Provided by: vrfydmn_0.11.0-2.1_all bug

NAME

       vrfydmn_ldap - lookup RFC5322 From:-addresses in an LDAP database.

SYNOPSIS

       vrfydmn -l ldap:///etc/vrfydmn/ldap.cfg

DESCRIPTION

       vrfydmn uses lists and tables to lookup mail related informations. A lookup tables may be
       an LDAP database.

       In order to use LDAP lookups, specify a path to a file holding LDAP connection and query
       configuration. The path must be given when vrfydmn is invoked on command line:

       vrfydmn -l ldap:///etc/vrfydmn/ldap.cfg

OPTIONS

       base (default: None)
           The RFC2253 base DN at which to conduct the search, e.g.

               base = ou=maildomains,dc=example,dc=com

       bindmethod (default: None)
           The method used when binding to the LDAP server. Valid options are simple or sasl.

       cacert (default: None)
           Specifies the file that contains certificates for all of the Certificate Authorities
           the client will recognize.

               cacert = /etc/ssl/certs/cacerts.pem

       cert (default: None)
           Specifies the file that contains the client certificate.

               cert = /etc/ssl/certs/mail.example.com-crt.pem

       filter (default: None)
           The RFC2254 filter used to search the directory, e.g.

               filter = (domain=*)

       host (default: None)
           The name of the host running the LDAP server, e.g.

               host = 127.0.0.1, ldap.example.com

       key (default: None)
           Specifies the file that contains the private key that matches the certificate stored
           in the cert file. Currently, the private key must not be protected with a password, so
           it is of critical importance that the key file is protected carefully.

               key = /etc/ssl/private/mail.example.com-key.pem

       reqcert (default: demand)
           Specifies what checks to perform on server certificates in a TLS session, if any. The
           <level> can be specified as one of the following keywords:

           never
               The client will not request or check any server certificate.

           allow
               The server certificate is requested. If no certificate is provided, the session
               proceeds normally. If a bad certificate is provided, it will be ignored and the
               session proceeds normally.

           try
               The server certificate is requested. If no certificate is provided, the session
               proceeds normally. If a bad certificate is provided, the session is immediately
               terminated.

           demand
               The server certificate is requested. If no certificate is provided, or a bad
               certificate is provided, the session is immediately terminated. This is the
               default setting.

       result_attrs (default: None)
           The name of the attribute whose value the query should return.

               result_attrs = domain

       saslmech (default: None)
           The mechanism outgoing’s LDAP client should use, when it sasl-binds to the remote LDAP
           server. Valid options are currently PLAIN or EXTERNAL.

       scope (default: None)
           The LDAP search scope: sub, base, or one.

       usetls (default: No)
           A Boolean option to enable or disable usage of TLS when connecting to the LDAP server.
           Valid options are Yes or No.

SEE ALSO

       vrfydmn(8)

BUGS

       There are no known bugs so far. Please submit bugs to
       https://github.com/croessner/vrfydmn/issues.

AUTHOR

       Christian Roessner <c@roessner.co> wrote the program.

       Patrick Ben Koetter <p@sys4.de> wrote this man page.

RESOURCES

       vrfydmn’s home is at https://github.com/croessner/vrfydmn.

COPYING

       Copyright (C) 2014-2015 Christian Roessner. Free use of this software is granted under the
       terms of the GNU General Public License (GPL).