<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=us-ascii">
<META content="MSHTML 6.00.2900.3199" name=GENERATOR></HEAD>
<BODY>
<DIV dir=ltr align=left><SPAN class=341012016-12102007><FONT face=Arial
color=#0000ff size=2>For smf-sav to work with Exchange 2003, you have to
enable a recipient policy to reject unknown recipients:</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=341012016-12102007><FONT face=Arial
color=#0000ff size=2></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=341012016-12102007><FONT face=Arial
color=#0000ff size=2>There's a simple howto here:</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=341012016-12102007><FONT face=Arial
color=#0000ff size=2></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=341012016-12102007><FONT face=Arial
color=#0000ff size=2> <A
href="http://www.amset.info/exchange/filter-unknown.asp">http://www.amset.info/exchange/filter-unknown.asp</A></FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=341012016-12102007><FONT face=Arial
color=#0000ff size=2></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=341012016-12102007><FONT face=Arial
color=#0000ff size=2>Cheers,</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=341012016-12102007><FONT face=Arial
color=#0000ff size=2></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=341012016-12102007><FONT face=Arial
color=#0000ff size=2>Phil</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=341012016-12102007></SPAN><FONT
size=2>--<BR>Phil Randal<BR>Network Engineer<BR>Herefordshire
Council<BR>Hereford, UK </FONT></DIV>
<DIV> </DIV><BR>
<BLOCKQUOTE dir=ltr
style="PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #0000ff 2px solid; MARGIN-RIGHT: 0px">
<DIV class=OutlookMessageHeader lang=en-us dir=ltr align=left>
<HR tabIndex=-1>
<FONT face=Tahoma size=2><B>From:</B>
mailscanner-bounces@lists.mailscanner.info
[mailto:mailscanner-bounces@lists.mailscanner.info] <B>On Behalf Of </B>Kevin
Miller<BR><B>Sent:</B> 12 October 2007 16:54<BR><B>To:</B> MailScanner
discussion<BR><B>Subject:</B> RE: sendmail ldap exchange<BR></FONT><BR></DIV>
<DIV></DIV>
<DIV dir=ltr align=left><SPAN class=677022315-12102007><FONT
face="Comic Sans MS" color=#000080 size=2>I sorta hesitate to send the whole
thing for privacy's sake, but most is pretty straight forward. The parts
that gave me pause I'll outline below - if you have questions beyond that
holler and I'll try to fill in the blanks.</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=677022315-12102007><FONT
face="Comic Sans MS" color=#000080 size=2></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=677022315-12102007><FONT
face="Comic Sans MS" color=#000080 size=2>Whitelist your internal networks so
any host on the inside can use your mail server. </FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=677022315-12102007><FONT
face="Comic Sans MS" color=#000080 size=2>For example:</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=677022315-12102007><FONT
face="Comic Sans MS" color=#000080 size=2>
WhitelistIP 192.168.0.0/16<BR></FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=677022315-12102007><FONT
face="Comic Sans MS" color=#000080 size=2> </DIV></FONT></SPAN><SPAN
class=677022315-12102007>
<DIV><FONT face="Comic Sans MS" color=#000080 size=2><SPAN
class=677022315-12102007></SPAN></FONT></DIV>
<DIV><SPAN class=677022315-12102007><FONT face="Comic Sans MS" color=#000080
size=2>The host I grabbed the config from is called mx2.ci.juneau.ak.us - so
that's what goes in "PublicName". You'll want to enter the name of your
mail gateway as I would see it - i.e., what is used for the MX record in
DNS.</FONT></SPAN></DIV>
<DIV><FONT face="Comic Sans MS" color=#000080 size=2></FONT> </DIV>
<DIV><FONT face="Comic Sans MS" color=#000080 size=2>
</FONT></SPAN><FONT face="Comic Sans MS" color=#000080 size=2># FQDN of the
publicly visible IP address of the interface<BR><SPAN
class=677022315-12102007> </SPAN># of an outgoing connection of your
Sendmail daemon<BR><SPAN class=677022315-12102007> </SPAN># It will be
used with the SMTP HELO command for SAV and RAV<BR><SPAN
class=677022315-12102007> </SPAN>#<BR><SPAN
class=677022315-12102007> </SPAN>#PublicName
yourhost.yourdomain.tld # it
*MUST* be corrected properly<BR><SPAN class=677022315-12102007>
</SPAN>PublicName
mx2.ci.juneau.ak.us</FONT></DIV>
<DIV><FONT face="Comic Sans MS" color=#000080 size=2></FONT> </DIV>
<DIV><FONT face="Comic Sans MS" color=#000080 size=2><SPAN
class=677022315-12102007>Mail to this address is whitelisted I think, so
complaints/errors can come in:</SPAN></FONT></DIV>
<DIV><FONT face="Comic Sans MS" color=#000080 size=2><SPAN
class=677022315-12102007> # Any valid e-Mail address of your local
domain for the safe call-out purposes<BR> #SafeCallBack <A
href="mailto:postmaster@yourdomain.tld">postmaster@yourdomain.tld</A>
# it *MUST* be corrected properly<BR> SafeCallBack <A
href="mailto:postmaster@ci.juneau.ak.us">postmaster@ci.juneau.ak.us</A><BR></SPAN></FONT></DIV>
<DIV><FONT face="Comic Sans MS" color=#000080 size=2></FONT> </DIV>
<DIV><FONT face="Comic Sans MS" color=#000080 size=2><SPAN
class=677022315-12102007>This is the one that wasn't really clear to me.
Basically it's asking for the name or address of the host that knows who
all your users are. In this case it's my Exchange server. I used a
phoney name here (but the real name in my actual config). This is the
machine the LDAP looks are directed to.</SPAN></FONT></DIV>
<DIV><FONT face="Comic Sans MS"><FONT color=#000080><FONT size=2><SPAN
class=677022315-12102007>
</SPAN>#MailStore
yourhost.yourdomain.tld #
uncomment and set it properly<BR><SPAN class=677022315-12102007>
</SPAN>MailStore <SPAN
class=677022315-12102007>cbjmail</SPAN>.ci.juneau.ak.us<BR></FONT></FONT></FONT></DIV>
<DIV><FONT size=+0><FONT size=+0><FONT face="Comic Sans MS" color=#000080
size=2><SPAN class=677022315-12102007>Pretty much everything else was just
left as the default. Of course, I've added remote hosts to the whitelist
section as the situation warranted. You can see who's being denied in
/var/log/mail (or where ever you mail logs
go).</SPAN></FONT></FONT></FONT></DIV>
<DIV><FONT face="Comic Sans MS"><FONT color=#000080><FONT
size=2></FONT></FONT></FONT> </DIV>
<DIV><FONT size=+0><FONT size=+0><FONT face="Comic Sans MS" color=#000080
size=2><SPAN class=677022315-12102007>Re: the milter. You have to add
the following to the end of your sendmail.mc then rebuild your sendmail.cf
file:</SPAN></FONT></FONT></FONT></DIV>
<DIV><FONT size=+0><FONT size=+0><FONT face="Comic Sans MS" color=#000080
size=2><SPAN class=677022315-12102007></SPAN></FONT></FONT></FONT> </DIV>
<DIV><FONT size=+0><FONT size=+0><FONT face="Comic Sans MS" color=#000080
size=2><SPAN class=677022315-12102007>define(`confMILTER_MACROS_HELO',
confMILTER_MACROS_HELO`, {verify}')dnl<BR>INPUT_MAIL_FILTER(`smf-sav',
`S=unix:/var/run/smfs/smf-sav.sock,
T=S:30s;R:4m')dnl<BR></DIV></SPAN></FONT></FONT></FONT>
<DIV><FONT size=+0><FONT size=+0><SPAN class=677022315-12102007><FONT
face="Comic Sans MS" color=#000080 size=2>Sendmail shouldn't be running, of
course, while all this is happening. I presume that you were able to
successfully compile smf-sav and it's installed. Now you just need to
start smf-sav before you start MailScanner (since MailScanner starts
sendmail). You do that via the normal Linux startup scripts. If
you're new to Linux, you'll find them </FONT></SPAN></FONT></FONT><FONT
size=+0><FONT size=+0><SPAN class=677022315-12102007><FONT
face="Comic Sans MS" color=#000080 size=2>in /etc/init.d/. In that
directory are many different scripts to start the system related stuff you
have installed. Common examples are you networking stuff, database
programs, web servers, etc. There are four scripts that come with
smf-sav, if memory serves: one each for slackware, redhat, freebsd and
solaris. If you're using Redhat or one of it's clones like Fedora, copy
the smfsav.redhat over to the /etc/init.d directory and then create the links
to it in the appropriate run level directories. That varies slightly
from linux flavor to flavor. </FONT></SPAN></FONT></FONT></DIV>
<DIV><FONT size=+0><FONT size=+0><SPAN class=677022315-12102007><FONT
face="Comic Sans MS" color=#000080
size=2></FONT></SPAN></FONT></FONT> </DIV>
<DIV><FONT size=+0><FONT size=+0><SPAN class=677022315-12102007><FONT
face="Comic Sans MS" color=#000080 size=2>If you're not familiar with that,
grab a manual appropriate to your distribution and read about how that
works. It's really pretty straight forward, simple to explain, but
potentially a lot of typing to do so. <g> It's a pretty
fundemental skill for managing a Linux box, so if you don't already understand
it, you really need to get an understanding of it before you get in much
deeper.</FONT></SPAN></FONT></FONT></DIV>
<DIV><FONT size=+0><FONT size=+0><SPAN class=677022315-12102007><FONT
face="Comic Sans MS" color=#000080
size=2></FONT></SPAN></FONT></FONT> </DIV>
<DIV><FONT size=+0><FONT size=+0><SPAN class=677022315-12102007><FONT
face="Comic Sans MS" color=#000080 size=2>Hope this
helps...</FONT></SPAN></FONT></FONT></DIV>
<DIV><FONT size=+0><FONT face="Comic Sans MS" color=#000080 size=2><SPAN
class=677022315-12102007></SPAN></FONT></FONT> </DIV>
<DIV><FONT size=+0><FONT size=+0><SPAN
class=677022315-12102007></SPAN></FONT></FONT><FONT
size=2>...Kevin<BR>--<BR>Kevin
Miller
Registered Linux User No: 307357<BR>CBJ MIS
Dept.
Network Systems Admin., Mail Admin.<BR>155 South Seward
Street ph: (907) 586-0242<BR>Juneau, Alaska
99801 fax: (907
586-4500<BR> </FONT> </DIV>
<DIV><FONT face="Comic Sans MS" color=#000080 size=2></FONT> </DIV><BR>
<DIV class=OutlookMessageHeader lang=en-us dir=ltr align=left>
<HR tabIndex=-1>
<FONT face=Tahoma size=2><B>From:</B>
mailscanner-bounces@lists.mailscanner.info
[mailto:mailscanner-bounces@lists.mailscanner.info] <B>On Behalf Of </B>Steven
Andrews<BR><B>Sent:</B> Friday, October 12, 2007 4:59 AM<BR><B>To:</B>
MailScanner discussion<BR><B>Subject:</B> RE: sendmail ldap
exchange<BR></FONT><BR></DIV>
<DIV></DIV>
<DIV dir=ltr align=left><SPAN class=880215512-12102007><FONT face=Arial
color=#0000ff size=2>any chance you can share your config? i've got it
installed, but i really don't understand what smf-sav.conf is wanting me to
config.</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=880215512-12102007><FONT face=Arial
color=#0000ff size=2></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=880215512-12102007><FONT face=Arial
color=#0000ff size=2>also the readme says to add this milter to startup
scripts before sendmail....also not quite sure what that's asking. it
references some start up script examples...can't seem to find
them.</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=880215512-12102007><FONT face=Arial
color=#0000ff size=2></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=880215512-12102007><FONT face=Arial
color=#0000ff size=2>thanks.</FONT></SPAN></DIV>
<DIV dir=ltr align=left><SPAN class=880215512-12102007><FONT face=Arial
color=#0000ff size=2></FONT></SPAN> </DIV>
<DIV dir=ltr align=left><SPAN class=880215512-12102007><FONT face=Arial
color=#0000ff size=2>steve</FONT></SPAN></DIV><BR>
<DIV class=OutlookMessageHeader lang=en-us dir=ltr align=left>
<HR tabIndex=-1>
<FONT face=Tahoma size=2><B>From:</B>
mailscanner-bounces@lists.mailscanner.info
[mailto:mailscanner-bounces@lists.mailscanner.info] <B>On Behalf Of </B>Kevin
Miller<BR><B>Sent:</B> Thursday, October 11, 2007 3:20 PM<BR><B>To:</B>
MailScanner discussion<BR><B>Subject:</B> RE: sendmail ldap
exchange<BR></FONT><BR></DIV>
<DIV></DIV>
<DIV dir=ltr align=left><SPAN class=793195518-11102007><FONT
face="Comic Sans MS" color=#000080 size=2>Take a look at the smf-sav
milter - a number of folks here are using it, including myself, and it
works just jiffy. Quite easy to set up. I'm not sure about the
multiple domains part. I accept for multiple domains, but my Exchange
server knows about all of them, so it isn't a problem. If you have
multiple Exchange servers that don't do address synchronization it may or may
not work. But it's easy, free and works well for us
here...</FONT></SPAN></DIV>
<DIV> </DIV><!-- Converted from text/plain format -->
<P><FONT size=2>...Kevin<BR>--<BR>Kevin
Miller
Registered Linux User No: 307357<BR>CBJ MIS
Dept.
Network Systems Admin., Mail Admin.<BR>155 South Seward
Street ph: (907) 586-0242<BR>Juneau, Alaska
99801 fax: (907
586-4500<BR> </FONT> </P>
<DIV> </DIV><BR>
<DIV class=OutlookMessageHeader lang=en-us dir=ltr align=left>
<HR tabIndex=-1>
<FONT face=Tahoma size=2><B>From:</B>
mailscanner-bounces@lists.mailscanner.info
[mailto:mailscanner-bounces@lists.mailscanner.info] <B>On Behalf Of </B>Steven
Andrews<BR><B>Sent:</B> Thursday, October 11, 2007 10:52 AM<BR><B>To:</B>
MailScanner discussion<BR><B>Subject:</B> sendmail ldap
exchange<BR></FONT><BR></DIV>
<DIV></DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial size=2>Can anyone comment
on if this works?</FONT></SPAN></DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial size=2><A
href="http://www.mailarchive.ca/lists/comp.mail.sendmail//2005-06/0022.html">http://www.mailarchive.ca/lists/comp.mail.sendmail//2005-06/0022.html</A></FONT></SPAN></DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial size=2>I'm currently
running as suggested in the wiki:</FONT></SPAN></DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial size=2><A
href="http://wiki.mailscanner.info/doku.php?id=documentation:configuration:mta:sendmail:how_to:setup_a_gateway">http://wiki.mailscanner.info/doku.php?id=documentation:configuration:mta:sendmail:how_to:setup_a_gateway</A></FONT></SPAN></DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial size=2>I tried the above
and everything got bounced back 550.</FONT></SPAN></DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial size=2>Also wondering if
you have multiple domains, I assume you need multiple:</FONT></SPAN></DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial
size=2>LDAPROUTE_DOMAIN(`yourdomain.com') </FONT></SPAN></DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial size=2>One for each
domain, but do you need multiple define('confLDAP_DEFAULT_SPC....
lines?</FONT></SPAN></DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial size=2>OS is CentOS 4.3,
sendmail is 8.13.1 The author makes reference to compiling sendmail to
work with ldap. sendmail -bt -d0.1 responds:</FONT></SPAN></DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial size=2>Using username
"root".<BR>Last login: Thu Oct 11 11:47:16 2007 from
mail.xxxxxxx.com<BR>[root@spamfiilter ~]# sendmail -bt -d0.1<BR>Version
8.13.1<BR> Compiled with: DNSMAP HESIOD HES_GETMAILHOST LDAPMAP LOG
MAP_REGEX<BR>
MATCHGECOS MILTER MIME7TO8 MIME8TO7 NAMED_BIND NETINET
NETINET6<BR>
NETUNIX NEWDB NIS PIPELINING SASLv2 SCANF SOCKETMAP
STARTTLS<BR>
TCPWRAPPERS USERDB USE_LDAP_INIT</FONT></SPAN></DIV>
<DIV> </DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial size=2>============
SYSTEM IDENTITY (after readcf) ============<BR>
(short domain name) $w = spamfilter<BR> (canonical domain name) $j =
spamfilter.xxxxxxx.com<BR>
(subdomain name) $m =
xxxxxxx.com<BR>
(node name) $k =
spamfiilter<BR>========================================================</FONT></SPAN></DIV>
<DIV> </DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial size=2>ADDRESS TEST MODE
(ruleset 3 NOT automatically invoked)<BR>Enter <ruleset>
<address><BR>><BR></FONT></SPAN></DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial
size=2></FONT></SPAN><SPAN class=866003918-11102007><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial
size=2>Thanks!</FONT></SPAN></DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial
size=2></FONT></SPAN> </DIV>
<DIV><SPAN class=866003918-11102007><FONT face=Arial
size=2>Steve</FONT></SPAN></DIV></BLOCKQUOTE></BODY></HTML>