IWETHEY v. 0.3.0 | TODO
1,095 registered users | 0 active users | 0 LpH | Statistics
Login | Create New User
IWETHEY Banner

Welcome to IWETHEY!

IWETHEY Home / IWETHEY Board / Linux Forum / Exim as a mail hub
Post #101,548
by tseliot
Picture of tseliot
5/12/03 7:58:40 PM
Reply
New Exim as a mail hub
For the most part, this is a straightforward process. I set up a transport:

local_smtp:
  driver = smtp
  hosts = 192.168.0.3

and a director:

hubbed_users:
  driver = localuser
  transport = local_smtp

This works great IF the Win2K username is included manually as a unix user. But I already use winbind to provide Win2K usernames for SSH access on the same box. If you're not familiar with it, it's a samba goodie which maps usernames from an Active Directory to UNIX usernames, so if, for example, you have a user named "rbre" on your 2k network "mydomain", winbind will create a user on your *nix box named "mydomain\\rbre". Personally, I prefer the plus separator, so it ends up being "mydomain+rbre". It's not a local user, i.e. - it doesn't get placed in /etc/passwd, for example; instead it's nsswitch available, like NFS.

Anyway, I can't for the life of me figure out how to get Exim to look up and verify a user under this scheme. I want to send mail to "rbre@amor.org", have Exim *verify* it as "HQAMOR+rbre" (the winbind-mapped name), but then still deliver it on to our Exchange server as "rbre@amor.org".

1) If I use rewriting, it'll get sent on as "HQAMOR+rbre@amor.org". I thought of rewriting it once for the lookup and then using a transport-specific rewrite to change it back, which is ugly enough, but you can't rewrite envelopes per-transport, only headers.

2) If you supply a transport to an aliasfile director, it'll route the mail using the original address (which is nice), so I *could* have a massive aliases file with entries like:
rbre: HQAMOR+rbre
rgwi: HQAMOR+rgwi
But this rather defeats the purpose; I'm not saving any time having winbind do it automatically if I end up writing them all out manually.

3) String expansion flitted across my mind, but I can't work out how to apply it to winbind; you can query a list of users with 'getent passwd', for example, but you can't use a pipe AFAICT in an expansion.

Any other ideas? I suppose if all else fails, I could recompile exim with perl support. But I'd rather not.
Many fears are born of stupidity and ignorance -
Which you should be feeding with rumour and generalisation.
BOfH, 2002 "Episode" 10
Post #101,553
by tseliot
Picture of tseliot
5/12/03 8:13:05 PM
Reply
New For now, kludge solution:
Our userlist doesn't change *that* often. So I'm just setting up a nightly cron job to:

getent passwd | grep HQAMOR > /etc/samba/winusers

then have a smartuser director with:

condition = {$lookup {HQAMOR+$local_part} lsearch {/etc/samba/winusers}{yes}{no}}

Let me know if anyone sees a better solution...
Many fears are born of stupidity and ignorance -
Which you should be feeding with rumour and generalisation.
BOfH, 2002 "Episode" 10
     Exim as a mail hub - (tseliot) - (1) - May 12, 2003, 07:58:40 PM EDT
         For now, kludge solution: - (tseliot) - May 12, 2003, 08:13:05 PM EDT

42, of course.
30 ms