--On Tuesday, February 05, 2013 10:30 AM +0100 Jason <jason.johnson....@gmail.com> wrote:
> Ok, a couple of things. I looked at the source and you're right: setting > ExtLookupCryptox (actually this is ExtLookupCrypto in the source code but > I tried that setting and it doesn't work either) makes a call to start > TLS. > > I think the problem might be that DSPAM hard codes the scheme to "ldap" > when it should be "ldaps" in my case. I think the best thing would be to > just drop the scheme assembling and just let the user specify the uri > themselves. The crypto parameter should also make it clear that it's > doing start TLS which isn't the same thing as "ldaps". > > Thanks for the info about start TLS vs ldaps. I hadn't known that. Yeah, most modern configurations are done via scheme, although you still need a separate option to indicate whether or not to enable startTLS with ldap. Also, it should take multiple URI's (ldap://host1:389 ldap://host2:389 etc) so you can have failover. --Quanah -- Quanah Gibson-Mount Sr. Member of Technical Staff Zimbra, Inc A Division of VMware, Inc. -------------------- Zimbra :: the leader in open source messaging and collaboration ------------------------------------------------------------------------------ Free Next-Gen Firewall Hardware Offer Buy your Sophos next-gen firewall before the end March 2013 and get the hardware for free! Learn more. http://p.sf.net/sfu/sophos-d2d-feb _______________________________________________ Dspam-user mailing list Dspam-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/dspam-user
