Eu tive algum problema com os arquivos de configuração Dovecot / Postfix / LDAP / SASL:
A consulta LDAP, o SASL configura seu trabalho mas meu problema é o postfix e o dovecot:
Quando eu fizer login pela primeira vez, o outlook / thunderbird / etc .. ele cria a pasta username sob o / var / mail, se eu tentar enviar um e-mail com a pasta make username @ domain.
Eu espero que você possa me ajudar.
Obrigado
Configuração do dovecot:
auth_gssapi_hostname = oc.test.comp.com
auth_krb5_keytab = /etc/krb5.keytab
auth_mechanisms = plain gssapi
first_valid_gid = 100
first_valid_uid = 100
mail_gid = vmail
mail_location = maildir:/var/mail/%u/Maildir
mail_privileged_group = mail
mail_uid = vmail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave
namespace {
inbox = yes
location =
prefix =
separator = /
type = private
}
namespace {
list = children
location = maildir:/var/mail/%%u:INDEX=/var/mail/%u/shared/%%u
prefix = shared/%%u/
separator = /
type = shared
}
passdb {
args = /etc/dovecot/dovecot-ldap.conf
driver = ldap
}
passdb {
args = /etc/dovecot/dovecot-sql.conf
driver = sql
}
plugin {
sieve = ~/.dovecot.sieve
sieve_dir = ~/sieve
}
protocols = imap lmtp sieve pop3
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0666
user = postfix
}
}
ssl = required
ssl_cert = </etc/ssl/mail/oc.test.comp.com.crt
ssl_key = </etc/ssl/mail/oc.test.comp.com.key
userdb {
args = uid=106 gid=114 home=/var/mail/%u allow_all_users=yes
driver = static
}
Dovecot Ldap:
/etc/dovecot/dovecot-ldap.conf
hosts = 127.0.0.1:389 10.24.25.244:389
dn = cn=dovecot,cn=users,dc=test,dc=comp,dc=com
dnpass = ******
auth_bind = yes
tls = no
deref = never
ldap_version = 3
base = cn=users,dc=test,dc=comp,dc=com
scope = subtree
user_attrs = =home=/var/mail,=mail=maildir:/var/mail/%n/Maildir,=uid=106,=gid=114,maxStorage=quota_rule=*:storage=%$M,=quota_rule2=Trash:storage=+100M
user_filter = (&(|(mail=%u)(uid=%u))(objectClass=user)(!(userAccountControl=514)))
pass_attrs = uid=user
pass_filter = (&(|(mail=%u)(uid=%u))(objectClass=user)(!(userAccountControl=514)))
Faq do Dovecot-sql:
/etc/dovecot/dovecot-sql.conf:
driver = sqlite
connect = /tmp/dovecot.fake.sqlite
default_pass_scheme =PLAIN
password_query = SELECT '%u' AS user, '*****' AS password
Postfix main.cf:
smtpd_banner = $myhostname ESMTP ePigeon (SOGo)
biff = no
append_dot_mydomain = no
readme_directory = no
# SASL parameters
# ---------------------------------
# Enable SASL (required for SMTP authentication)
smtpd_sasl_local_domain = oc.test.comp.com
smtpd_sasl_type = dovecot
queue_directory = /var/spool/postfix
smtpd_sasl_path = private/auth
# Enable SASL for Outlook-Clients as well
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
#smtpd_sasl_local_domain =
smtpd_sasl_authenticated_header = yes
### TLS ###
smtpd_use_tls = yes
smtpd_tls_cert_file = /etc/ssl/mail/oc.test.comp.com.crt
smtpd_tls_key_file = /etc/ssl/mail/oc.test.comp.com.key
smtpd_tls_CAfile = /etc/ssl/mail/comp_root_CA.crt
smtpd_tls_session_cache_database = btree:/var/lib/postfix/smtpd_session_cache
smtpd_tls_dh512_param_file = ${config_directory}/certs/dh_512.pem
smtpd_tls_dh1024_param_file = ${config_directory}/certs/dh_1024.pem
smtpd_tls_security_level = may
smtpd_tls_auth_only = yes
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
dovecot_destination_recipient_limit = 1
virtual_mailbox_domains = test.comp.com
virtual_transport = dovecot
myhostname = oc
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = localhost
mynetworks = 127.0.0.0/23 10.24.0.0/23
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
smtpd_recipient_restrictions =
reject_non_fqdn_recipient
reject_unknown_recipient_domain
reject_unauth_destination
permit_sasl_authenticated
permit_mynetworks
permit
smtpd_sender_restrictions =
reject_non_fqdn_sender
reject_unknown_sender_domain
mailbox_command =
smtp_use_tls = no
smtpd_tls_received_header = no
smtpd_tls_mandatory_protocols = SSLv3, TLSv1
smtpd_tls_mandatory_ciphers = medium
tls_random_source = dev:/dev/urandom
smtpd_sender_login_maps = proxy:ldap:/etc/postfix/ad_sender_login_maps.cf
virtual_mailbox_maps = proxy:ldap:/etc/postfix/ad_virtual_mailbox_maps.cf
virtual_alias_maps = proxy:ldap:/etc/postfix/ad_virtual_group_maps.cf
A consulta ldap, deixei o formulário de login.
/etc/postfix/ad_sender_login_maps.cf
.... etc....
# Filter
query_filter = (&(userPrincipalName=%s)(objectClass=person)(!(userAccountControl:1.2.840.11355$
result_attribute= userPrincipalName
debuglevel = 0
/etc/postfix/ad_virtual_mailbox_maps.cf
...etc...
# Filter
query_filter = (&(objectclass=person)(userPrincipalName=%s))
result_attribute= userPrincipalName
result_format = %u/Maildir/
debuglevel = 0
/etc/postfix/ad_virtual_group_maps.cf
...etc...
# Filter
query_filter = (&(objectClass=group)(mail=%s))
special_result_attribute = member
#leaf_result_attribute = mail
result_attribute= userPrincipalName
debuglevel = 0
Os resultados:
sudo postmap -q [email protected] ldap: /etc/postfix/ad_virtual_mailbox_maps.cf
elso / Maildir /
sudo postmap -q [email protected] ldap:/etc/postfix/ad_sender_login_maps.cf
[email protected]
postfix master.conf:
master.cf:
smtp inet n - - - - smtpd
smtps inet n - n - - smtpd
-o syslog_name=postfix/smtps
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
pickup unix n - - 60 1 pickup
cleanup unix n - - - 0 cleanup
qmgr unix n - n 300 1 qmgr
tlsmgr unix - - - 1000? 1 tlsmgr
rewrite unix - - - - - trivial-rewrite
bounce unix - - - - 0 bounce
defer unix - - - - 0 bounce
trace unix - - - - 0 bounce
verify unix - - - - 1 verify
flush unix n - - 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - - - - smtp
relay unix - - - - - smtp
showq unix n - - - - showq
error unix - - - - - error
retry unix - - - - - error
discard unix - - - - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - - - - lmtp
anvil unix - - - - 1 anvil
scache unix - - - - 1 scache
maildrop unix - n n - - pipe
flags=DRcom user=vmail argv=/usr/bin/maildrop -d ${recipient}
uucp unix - n n - - pipe
flags=Fqcom user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender $recipient
scalemail-backend unix - n n - 2 pipe
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store ${nexthop} ${user} ${extension}
mailman unix - n n - - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user}
dovecot unix - n n - - pipe
flags=ODRcom user=vmail:vmail argv=/usr/lib/dovecot/deliver -e -f ${sender} -d ${recipient}