Managing sendmail Services in Oracle® Solaris 11.2

Exit Print View

Updated: July 2014

Changes for LDAP From Version 8.12 of sendmail

The following list describes changes in the use of the Lightweight Directory Access Protocol (LDAP) with sendmail.

  • LDAPROUTE_EQUIVALENT() and LDAPROUTE_EQUIVALENT_FILE() permit you to specify equivalent host names, which are replaced by the masquerade domain name for LDAP routing lookups. For more information, refer to /etc/mail/cf/README.

  • As noted in the Release Notes that are part of the sendmail distribution at ftp://ftp.sendmail.org, the LDAPX map has been renamed to LDAP. Use the following syntax for LDAP.

    Kldap ldap options
  • This release supports the return of multiple values for a single LDAP lookup. Place the values to be returned in a comma-separated string with the –v option, as is shown.

    Kldap ldap -v"mail,more-mail"
  • If no LDAP attributes are specified in an LDAP map declaration, all attributes that are found in the match are returned.

  • This version of sendmail prevents commas in quoted key and value strings in the specifications of the LDAP alias file from dividing a single entry into multiple entries.

  • This version of sendmail has a new option for LDAP maps. The option –Vseparator enables you to specify a separator so that a lookup can return both an attribute and a value that are separated by the relevant separator.

  • In addition to using the %s token to parse an LDAP filter specification, you can use the new token, %0, to encode the key buffer. The %0 token applies a literal meaning to LDAP special characters.

The following example shows how these tokens differ for a “*” lookup.

Table 3-27  Comparison of Tokens
LDAP Map Specification
Specification Equivalent
Matches any record with a user attribute
Matches a user with the name “*

The following table describes additional LDAP map flags.

Table 3-28  Additional LDAP Map Flags
Requires a single match to be returned. If more than one match is returned, the results are the equivalent of no records being found.
–r never|always|search|find
Sets the LDAP alias dereference option.
–Z size
Limits the number of matches to return.