LDAPDefaultSpec

Beginning with V8.10 sendmail , you can specify the default switches for use with ldap database maps (ldap (was ldapx)) before you use the K configuration command to declare them. This LDAPDefaultSpec option, for example, is a handy way to specify the LDAP server host:

 O LDAPDefaultSpec=-h ldap.our.domain 

Later K configuration commands would then omit this switch.

The LDAPDefaultSpec option is declared like this:

 O LDAPDefaultSpec=  spec    configuration file (V8.10 and later)  -OLDAPDefaultSpec=  spec    command line (V8.10 and later)  define(`confLDAP_DEFAULT_SPEC',  spec)    mc configuration (V8.10 and later)  

Here, spec is of type string and is an ldap database-map sequence of switches, just as you would use with the K configuration command. If this option is missing, no default is set. If the spec is missing, no default switches are set.

The -N , -O , -S , -a , and -T switches must not be used. If they are, the following error will be logged and printed and sendmail will exit:

 readcf: option LDAPDefaultSpec: Do not set non-LDAP specific flags 

Nor can you use the -k switch to specify a default LDAP query with this option. If you do, you will see the following error logged and printed, and sendmail will exit:

 readcf: option LDAPDefaultSpec: Do not set the LDAP search filter 

Finally, you cannot use the -v switch to specify a default for the LDAP attributes. If you do, you will see the following error logged and printed, and sendmail will exit:

 readcf: option LDAPDefaultSpec: Do not set the requested LDAP attributes 

The LDAPDefaultSpec option is not safe. If it is specified from the command line, it can cause sendmail to give up any special privileges.