/haraka-plugin-rcpt-ldap

Validates recipients against an LDAP server

Primary LanguageJavaScriptMIT LicenseMIT

Build Status Windows Build Status Code Climate Greenkeeper badge NPM

haraka-plugin-rcpt-ldap

This plugin tries to validate recipients against an LDAP server. This will help in replacing an existing qmail-ldap installation with Haraka.

The plugin assumes simple qmail-ldap style LDAP records. It is completely configurable using the config/rcpt_to.ldap.ini file.

The logic that is followed is:

  • Check if the recipient is for a local domain (ie. check if the domaiin is present in host_list)

  • Check if the recipient is already whitelisted

  • Run an LDAP search to see if the recipient can be found in LDAP.

Example:

; default entry, for hosts in config/host_list
server=ldap://127.0.0.1:389
;binddn=cn=admin,dc=example,dc=com
;bindpw=secret
;basedn=dc=example,dc=com
;objectclass=qmailUser
filter=(&(objectClass=person)(|(mail=%u)(proxyAddresses=%u)))

[example2.com]
server=ldap://127.0.0.2:389
binddn=cn=admin,dc=example2,dc=com
bindpw=secretsAreForSissies
basedn=dc=example2,dc=com
objectclass=qmailUser
filter=