Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

sendmail ldap lookup sbs 2003

Posted on 2009-07-08
4
504 Views
Last Modified: 2013-12-24
hi.. hoping some email experts might be able to pin this one down 4 me..

I have sendmail configured as a backup mailserver for my domain that stores and forwards mail iin events of primary downtime. Mail is forwarded on with mailertable. This works ok, but get ndrs for non existent users on the domain. If I build a virtuser list with all my email addresses i believe it may help to stop this bounced ndr as mail will be dropped. what i was wondering is it possible to retrieve a list of email addresses from my exchange server with an ldap lookup to automatically populate the virtuser table?  one other thing i do get a large number of failed relay non delivery emails. at the moment i am firing these off to /dev/null because they are all spam rubbish is this the best way to certain them?
0
Comment
Question by:dodyryda1
  • 3
4 Comments
 
LVL 26

Expert Comment

by:jar3817
ID: 24803863
I'm using a version of this perl script to fetch all the email addresses (users,contacts, groups, public folders) from AD:

http://www-personal.umich.edu/~malth/gaptuning/postfix/getadsmtp.pl

Obviously you'll have to change the domain controllers names and probably your search base. Look for this line: "push(@valid, $mail." OK\n");" and change that to the format of your virtusertable file.

Once you have it working ok you can schedule it via cron to auto update.
0
 
LVL 26

Expert Comment

by:jar3817
ID: 24804087
By default that'll work for every account, but you probably want to exclude the disabled accounts. Add this to the filter to exclude disabled accounts:

( !(userAccountControl:1.2.840.113556.1.4.803:=2))
0
 

Accepted Solution

by:
dodyryda1 earned 0 total points
ID: 24806788
nice one thanks jar3817 i think this is exactly what i'm after, bit new to this so to check.....

once configure with my setup correctly simply executing this script from a terminal will populate my virtuser table automatically correct?. I can then schedule this to run cron etc, to populate virtuser with any changes in AD correct?

To double check on the usage of this setup, By having these email addresses in the virtuser table,  I then can configure sendmail to drop mail silently from addresses not contained in this table to prevent being slammed with these ndr's. And forward everything on to my main server with mailertable


I do wish to exclude my disable users so filter will be something like

 if ( $mail =~ s/^(smtp|SMTP)://gs ) ( !(userAccountControl:1.2.840.113556.1.4.803:=2)) {
       push(@valid, $mail." OK\n");
     }

thanks for your help..
0
 
LVL 26

Assisted Solution

by:jar3817
jar3817 earned 250 total points
ID: 24808313
Yup..

But the disabled exclusion part goes in the filter part of the search, mine looks like this:

(& (!(userAccountControl:1.2.840.113556.1.4.803:=2)) (mailnickname=*) (| (&(objectCategory=person) (objectClass=user)(!(homeMDB=*))(!(msExchHomeServerName=*))) (&(objectCategory=person)(objectClass=user)(|(homeMDB=*) (msExchHomeServerName=*)))(&(objectCategory=person)(objectClass=contact)) (objectCategory=group)(objectCategory=publicFolder)(objectClass=msExchDynamicDistributionList) ))

Also keep in mine you may need to restart sendmail when you change the virtusertable file for the changes to take effect.
0

Featured Post

Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Phishing attempts can come in all forms, shapes and sizes. No matter how familiar you think you are with them, always remember to take extra precaution when opening an email with attachments or links.
How to resolve IMCEAEX NDRs in Exchange or Exchange Online related to invalid X500 addresses.
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
A short tutorial showing how to set up an email signature in Outlook on the Web (previously known as OWA). For free email signatures designs, visit https://www.mail-signatures.com/articles/signature-templates/?sts=6651 If you want to manage em…

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question