Hello,
i had the chance to test the ldap mailaddr_filter and use it to check
recipients in an active diretory server.
This is a low volume site (250 user / 1000 mails per day) with opensmtpd
as relay/filter in front of another mailserver. Everthing is just perfect.
But :) the server close idle connections after 15 minutes and i get
TempFails for all ldap recipient checks.
To keep it running i have added a reconnect to ldap_query. I am not sure
if this is good solution at all, but at least it has survived the night :)
I understand that ldap is not on your prio list but are there any plans
for some kind of connection check/reconnect?
Thank you very much
Stefan
... diff and slightly stripped config
===================================================================
RCS file: /cvs/src/usr.sbin/smtpd/table_ldap.c,v
retrieving revision 1.12
diff -u -p -r1.12 table_ldap.c
--- table_ldap.c 9 Jul 2014 08:38:08 -0000 1.12
+++ table_ldap.c 14 Jul 2014 11:43:31 -0000
@@ -22,6 +22,7 @@
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
+#include <time.h>
#include "smtpd-defines.h"
#include "smtpd-api.h"
@@ -79,6 +80,9 @@ static char *basedn;
static struct aldap *aldap;
static struct query queries[LDAP_MAX];
+static int open_wait = 30;
+static time_t open_last;
+
int
main(int argc, char **argv)
{
@@ -118,6 +122,8 @@ main(int argc, char **argv)
}
log_debug("debug: table-ldap: connected");
+
+ open_last = time(NULL);
table_api_on_update(table_ldap_update);
table_api_on_check(table_ldap_check);
@@ -452,7 +458,8 @@ ldap_query(const char *filter, char **at
if ((ret = aldap_search(aldap, basedn__,
LDAP_SCOPE_SUBTREE,
filter__, NULL, 0, 0, 0, pg)) == -1) {
log_debug("ret=%d", ret);
- return -1;
+ goto reconnect;
+
}
if (pg != NULL) {
aldap_freepage(pg);
@@ -483,6 +490,26 @@ ldap_query(const char *filter, char **at
ret = found ? 1 : 0;
goto end;
+
+reconnect:
+
+ if (time(NULL) - open_last < open_wait)
+ goto error;
+
+ if (aldap) {
+ aldap_close(aldap);
+ log_warnx("warn: table-ldap: disconnected");
+ }
+
+ if (!ldap_open()) {
+ log_warnx("warn: table-ldap: failed to connect");
+ return (-1);
+ }
+
+ log_debug("debug: table-ldap: connected");
+
+ open_last = time(NULL);
+
error:
ret = -1;
===================================================================
/etc/mail/ldap.conf
url ldap://1.2.3.6
username CN=LDAP\,
mx01,OU=Dienstekonten,OU=Users,OU=MyBusiness,DC=domain,DC=local
password password
basedn OU=Users,OU=MyBusiness,DC=domain,DC=local
mailaddr_filter
(&(objectClass=user)(proxyAddresses=smtp:%s))
mailaddr_attributes mail
/etc/mail/smpd.conf
#############################################################################
pki mx01.example.com key "/etc/ssl/private/mx01.example.com.key"
pki mx01.example.com certificate "/etc/ssl/mx01.example.com.crt"
#############################################################################
listen on lo0
listen on egress hostname mx01.example.com tls pki mx01.example.com
listen on lo0 hostname mx01.agri.local port 10025 tag EXT_AMAVIS_INT
listen on lo0 hostname mx01.agri.local port 10027 tag INT_AMAVIS_EXT
##############################################################################
table aliases db:/etc/mail/aliases.db
table domain_map file:/etc/mail/spamd.alloweddomains
table auth_out file:/etc/mail/auth_out.txt
table ldap_user ldap:/etc/mail/ldap.conf
##############################################################################
### SPAM
accept for local recipient "spam@localhost" deliver to maildir
accept for local alias <aliases> deliver to mbox
##############################################################################
#
# <- AMAVIS
#
### AMAVIS -> INTERN
# -> SMIME
accept from local tagged EXT_AMAVIS_INT for any recipient <.....> relay via
smtp://1.2.3.5 hostname mx01.agri.local
# -> WEBMAIL ACCOUNTS
accept from local tagged EXT_AMAVIS_INT for any recipient <.....> relay via
tls+auth://[email protected] auth <auth_out> hostname mx01.agri.local
# -> EXCHANGE
accept from local tagged EXT_AMAVIS_INT for any relay via smtp://1.2.3.4
hostname mx01.agri.local
### AMAVIS -> EXTERN
accept from local tagged INT_AMAVIS_EXT for any relay hostname mx01.example.com
pki mx01.example.com
##############################################################################
#
# -> AMAVIS
#
### INTERN -> AMAVIS
accept from source 1.2.3.4 for any relay via smtp://127.0.0.1:10026 hostname
mx01.agri.local
### EXTERN -> AMAVIS
accept from any for domain <domain_map> recipient <ldap_user> relay via
smtp://127.0.0.1:10024 hostname mx01.example.com
#accept from any for domain <domain_map> relay via smtp://127.0.0.1:10024
hostname mx01.example.com
##############################################################################
--
You received this mail because you are subscribed to [email protected]
To unsubscribe, send a mail to: [email protected]
