LDAP routing

Unanswered Question
Apr 25th, 2007
User Badges:

Hi,
I've a little problem with ldap routing. I need to route some outgoing mails to alternate mailhosts. The hostnames are stored in ldap, but the problem is, that I need the sender address ({f}) as lookup key, which is not allowed in routing query.
Any ideas?

Thanks,
Axel

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
jaigill Wed, 04/25/2007 - 19:12
User Badges:
  • Cisco Employee,

It works for me. What version of the Aysnc OS are you running:

ironhost.com> ldapconfig

Current LDAP server configurations:
1. AD_LDAP: (djskd.ironport.com:389)


Choose the operation you want to perform:
- NEW - Create a new server configuration.
- EDIT - Modify a server configuration.
- DELETE - Remove a server configuration.
- SETUP - Configure LDAP options.
[]> edit

Enter the name or number of the server configuration you wish to edit.
[]> 1

Name: AD_LDAP
Hostname: djskd.ironport.com Port 389
Authentication Type: password
Base: dc=domain,dc=com
LDAPACCEPT: AD_LDAP.accept
LDAPGROUP: AD_LDAP.ldapgroup


Choose the operation you want to perform:
- SERVER - Change the server for the query.
- LDAPACCEPT - Configure whether a recipient address should be accepted or bounced/dropped.
- LDAPROUTING - Configure message routing.
- MASQUERADE - Configure domain masquerading.
- LDAPGROUP - Configure whether a sender or recipient is in a specified group.
- SMTPAUTH - Configure SMTP authentication.
[]> lda
ldapaccept, ldaprouting, ldapgroup
[]> ldaprouting

Please create a name for this query:
[AD_LDAP.routing]>

Enter the LDAP query string:
[(mailLocalAddress={a})]> (mail={f})

Please enter the cache TTL in seconds:
[900]>

Please enter the maximum number of cache entries to retain:
[10000]>

Do you want to rewrite the Envelope Recipient? [Y]> n

Do you want to send the messages to an alternate mail host? [Y]>

Enter the attribute which contains the alternate mailhost for the recipients.
[mailHost]>

asteiner_ironport Thu, 04/26/2007 - 10:18
User Badges:

Yes, I can add the query, but it doesn't work. When I want to test it, I get following error message

Error: LDAP Query Syntax Error: Invalid character '=' at position 5 of query
"(mail=)"


My query is
(mail={f})


AsyncOS Version is 5.1.0-314
jaigill Thu, 04/26/2007 - 17:21
User Badges:
  • Cisco Employee,

What happens when you inject an actual message?

asteiner_ironport Fri, 04/27/2007 - 10:04
User Badges:

It does not work. When I inject a message I get

Info: LDAP: unable to process, MID 8965 requeued

in mail_logs.

It works with {a} as lookup value, of course. But I need the sender
address :-(
jaigill Fri, 04/27/2007 - 22:03
User Badges:
  • Cisco Employee,

I verified that the {f} variable does not work with LDAP routing queries. It is possible that this was intentional/not implemented because LDAP routing re-writes the recipient address based upon the recipient address existing in LDAP. At this point, I would recommend contacting Ironport customer to get a formal response.

Poesjkin_ironport Sun, 04/29/2007 - 22:13
User Badges:

According to Advanced User Guide 5.1, page 113 {f} token is only valid in accept queries. Hope this helps.

Actions

This Discussion