Hi, > - added some SSL and SASL configuration options to LDAP lookups setup > (based on a patch by Christian Roessner) - not fully tested;
first of all: Thanks so much for taking the time and looking at my patch. Currently I have a partial success: Jan 25 22:33:28 roessner1 slapd[1516]: conn=1083 fd=24 ACCEPT from IP=127.0.0.1:40148 (IP=0.0.0.0:389) Jan 25 22:33:28 roessner1 slapd[1516]: conn=1083 op=0 EXT oid=1.3.6.1.4.1.1466.20037 Jan 25 22:33:28 roessner1 slapd[1516]: conn=1083 op=0 STARTTLS Jan 25 22:33:28 roessner1 slapd[1516]: conn=1083 op=0 RESULT oid= err=0 text= Jan 25 22:33:28 roessner1 slapd[1516]: conn=1083 fd=24 TLS established tls_ssf=128 ssf=128Jan 25 22:33:28 roessner1 slapd[1516]: conn=1083 op=1 BIND dn="" method=163Jan 25 22:33:28 roessner1 slapd[1516]: conn=1083 op=1 BIND authcid="cn=mx1.roessner-net.de" authzid="cn=mx1.roessner-net.de" Jan 25 22:33:28 roessner1 slapd[1516]: conn=1083 op=1 BIND dn="cn=mail,ou=mail,ou=it,dc=roessner-net,dc=de" mech=EXTERNAL sasl_ssf=0 ssf=128 Jan 25 22:33:28 roessner1 slapd[1516]: conn=1083 op=1 RESULT tag=97 err=0 text= Jan 25 22:33:28 roessner1 slapd[1516]: conn=1083 op=2 SRCH base="ou=accounts,ou=remailer,dc=roessner-net,dc=de" scope=2 deref=0 filter="(&(objectClass=rnsMSPostfixAccount)(rnsMSRecipientAddress=fblan.de)(rnsMSEnablePostfix=TRUE))" Jan 25 22:33:28 roessner1 slapd[1516]: conn=1083 op=2 SRCH attr=rnsMSDeliverToAddress Jan 25 22:33:28 roessner1 slapd[1516]: conn=1083 op=2 SEARCH RESULT tag=101 err=0 nentries=0 text= Jan 25 22:33:28 roessner1 slapd[1516]: conn=1083 op=3 SRCH base="ou=accounts,ou=remailer,dc=roessner-net,dc=de" scope=2 deref=0 filter="(&(objectClass=rnsMSPost fixAccount)(rnsMSRecipientAddress=mailhiding.com)(rnsMSEnablePostfix=TRUE))" Jan 25 22:33:28 roessner1 slapd[1516]: conn=1083 op=3 SRCH attr=rnsMSDeliverToAddress Jan 25 22:33:28 roessner1 slapd[1516]: conn=1083 op=3 SEARCH RESULT tag=101 err=0 nentries=0 text= Jan 25 22:33:28 roessner1 slapd[1516]: conn=1083 op=4 SRCH base="ou=accounts,ou=remailer,dc=roessner-net,dc=de" scope=2 deref=0 filter="(&(objectClass=rnsMSPost fixAccount)(rnsMSRecipientAddress=j3o...@mailhiding.com)(rnsMSEnablePostfix=TRUE))"Jan 25 22:33:28 roessner1 slapd[1516]: conn=1083 op=4 SRCH attr=rnsMSDeliverToAddressJan 25 22:33:28 roessner1 slapd[1516]: conn=1083 op=4 SEARCH RESULT tag=101 err=0 nentries=1 text= Jan 25 22:33:28 roessner1 slapd[1516]: conn=1084 fd=25 ACCEPT from IP=127.0.0.1:40150 (IP=0.0.0.0:389) Jan 25 22:33:28 roessner1 slapd[1516]: conn=1084 op=0 EXT oid=1.3.6.1.4.1.1466.20037 Jan 25 22:33:28 roessner1 slapd[1516]: conn=1084 op=0 STARTTLS As you can see, it really binds with TLS and SASL/EXTERNAL. Perfect. And the last query returns an LDAP object (nentries=1), but for some reason amavisd makes some more connects after this one and get (32) No such object errors. Either something is wrong with my ACLs, I am investigating this right now, or something else ;-) I tell you later on. Christian --- Roessner-Network-Solutions Bachelor of Science Informatik Nahrungsberg 81, 35390 Gießen F: +49 641 5879091, M: +49 176 93118939 USt-IdNr.: DE225643613 http://www.roessner-network-solutions.com ------------------------------------------------------------------------------ Special Offer-- Download ArcSight Logger for FREE (a $49 USD value)! Finally, a world-class log management solution at an even better price-free! Download using promo code Free_Logger_4_Dev2Dev. Offer expires February 28th, so secure your free ArcSight Logger TODAY! http://p.sf.net/sfu/arcsight-sfd2d _______________________________________________ AMaViS-user mailing list AMaViS-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/amavis-user Please visit http://www.ijs.si/software/amavisd/ regularly For administrativa requests please send email to rainer at openantivirus dot org
