Custom logic
Steve Meier
smeier at webster.edu
Fri Jan 8 15:56:52 CET 2016
The only input domain we will accept will be our own @webster.edu. So I
will be fine regardless of whether I need to use the entire email address or
just the username.
We have 11 possible incoming mail servers on our internally hosted email, so
I'd rather avoid trying to do a series of 11 (+2) section filters if the
SCRIPT backend is possible.
Anything that resolves to a non @webster.edu address is essentially a
forward to another domain which we would reject configuration.
Below covers all of the use cases. The "action" represents what I would
need automx to do. (I know for Outlook Autodiscover there is a
<ACTION>REDIRECT</ACTION> although I'm pretty sure that is not yet supported
in automx but I think I could trick it using a "STATIC" config and maybe a
custom XML template for redirect when it comes to that.
-SM
root at testVM:/root# python getMailConfig.py test2
LDAP search FOR uid=test2 IN ou=people,dc=webster,dc=edu..
Returned user object- uid=test2,ou=people,dc=webster,dc=edu
test2 at webster.edu resolves to test2 at auden.webster.edu
Email TYPE is- Webster U Internal Mail
Action- config
Incoming server- auden.webster.edu
Outgoing server- smtp.webster.edu
root at testVM:/root# python getMailConfig.py test3
LDAP search FOR uid=test3 IN ou=people,dc=webster,dc=edu..
Returned user object- uid=test3,ou=people,dc=webster,dc=edu
test3 at webster.edu resolves to test3 at bailey.webster.edu
Email TYPE is- Webster U Internal Mail
Action- config
Incoming server- bailey.webster.edu
Outgoing server- smtp.webster.edu
root at testVM:/root# python getMailConfig.py test4
LDAP search FOR uid=test4 IN ou=people,dc=webster,dc=edu..
Returned user object- uid=test4,ou=people,dc=webster,dc=edu
test4 at webster.edu resolves to test4 at websteru.onmicrosoft.com
Email TYPE is- WebsterU O365 Mail
Action- should redirect to autodiscover.outlook.com
root at testVM:/root# python getMailConfig.py test5
LDAP search FOR uid=test5 IN ou=people,dc=webster,dc=edu..
Returned user object- uid=test5,ou=people,dc=webster,dc=edu
test5 at webster.edu resolves to personal at gmail.com
Email TYPE is- Unknown/fallthrough (external forwarding address or other
issue)
Action- reject for test5 at webster.edu -> personal at gmail.com
-----Original Message-----
From: admin at extremeshok.com [mailto:admin at extremeshok.com]
Sent: Friday, January 8, 2016 7:18
To: Steve Meier <smeier at webster.edu>
Subject: Re: Custom logic
What if u have test at 123 and test at xyz and search for test?
Sent from my iPhone
> On 08 Jan 2016, at 4:35 AM, Steve Meier <smeier at webster.edu> wrote:
>
> I have created a python script that will perform the required logic
> and is capable of returning any necessary parameters, I just need to
> figure out how best to tie it into the automx program.
>
> I saw references that "SCRIPT" backend can be used, but I did not see
> how to config SCRIPT backend in the CONF (or an example).
>
> I also thought possibly using section filters but did not want to try
> that if the SCRIPT backend option is available.
>
>
> root at testVM:/root# python getMailConfig.py smeier LDAP search FOR
> uid=smeier IN ou=people,dc=webster,dc=edu..
> Returned user- uid=smeier,ou=people,dc=webster,dc=edu
> Mail Routing address- smeier at websteru.onmicrosoft.com Email TYPE is-
> WebsterU O365 Email Address
> Response- should redirect
>
> root at testVM:/root# python getMailConfig.py test3 LDAP search FOR
> uid=test3 IN ou=people,dc=webster,dc=edu..
> Returned user- uid=test3,ou=people,dc=webster,dc=edu
> Mail Routing address- test3 at bailey.webster.edu Email TYPE is- Webster
> U Internal Mail Address
> Response- config
> Incoming server- bailey.webster.edu
> Outgoing server- smtp.webster.edu
>
> root at testVM:/root# python getMailConfig.py test2 LDAP search FOR
> uid=test2 IN ou=people,dc=webster,dc=edu..
> Returned user- uid=test2,ou=people,dc=webster,dc=edu
> Mail Routing address- someone at gmail.com Email TYPE is-
> Unknown/fallthrough (external forwarding address or other
> issue)
> Response- reject
>
>
> -----Original Message-----
> From: automx-users [mailto:automx-users-bounces at sys4.de] On Behalf Of
> Steve Meier
> Sent: Wednesday, January 6, 2016 16:22
> To: Marc Patermann <hans.moser at ofd-z.niedersachsen.de>;
> automx-users at sys4.de
> Subject: RE: Custom logic
>
> It seems like I could accomplish this by use of section filters. I
> would write a script that can return the correct section that matches
> the required profile.
>
> I also read somewhere that you can specify "backend=script" but I'm
> not seeing that plainly documented.
>
> -SM
>
>
> """
> section_filter (default: domainpart, optional)
>
> Specifies a list of one or more filters whose result outputs a section
> name. The filters will be used in order specified. The first match ends
> execution of subsequent filters.
>
> These filters will be used instead of the hard coded, internal
> domainpart
> filter, which strictly uses the domainpart taken from the email
> address the
> client submitted in its configuration request:
>
> section_filters = server_1, server_2
> server_1 = /usr/sbin/postmap -q "%u"
> hash:/etc/postfix/virtual_alias_domains | \
> sed -e 's/^.*@\(\.*\)/\1/g' | grep internal.example.com
> server_2 = /usr/sbin/postmap -q "%u"
> hash:/etc/postfix/virtual_alias_domains | \
> sed -e 's/^.*@\(\.*\)/\1/g' | grep dmz.example.com """
>
> """
> automx_script.5.rst: Specifies the absolute path to the script
which
> should be run by the backend automx_script(5) backend::
> automx_script.5.rst: script = /usr/local/bin/example_com.sh
> "%s"
> """
>
> -----Original Message-----
> From: automx-users [mailto:automx-users-bounces at sys4.de] On Behalf Of
> Marc Patermann
> Sent: Wednesday, January 6, 2016 2:10
> To: automx-users at sys4.de
> Subject: Re: Custom logic
>
> Steve,
>
>> Am 19.12.2015 um 02:51 Uhr schrieb Steve Meier:
>> The general logic needed is-
>>
>>
>> 1) User has provided a "*username at domain.edu*" address
>>
>> 2) Query our LDAP server by the *uid=username* and retrieve the
>> *mailRoutingAddress *attribute.
>>
>> 3) *mailRoutingAddress *will follow one of *three rules*-
>>
>> a) the "username@*servername*.domain.edu"
>>
>> b) an external "forwarding address" that has been assigned by the
>> user (for example a gmail, a yahoo, etc)
>>
>> c) "username@*tenant.onmicrosoft.com*" (in other words, an
>> institution-specific Office 365 instance)
> so this is coming out of your directory directly, right?
>
>> 4) Based on the rules above, we need to send the correct response,
>> respectively
>>
>> a) respond with settings for IMAP+SMTP email service (based off
>> *username, servername*)
>>
>> b) don't send a response (or possibly fall back to settings using a
>> different LDAP attribute)
>>
>> c respond with a *redirect to Microsoft O365
>> autodiscover.outlook.com*
> If I understood correctly, you do not have the values for LDAP- and
> SMTP-server in your directory, so you cannot just sends this
> information to automx, right?
> This is the problem?
>
>> I have read through the documentation and it appears it may be
>> possible to do this using automx, but I am not sure yet. The
>> documentation referenced this listserv, so I thought I would ask.
> If the answer form LDAP is
> if $addresse ~= *tenant.onmicrosoft.com
> then smptserver = microsoftserver
> then imapserver = microsoftserver
>
>> Can anyone provide some insight into whether or not above would be
>> possible, and if so, the general approach to go about it? I can see
>> it may require a combination of things (filters, custom scripts,
>> LDAP,
> etc).
> The easiest way would be to store the information directly in your
> LDAP and send it back to automx.
>
>
> Marc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4827 bytes
Desc: not available
URL: <https://mail.sys4.de/pipermail/automx-users/attachments/20160108/26306b84/attachment.p7s>
More information about the automx-users
mailing list