SMTPFILTER & scalixResource Email Bug !?!?!

[mattgalloway]

I have configured Scalix 11.1.0.50 on FC5 and installed Spamassassin according to docs. Spam filter is working fine. I have created a scalixResource for scheduling (you know, like a conference room) that I want to email appointments to. The resource could receive email from Scalix or from an external internet address before I set SMTPFILTER=TRUE in smtp.cnf for the Spamassassin setup. Once I set SMTPFILTER=TRUE, any email sent to the scalixResource's address was bounce as "Unknown User".

I think this is because mail is handed to sendmail when SMTPFILTER is set to TRUE so milters like spammassassin can be run. Once the milter is complete, sendmail queries LDAP to make sure the user exists before sending it back to Scalix. I think (from logs) that when sendmail checks for users that it is only looking for scalixPerson and ScalixDistributionList objectClasses and NOT scalixResource. As a result, anything sent to a resource gets bounced if SMTPFILTER is TRUE.

Here is the bit from the log that I'm basing this on (fc@gallowayfore.com is a scalixResource)...

Code: Select all

REPORT                         LDAP Daemon   (LDAP Engine   ) 08.29.07 00:50:27
[OM 16093] Performing DB get with following attributes:
KeyName:  168
KeyValue: FC@GALLOWAYFORE.COM
Filter:    ( (1004=* & !1003=mail.gallowayfore.com ) | ( ( ( ( ( (1100=scalixPerson ) ) | ( (1=* ) & (422= ) & (620= ) ) ) & (433=* ) ) | ( ( (1100=scalixDistributionList ) ) | ( (1=* ) & (422=* ) ) ) | ( (1=+bb ) | (51=+bb ) ) ) & (168=fc@gallowayfore.com ) ) )

Anyone agree or disagree? How can I configure sendmail's LDAP query to include the scalixResource objectClass? If this is hard coded then I think it is a bug!

Thanks,

-Matt

[mattgalloway]

Ahha! The LDAP query can be set by using a command line parameter passed to ldapmapper upon execution. This can be done by setting the LDAPMAPPER_OPTIONS variable in the /etc/sysconfig/ldampmapper file. The command line parameter is --filter-format=

The default is (&(|(&(objectclass=scalixPerson)(omulcaps=*))(objectclass=scalixDistribution-List)(sn=+bb))(mail=%s))

It will take me a bit of playing but I think I can fix this... stay tuned.

[mattgalloway]

So here's how to do it (I think)...

Put the following in the /etc/sysconfig/ldapmapper file

Code: Select all

LDAPMAPPER_OPTIONS="--filter-format=\"(&(|(&(objectclass=scalixPerson)(omulcaps=*))(objectclass=scalixDistributionList)(objectclass=scalixResource)(sn=+bb))(mail=%s))\""

The filter-format attribute is documented in the man page for ldapmapper. Here's an excerpt:

Code: Select all

       -F, --filter-format=FORMAT
              The  format  for  the search filter used when querying the instance’s LDAP server.  The default checks for entries that not only have the same mail address but
              are either a scalix user, a distribution list or a public folder.  The default is (&(|(&(objectclass=scalixPerson)(omulcaps=*))(objectclass=scalixDistribution-
              List)(sn=+bb))(mail=%s)) where %s is the mail address supplied by the client, possibly with the domain name changed to the primary domain.  You should not need
              to set this option.

As I read this, this means that scalixResources are always classified by ldapmapper as "unknown user" unless you add them in as I did above.

Can anyone from Scalix confirm that I've done this right?

Thanks,

Matt