Skip to Content.
Sympa Menu

en - Re: [en@sympa] Pre-planning questions

Subject: The mailing list for listmasters using Sympa

List archive

Chronological Thread  
  • From: Benjamin Renard <address@concealed>
  • To: address@concealed
  • Subject: Re: [en@sympa] Pre-planning questions
  • Date: Wed, 10 Apr 2024 17:49:04 +0200


Le 10/04/2024 à 17:12, Chris Kay (via en Mailing List) a écrit :
Hello all!

I’ve been tasked with setting up Sympa as a POC in my company. Here are some specifics:

* Proofpoint is our spam/malware gateway
* Office 365/Exchange Online is our mail service; we already have a
bunch of DLs, M365 groups, etc.
* Okta is our IDP

Here’s what I’d like to accomplish:

* Login does not require being on VPN, but does prompt user for Okta
* We’ll use subdomain like and point MX to

Here are a few questions:

* How do I nest EXO/M365 groups in Sympa lists? Just use email address
and make sure it is able to accept external email?

* How do I integrate Sympa lists into our Global Address List (GAL)?
* Anyone have experience using Okta, perhaps with CAS?
I don't use Okta but I integrated CAS with different CAS & SAML IDPs :

* for CAS authentication handle by Sympa, you will need an extra LDAP server too (to retrieve user's email address from his login). If you have one, just use the CAS built-in support :

* To use SAML, we use an authentication handle by Apache2 & its mod_mellon. With authentication handle by Apache, you could use the generic_sso module :

Here a working example for a SAML authentication that return an "mail" attribute :

auth_service_name My SSO
service_name My SSO
service_id my_sso
http_header_list MELLON_mail
email_http_header MELLON_mail

* I’m pretty sure the Proofpoint workflow will work but does anyone
have experience with that setup?
Not specifically on that setup, but what you want to do is pretty a standard setup for us.


PS: be sure to configure SPF & DKIM on your setup & sympa's mail domain.

Benjamin Renard - Easter-eggs
44-46 rue de l'Ouest - 75014 Paris - France - Métro Gaité
Phone: +33 (0) 1 43 35 00 37 - mailto:address@concealed

Archive powered by MHonArc 2.6.19+.

Top of Page