On Thu, Feb 06, 2020 at 08:44:36AM +0100, Luca Fornasari wrote:
> I am using reject_sender_login_mismatch and I need to find out the
> owner of an email address using smtpd_sender_login_maps.
> The email address is present on a first AD server while user/owner is
> on a second AD server ... what links the two is the SID (Exchange
> linked mailbox).
You'll need a less exotic schema to make this go. Provision a third
LDAP server on which the join is directly available in a single object
containing both the address and account name.
> The idea is to use a pipemap of LDAP queries; the first LDAP query
> using the email address as a key to retrieve the
> msExchMasterAccountSid on the first AD and pipe it as input key as
> objectSid to a second LDAP query to retrieve the SamAccountName.
>
> Since msExchMasterAccountSid is an OctetStream, I am wondering if this
> will work ... does anyone already have experience on this?
In Postfix, table lookup keys and result data are NUL-terminated
C strings. So binary keys and values are not possible.
const char *dict_lookup(dict_name, member)
const char *dict_name;
const char *member;
Internally, the Postfix LDAP table assumes that all attributes returned
in an LDAP query are NUL-terminated C-strings. OpenLDAP appends a final
NUL even to binary data, but we don't check for absence of internal
NULs.
Also, the Postfix LDAP table folds keys to lower-case by default, and
IIRC you don't generally get to disable that when defining tables.
Bottom-line. Sorry, no non-textual keys or values.
--
Viktor.
