I have a need to have Sendmail query AD for valid users and have it drop any that are invalid.
I need this to be a real-time query, not reading from a file.
And please, not replys with "use Postfix" as the answer ; )

I have been using the following Sendmail and Active Directory verification configuration:
(found at the shocknetwork blog)

Works very well with two exceptions. Hoping someone can help.

Queries against mailable groups fails with 'User Unknown' (same as an invalid user).
How can I get it to query Groups as well as users?
In the code, I do not see anything that says "objectclass=X" and I am searching at the root of the domain.
It appears the only attribute the code looks for is "mail" and "proxyaddress" which are both an attribute of mailable groups.

The only work around I have found is to hard-code the Expansion Server on each DL (not a good idea in a distributed Exchange environment).
This is fine since 98% of what goes thru this relay is to users, not DL's but I would like to find a way to avoid this altogether.

Has anyone been successful with this?

Secondly, when mail is sent to an invalid user, it sends an NDR to the sender. This is fine in normal circumstances, but in this case, I would like any mail to invalid users dropped as most of these emails are being sent from 'no-reply' type addresses.

Thanks in advance


Can provide code in post in needed.