Mailing List Archive

callout to Exchange2013
Hi Guys,

I have an issue with my "verify recipient" acl, where I use a callout to verify if a user exists or not.
The callout is checking against a Exchange 2013 server farm.

I found the article below, where Heiko and some other guys are discussing this issue.

ttps://www.mail-archive.com/exim-users@exim.org/msg46265.html

Is there any known solution for this problem?

Cheers,
Martin


Diese E-Mail kann vertrauliche Informationen enthalten und irrt?mlich an Sie gelangt sein. In diesem Fall informieren Sie bitte sofort die Absenderin bzw. den Absender und vernichten Sie diese E-Mail. Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser Mail oder von Teilen dieser Mail sind nicht gestattet.

Informationen gem?? DSGVO zur Verarbeitung personenbezogener Daten durch die OeNB finden Sie unter www.oenb.at/datenschutz<https://www.oenb.at/datenschutz>.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: callout to Exchange2013 [ In reply to ]
On 06/21/2018 02:23 PM, Fraenzl, Martin via Exim-users wrote:
> I have an issue with my "verify recipient" acl, where I use a callout to verify if a user exists or not.
> The callout is checking against a Exchange 2013 server farm.
>
> I found the article below, where Heiko and some other guys are discussing this issue.
>
> ttps://www.mail-archive.com/exim-users@exim.org/msg46265.html
>
> Is there any known solution for this problem?

Get rid of Exchange?
--
Jeremy

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: callout to Exchange2013 [ In reply to ]
On Thu, 21 Jun 2018 14:45:29 +0100 Jeremy Harris via Exim-users wrote:
> On 06/21/2018 02:23 PM, Fraenzl, Martin via Exim-users wrote:
> > I have an issue with my "verify recipient" acl, where I use a callout to verify if a user exists or not.
> > The callout is checking against a Exchange 2013 server farm.
> >
> > I found the article below, where Heiko and some other guys are discussing this issue.
> >
> > ttps://www.mail-archive.com/exim-users@exim.org/msg46265.html
> >
> > Is there any known solution for this problem?
>
> Get rid of Exchange?

Brilliant answer!


SCNR, Frank

--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: callout to Exchange2013 [ In reply to ]
Fraenzl, Martin via Exim-users <exim-users@exim.org> (Do 21 Jun 2018 15:23:26 CEST):
> Hi Guys,
>
> I have an issue with my "verify recipient" acl, where I use a callout to verify if a user exists or not.
> The callout is checking against a Exchange 2013 server farm.
>
> I found the article below, where Heiko and some other guys are discussing this issue.
>
> ttps://www.mail-archive.com/exim-users@exim.org/msg46265.html
>
> Is there any known solution for this problem?

The exchange server administator should be able to provide you another
port (mostly they use 2525/tcp) for checking the recipient via a SMTP
call-forward

I don't know the very details, but if I was pushing them enough, they
were able to find the settings they've to change :)

Then you can use specialized router/transport combo for recipient
verification only.

Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de ---------------------------- internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --------------- key ID: F69376CE -
! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -
Re: callout to Exchange2013 [ In reply to ]
Get rid of Exchange would be great! ????

Thanks Heiko for the quick answer.
Could you provide me with an config example?

Cheers,
Martin


-----Ursprüngliche Nachricht-----
Von: Exim-users <exim-users-bounces+martin.fraenzl=oenb.at@exim.org> Im Auftrag von Heiko Schlittermann via Exim-users
Gesendet: Donnerstag, 21. Juni 2018 16:16
An: exim-users@exim.org
Betreff: Re: [exim] callout to Exchange2013

Fraenzl, Martin via Exim-users <exim-users@exim.org> (Do 21 Jun 2018 15:23:26 CEST):
> Hi Guys,
>
> I have an issue with my "verify recipient" acl, where I use a callout to verify if a user exists or not.
> The callout is checking against a Exchange 2013 server farm.
>
> I found the article below, where Heiko and some other guys are discussing this issue.
>
> ttps://www.mail-archive.com/exim-users@exim.org/msg46265.html
>
> Is there any known solution for this problem?

The exchange server administator should be able to provide you another port (mostly they use 2525/tcp) for checking the recipient via a SMTP call-forward

I don't know the very details, but if I was pushing them enough, they were able to find the settings they've to change :)

Then you can use specialized router/transport combo for recipient verification only.

Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de ---------------------------- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome --------------- key ID: F69376CE - ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -

_________________
Diese Nachricht wurde vom OeNB Mailserver TLS verschluesselt empfangen



Diese E-Mail kann vertrauliche Informationen enthalten und irrtümlich an Sie gelangt sein. In diesem Fall informieren Sie bitte sofort die Absenderin bzw. den Absender und vernichten Sie diese E-Mail. Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser Mail oder von Teilen dieser Mail sind nicht gestattet.

Informationen gemäß DSGVO zur Verarbeitung personenbezogener Daten durch die OeNB finden Sie unter www.oenb.at/datenschutz<https://www.oenb.at/datenschutz>.
Re: callout to Exchange2013 [ In reply to ]
On 06/21/2018 03:42 PM, Fraenzl, Martin via Exim-users wrote:
> Could you provide me with an config example?

If you read though that mail conversation, there is actually
a how-to properly set up Exchange.


--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: callout to Exchange2013 [ In reply to ]
On 21 Jun 2018, at 15:42, Fraenzl, Martin via Exim-users <exim-users@exim.org> wrote:
> Could you provide me with an config example?

At this point, Google is your friend (other search engines are available, limited time offer, terms and conditions apply etc etc) - look for "exchange 2013 recipient verification":

https://helpdesk.spamtitan.com/support/solutions/articles/4000003763-dynamic-recipient-verification-using-exchange-2013-and-2016
https://www.roaringpenguin.com/recipient-verification-exchange-2013

etc, etc.

As Jeremy points out, the thread you mentioned in your first post contains an equally useful answer.

Regards

Graeme
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: callout to Exchange2013 [ In reply to ]
Thanks guys!


After finding the example from 2015,I discussed the options with our Exchange admins.

When I asked about an example, I talked about the " specialized router/transport combo" that Heiko mentioned.

Cheers,
Martin

Diese E-Mail kann vertrauliche Informationen enthalten und irrtümlich an Sie gelangt sein. In diesem Fall informieren Sie bitte sofort die Absenderin bzw. den Absender und vernichten Sie diese E-Mail. Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser Mail oder von Teilen dieser Mail sind nicht gestattet.

Informationen gemäß DSGVO zur Verarbeitung personenbezogener Daten durch die OeNB finden Sie unter www.oenb.at/datenschutz<https://www.oenb.at/datenschutz>.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
Re: callout to Exchange2013 [ In reply to ]
Hi,

Fraenzl, Martin via Exim-users <exim-users@exim.org> (Fr 22 Jun 2018 09:29:50 CEST):
>
> After finding the example from 2015,I discussed the options with our Exchange admins.
>
> When I asked about an example, I talked about the " specialized router/transport combo" that Heiko mentioned.


From my memory an example that should work. But beware, it is meant as a
specialized example, routing all mails to your Exchange.

====== 8< ----
EXCHANGE = xx.xx.xx.xx

keep_environment =

acl_smtp_rcpt = acl_check_rcpt

begin acl

acl_check_rcpt:

require
message = recipient $local_part@$domain is unknown
verify = recipient/callout=use_sender,defer_ok


accept


begin routers

exchange:
driver = manualroute
route_data = EXCHANGE
transport = exchange
verify = no
self = send

exchange_verify:
driver = manualroute
route_data = EXCHANGE::2525
transport = exchange
self = send


begin transports

exchange:
driver = smtp

====== 8< ----

Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de ---------------------------- internet & unix support -
Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
gnupg encrypted messages are welcome --------------- key ID: F69376CE -
! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -
Re: callout to Exchange2013 [ In reply to ]
Thx Heiko!
I will give it a try!

Cheers,
Martin

-----Ursprüngliche Nachricht-----
Von: Exim-users <exim-users-bounces+martin.fraenzl=oenb.at@exim.org> Im Auftrag von Heiko Schlittermann via Exim-users
Gesendet: Freitag, 22. Juni 2018 09:56
An: exim-users@exim.org
Betreff: Re: [exim] callout to Exchange2013

Hi,

Fraenzl, Martin via Exim-users <exim-users@exim.org> (Fr 22 Jun 2018 09:29:50 CEST):
>
> After finding the example from 2015,I discussed the options with our Exchange admins.
>
> When I asked about an example, I talked about the " specialized router/transport combo" that Heiko mentioned.


From my memory an example that should work. But beware, it is meant as a specialized example, routing all mails to your Exchange.

====== 8< ----
EXCHANGE = xx.xx.xx.xx

keep_environment =

acl_smtp_rcpt = acl_check_rcpt

begin acl

acl_check_rcpt:

require
message = recipient $local_part@$domain is unknown
verify = recipient/callout=use_sender,defer_ok


accept


begin routers

exchange:
driver = manualroute
route_data = EXCHANGE
transport = exchange
verify = no
self = send

exchange_verify:
driver = manualroute
route_data = EXCHANGE::2525
transport = exchange
self = send


begin transports

exchange:
driver = smtp

====== 8< ----

Best regards from Dresden/Germany
Viele Grüße aus Dresden
Heiko Schlittermann
--
SCHLITTERMANN.de ---------------------------- internet & unix support - Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} - gnupg encrypted messages are welcome --------------- key ID: F69376CE - ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -

_________________
Diese Nachricht wurde vom OeNB Mailserver TLS verschluesselt empfangen



Diese E-Mail kann vertrauliche Informationen enthalten und irrtümlich an Sie gelangt sein. In diesem Fall informieren Sie bitte sofort die Absenderin bzw. den Absender und vernichten Sie diese E-Mail. Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser Mail oder von Teilen dieser Mail sind nicht gestattet.

Informationen gemäß DSGVO zur Verarbeitung personenbezogener Daten durch die OeNB finden Sie unter www.oenb.at/datenschutz<https://www.oenb.at/datenschutz>.
--
## List details at https://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/