Hi,

I have been asked to come up with an LDAP setup and filter for our mail servers which they will use to determine an emails policy for anti-spam etc. The filter needs to check LDAP for a specific user, but if there is no user and policy defined then to use the settings that have been configured for the domain. I have the simplified objects:

---- User object -----
dn: uid=user at mydomain.com
mailpolicy: PolicyA

--- Domain object ----
dn: uid=mydomain.com
mailpolicy: policyB

Is it possible to have a filter that will match the user object if it exists, and fallback to the domain object if not? I don't think this is possible myself as surely the filter is being applied to a single object at a time and not checking for the existance of 1 object before matching another? I initially thought:

(|
(&(uid=$user) (mailpolicy=$policy))
(&(uid=$domain)(mailpolicy=$policy))
)

But that would just match either object and not _only_ match the domain object if the user object does not exist.

Is this possible with an LDAP filter or is there some other cunning way to achieve this?

Thanks.

Jim.