More on using Exim with Zarafa

Sa 29 September 2012
By tdk

In my last post I was talking about how to get Exim to replace postfix in a Zarafa-Setup. In my example a node would deliver mail for another node via lmtp directly to the zarafa-dagent on the target node and therefore had to queue it until the other side was willing and able to receive it. Of course that was not a problem in my testsetup with its ocasional testmail. But in a recent conversation with Michael Kromer he reminded me to think about a lot of mail.

So here is a new version where every node maintains its own queue for incoming as well as for outgoing mail. The changes are really quite small. Start with the examples from the last post and apply the following changes. My example here covers the AD version, but the modifications for LDAP were covered in the last article and are quite simple.

First of all we have a new macro NODENAME in our exim4.conf which contains the hostname without the domainpart since we will find that in the attribute ZarafaUserServer in our AD. If you use an LDAP-Server and put an FQDN in this attribute, then thats your NODENAME.

root@zcpadms01:/etc/exim4# ldapsearch -LLL -h zcpadms01 -b dc=samdom,dc=skynet,dc=private -D cn=Administrator,cn=Users,dc=samdom,dc=skynet,dc=private -w geheim "mail=mburns@springfield.com" mail ZarafaUserServer
dn: CN=Monty Burns,OU=Leitung,OU=Powerplant,DC=samdom,DC=skynet,DC=private
mail: mburns@springfield.com
zarafaUserServer: zcpadms02

So we put this in our exim4.conf:

NODENAME = zcpadms02

You can keep the routers for aliases (zarafa_aliases) and groups (zarafa_groups) just as they are, but need to replace the router for users. Now there are two of them. One checks if the mailadress in question belongs to a mailbox that resides on this node and if so delivers it via lmtp to the zarafa-dagent that listens on 127.0.0.1. If that is not the case the next router checks on which node the mailbox the address in question belongs to is located and sends the mail via smtp to the MTA on this node.

zarafa_users_this_node:
debug_print = "R: zarafa_users_this_node LDAP lookup for \$local_part@\$domain"
driver = manualroute
domains = +local_domains
condition = \${lookup ldap {LDAPCRED ldap:///LDAPSEARCHBASE?mail?sub?(&(objectClass=person)(zarafaAccount=1)(&(mail=\${quote_ldap:\$local_part@\$domain})(ZarafaUserServer=NODENAME)))}}
route_list = * localhost byname
self = send
transport = zarafa_lmtp

zarafa_users_remote_node:
debug_print = "R: zarafa_users_remote_node LDAP lookup for \$local_part@\$domain"
driver = manualroute
domains = +local_domains
condition = \${lookup ldap {LDAPCRED ldap:///LDAPSEARCHBASE?mail?sub?(&(objectClass=person)(zarafaAccount=1)(&(mail=\${quote_ldap:\$local_part@\$domain})(!(ZarafaUserServer=NODENAME))))}}
route_list = * "\${lookup ldap {LDAPCRED ldap:///LDAPSEARCHBASE?ZarafaUserServer?sub?(&(objectClass=person)(zarafaAccount=1)(mail=\${quote_ldap:\$local_part@\$domain}))}}" byname
self = send
transport = remote_smtp

You can change your delivery-agent to listen on 127.0.0.1, since it will now only receive mail from its local MTA.

And here the result:

root@zcpadms01:/etc/exim4\# exim -bt mburns@springfield.com  
 R: zarafa_aliases LDAP lookup for mburns@springfield.com  
 R: zarafa_groups LDAP lookup for mburns@springfield.com  
 R: zarafa_users_this_node LDAP lookup for mburns@springfield.com  
 R: zarafa_users_remote_node LDAP lookup for
mburns@springfield.com  
 mburns@springfield.com  
 router = zarafa_users_remote_node, transport = remote_smtp  
 host zcpadms02.skynet.private [192.168.56.29]  
 root@zcpadms01:/etc/exim4\# exim -bt bart.simpson@springfield.com  
 R: zarafa_aliases LDAP lookup for bart.simpson@springfield.com  
 R: zarafa_groups LDAP lookup for bart.simpson@springfield.com  
 R: zarafa_users_this_node LDAP lookup for
bart.simpson@springfield.com  
 bart.simpson@springfield.com  
 router = zarafa_users_this_node, transport = zarafa_lmtp  
 host localhost [127.0.0.1]

As always: If you find any errors, or have some better ideas I'll be happy to hear about them.

Tagged as : AD Exim LDAP Zarafa