From 01160ea57f87e1ca8799c55123e491ec7bac6c0c Mon Sep 17 00:00:00 2001
From: Elizabeth Hunt <me@liz.coffee>
Date: Fri, 2 May 2025 01:16:14 -0700
Subject: Fix some long-standing group issues and stuff

---
 group_vars/mail.yml | 10 +++-------
 1 file changed, 3 insertions(+), 7 deletions(-)

(limited to 'group_vars/mail.yml')

diff --git a/group_vars/mail.yml b/group_vars/mail.yml
index c69cc82..1114ca8 100644
--- a/group_vars/mail.yml
+++ b/group_vars/mail.yml
@@ -17,14 +17,10 @@ ldap_search_base: "{{ 'dc=' ~ idm_domain | regex_replace('\\.', ',dc=') }}"
 ldap_bind_dn: "dn=token"
 
 ldap_query_filter_user: "(&(class=account)(emailprimary=%s))"
-ldap_query_filter_group: "(&(class=account)(emailprimary=%s))"
+ldap_query_filter_group: "(&(class=group)(mail=%s))"
 ldap_query_filter_alias: "(&(class=account)(emailalternative=%s))"
-ldap_query_filter_domain: "(&(class=account)(emailprimary=%s))"
-ldap_query_filter_senders: "(&(class=account)(emailprimary=%s))"
-
-sasl_ldap_filter: >
-  (&(|(name=%U)(emailprimary=%U))(class=account)
-  (memberOf=cn=mail,{{ ldap_search_base }}))
+ldap_query_filter_domain: "(mail=*@%s)"
+ldap_query_filter_senders: "(&(class=account)(|(emailprimary=%s)(emailalternative=%s)))"
 
 dovecot_user_filter: >
   (&(class=account)(name=%u)
-- 
cgit v1.2.3-70-g09d2