounts. He then setup exchange to poll these
> accounts. His clients then logged into the server and pulled the
> messages. It still seems to me that the simplest way would be to just
> run exim.

Why not just use Exim(/Postfix/Sendmail/Qmail/etc)?

* Hardware limitations
* Knowledge gap
* Political requirements
* Simplicity
* User interfaces
* Integration with existing infrastructure
* ...

While it's always good to examine the core question, it's also good to
go for the simplest solution.

Dave's original question:

> What I need to do is simply give Exim4 a list of valid recipients.  I could 
> then reject mails to non-existent recipients at SMTP connection time.  It is 
> a small business with low turnover and having small text file on the Exim4 
> side of valid recipients is an entirely practical means to deal with this.

#! /bin/sh

AD_SERVER=my.active-directory.domain.com
DC="dc=domain,DC=com"
authdn="CN=ADLookup,OU=Users,${DC}"
authpw="totallyinsecurepasswordforADLookup"

TEMPFILE=/tmp/ADSync.$$.ldf

ldapsearch -h ${AD_SERVER} \
           -D "${authdn}" \
           -x -w "${authpw}" \
           -b "${DC}" \
           '(&(objectClass=user)(!(objectClass=computer)))' > $TEMPFILE

# exercise left to reader how to recognize valid Exchange e-mail
# addresses from an ldf file.  The following is a stub.

grep mail: $TEMPFILE
/bin/rm -f $TEMPFILE

exit 0;

-- 
William Yang
wyang at gcfn.net