Hello,
I would like to use this combination of software
(dbmail+mysql+openldap+sendmail), but interface (dbmail+ldap) doesn't
work as I expected.
Dbmail without ldap works fine, so dbmail connection to sendmail and
relaying are ok, as well as connection to mysql database.
I have tested ldapsearch utility on the system, where dbmail is
installed, and it works. Thus all components works.
Openldap use two extra schemas: dbmail.schema and usi.schema. Second
named schema is my work. It contains implementation specific attributes
and other attributes,
that arenĀ“t implemented in dbmail, but I consider them to be important
(if this could be implemented in any future version of dbmail, it will
be cool):
popEnable, imapEnable, smtpEnable - some users could have ban to some
services (exmple: smtpEnable=no is the way, how can I forbid smtp
service to target user). Its somethig like 'filter' provided by majority
aplications with ldap connector. My future vision is attribute
POP_FILTER (IMAP_FILTER, SMTP_FILTER, ...) in [LDAP] section in
dbmail.conf, which can I set to any leaf node of ldap tree like:
POP_FILTER = "smtpEnable=no".
mailSmtpQuota - spam is all around us, I need a way, how can I limit the
number of outgoing emails per day (I could do through sendmail
capabilities, but more eligant could be direct configuration in dbmail)
Now where is my problem with ldap:
Ldap contains records like this:
# 49378, users, usi.vutbr.cz
dn: uid=49378,ou=users,dc=usi,dc=vutbr,dc=cz
objectClass: usi
objectClass: dbmailUser
objectClass: top
cn: Ing. Pavel Kislinger
sn: Kislinger
uid: 49378
mail: [EMAIL PROTECTED]
vutId: 49378
vutPin: 199ecd
vutLogin: xkisli01
gidNumber: 49478
givenName: Pavel
mailQuota: 20000
popEnable: yes
uidNumber: 49478
imapEnable: yes
smtpEnable: yes
deliveryMode: normal
accountStatus: active
mailSmtpQuota: 50
mailAlternateAddress: [EMAIL PROTECTED]
mailAlternateAddress: [EMAIL PROTECTED]
mailAlternateAddress: [EMAIL PROTECTED]
...
dbmail.conf (the most important part is below [LDAP]) :
# (c) 2000-2006 IC&S, The Netherlands
#
# Configuration file for DBMAIL
[DBMAIL]
driver = mysql
authdriver = ldap
host = printer.kn.vutbr.cz
sqlport = 3306
sqlsocket =
user = dbmail
pass = dbmail
db = dbmail
table_prefix = dbmail_
encoding = utf8
default_msg_encoding = utf8
#postmaster = DBMAIL-MAILER
sendmail = /usr/sbin/sendmail
TRACE_SYSLOG = 3
TRACE_STDERR = 1
EFFECTIVE_USER = dbmail
EFFECTIVE_GROUP = dbmail
BINDIP = *
NCHILDREN = 2
MAXCHILDREN = 10
MINSPARECHILDREN = 2
MAXSPARECHILDREN = 4
MAXCONNECTS = 10000
MAX_ERRORS = 500
TIMEOUT = 300
login_timeout = 60
RESOLVE_IP = no
logfile = /var/log/dbmail.log
errorlog = /var/log/dbmail.err
pid_directory = /var/run
state_directory = /var/run
[SMTP]
[LMTP]
PORT = 24
[POP]
PORT = 110
POP_BEFORE_SMTP = no
[IMAP]
PORT = 143
TIMEOUT = 4000
IMAP_BEFORE_SMTP = no
[SIEVE]
PORT = 2000
[LDAP]
PORT = 389
VERSION = 3
HOSTNAME = printer.kn.vutbr.cz
BASE_DN = ou=users,dc=usi,dc=vutbr,dc=cz
BIND_DN =
BIND_PW =
SCOPE = SubTree
USER_OBJECTCLASS = top,usi,dbmailUser
FORW_OBJECTCLASS = top,usi,dbmailForwardingAddress
CN_STRING = cn
FIELD_PASSWD = vutPin
FIELD_UID = vutId
FIELD_NID = uidNumber
MIN_NID = 100
MAX_NID = 15000
FIELD_CID = gidNumber
MIN_CID = 100
MAX_CID = 15000
FIELD_MAIL = mailAlternateAddress
FIELD_QUOTA = mailQuota
FIELD_FWDTARGET = mailForwardingAddress
[DELIVERY]
SIEVE = yes
SUBADDRESS = yes
SIEVE_VACATION = yes
SIEVE_NOTIFY = yes
SIEVE_DEBUG = no
AUTO_NOTIFY = no
AUTO_REPLY = no
#AUTO_NOTIFY_SUBJECT =
#AUTO_NOTIFY_SENDER =
suppress_duplicates = no
command "dbmail-users -l " returns:
-- users --
54120:x:54220:54220:0.02:0.00:[EMAIL PROTECTED]
14689:x:14789:14789:0.02:0.00:[EMAIL PROTECTED]
49378:x:49478:49478:0.02:0.00:[EMAIL PROTECTED]
...
-- forwards --
If I want to connect to imap/pop server through thunderbird I get
'rejected'.
(/var/log/maillog):
May 28 11:11:50 kn dbmail/imap4d[62214]: Message:[serverchild]
serverchild.c,PerformChildTask(+349): incoming connection from
[147.229.202.76] by pid [62214]
May 28 11:11:55 kn dbmail/imap4d[62214]: Error:[auth]
authldap.c,auth_validate(+1274): ldap_bind_s failed: Invalid credentials
May 28 11:11:55 kn dbmail/imap4d[62214]: Message:[imapsession]
dbmail-imapsession.c,dbmail_imap_session_handle_auth(+1623): user (id:0,
name 49378) tries login
May 28 11:11:57 kn dbmail/imap4d[62214]: Message:[imapsession]
dbmail-imapsession.c,dbmail_imap_session_handle_auth(+1637): user (name
49378) coming from [147.229.202.76] login rejected
May 28 11:11:57 kn dbmail/imap4d[62214]: Error:[auth]
authldap.c,auth_validate(+1274): ldap_bind_s failed: Invalid credentials
May 28 11:11:57 kn dbmail/imap4d[62214]: Message:[imapsession]
dbmail-imapsession.c,dbmail_imap_session_handle_auth(+1623): user (id:0,
name 49378) tries login
May 28 11:11:59 kn dbmail/imap4d[62214]: Message:[imapsession]
dbmail-imapsession.c,dbmail_imap_session_handle_auth(+1637): user (name
49378) coming from [147.229.202.76] login rejected
(/var/log/dbmail.log):
May 28 11:11:55 kn.vutbr.net dbmail-imapd[62214]: Error:[auth]
authldap.c,auth_validate(+1274): ldap_bind_s failed: Invalid credentials
May 28 11:11:57 kn.vutbr.net dbmail-imapd[62214]: Error:[auth]
authldap.c,auth_validate(+1274): ldap_bind_s failed: Invalid credentials
Any Ideas?
Next problem, how can I announce to dbmail, which aliases and forwards
user have (I mean, standard dbmail.schema isn't implemented completly in
dbmail).
Is connection from ldap to dbmail for deliveryMode, accountStatus,
mailAlternateAddress implemented?
Pavel
#
# usi schema
#
# Developed by Pavel Kislinger <[EMAIL PROTECTED]>
#
# This schema depends on:
# - core.schema
# - cosine.schema
# - nis.schema
# - dbmail.schema
#
# This schema conflicts with
# - qmailuser.schema
#attributetype ( 1.2.6.1.4.1.29959.1.1.1 NAME 'userPasswordMD5'
# DESC 'RFC2256/2307: password of user'
# EQUALITY octetStringMatch
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} )
#attributetype ( 1.2.6.1.4.1.29959.1.1.2 NAME 'userPasswordSHA1'
# DESC 'RFC2256/2307: password of user'
# EQUALITY octetStringMatch
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} )
attributetype ( 1.3.6.1.4.1.29959.1.1.1 NAME 'vutHeslo'
DESC 'RFC2256/2307: password of user'
EQUALITY octetStringMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} SINGLE-VALUE)
attributetype ( 1.3.6.1.4.1.29959.1.1.2 NAME 'vutPin'
DESC 'RFC2256/2307: password of user'
EQUALITY octetStringMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.40{128} SINGLE-VALUE)
attributetype ( 1.3.6.1.4.1.29959.1.1.3 NAME 'vutLogin'
DESC 'Timestamp of the last password update'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.29959.1.1.4 NAME 'vutId'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.29959.1.1.5 NAME 'lastLogin'
DESC 'Timestamp of the last login'
EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.29959.1.1.6 NAME 'vutUpdate'
DESC 'Timestamp of the last user record update'
EQUALITY integerMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.29959.1.1.7 NAME 'mailSmtpQuota'
DESC 'Count of emails could by send per day'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.44
SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.29959.1.1.8 NAME 'smtpEnable'
DESC 'Enable to use smtp server: yes, no'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.29959.1.1.9 NAME 'popEnable'
DESC 'Is user authorized to send emails thouhg smtp server:
yes, no'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.29959.1.1.10 NAME 'imapEnable'
DESC 'Is user authorized to send emails thouhg smtp server:
yes, no'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 SINGLE-VALUE )
#attributetype ( 1.3.6.1.4.1.29959.1.1.11 NAME 'usiName'
# DESC 'RFC2798: preferred name to be used when displaying entries'
# EQUALITY caseIgnoreMatch
# SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
# SINGLE-VALUE )
# Object Class Definitions
objectclass ( 1.3.6.1.4.1.29959.1.2.1
NAME 'usi'
DESC 'ustav soudniho izenyrstvi'
SUP top STRUCTURAL
MUST ( uid $ givenName $ cn $ sn $ vutLogin $ vutPin $ vutId $ mail )
MAY ( smtpEnable $ popEnable $ imapEnable $ vutUpdate $ lastLogin $
vutHeslo $ mailForwardingAddress $ mailAlternateAddress $ mailQuota $
mailSmtpQuota $ deliveryMode $ accountStatus ))
#
# dbmail-ldap v3 directory schema
#
# Based on the Qmail schema
# Modified for dbmail by Paul Stevens <[EMAIL PROTECTED]>
# Modified for dbmail by Lars Kneschke <[EMAIL PROTECTED]> too
#
# This schema depends on:
# - core.schema
# - cosine.schema
# - nis.schema
#
# This schema conflicts with
# - qmailuser.schema
# Attribute Type Definitions
attributetype ( 1.3.6.1.4.1.12340.6.2.1.1 NAME 'mailQuota'
DESC 'The amount of space the user can use until all further
messages get bounced.'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.44
SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.12340.6.2.1.2 NAME 'mailForwardingAddress'
DESC 'Address(es) to forward all incoming messages to.'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.4.1.12340.6.2.1.3 NAME 'mailHost'
DESC 'Name or address of the MTA host to use for recipient'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.4.1.12340.6.2.1.4 name 'mailDomain'
desc 'name of a email domain'
equality caseignoreia5match
syntax 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.4.1.12340.6.2.1.5 name 'mailCluster'
desc 'name of address of the Dbmail cluster'
equality caseignoreia5match
syntax 1.3.6.1.4.1.1466.115.121.1.26 )
attributetype ( 1.3.6.1.4.1.12340.6.2.1.6 NAME 'dbmailUID'
DESC 'UID of the user on the mailsystem'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.12340.6.2.1.7 NAME 'dbmailGID'
DESC 'GID of the user on the mailsystem'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.12340.6.2.1.8 NAME 'mailAlternateAddress'
DESC 'Secondary (alias) mailaddresses for the same user'
EQUALITY caseIgnoreIA5Match
SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} )
attributetype ( 1.3.6.1.4.1.12340.6.2.1.9 NAME 'deliveryMode'
DESC 'multi field entries of: normal, forwardonly'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 SINGLE-VALUE )
attributetype ( 1.3.6.1.4.1.12340.6.2.1.10 NAME 'accountStatus'
DESC 'The status of a user account: active, disabled'
EQUALITY caseIgnoreMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 SINGLE-VALUE )
# Object Class Definitions
objectclass ( 1.3.6.1.4.1.12340.6.2.2.1 NAME 'dbmailUser'
DESC 'DBMail-LDAP User' SUP top AUXILIARY
MUST ( uid $ mail )
MAY ( userPassword $ uidNumber $ gidNumber $ mailQuota $
mailForwardingAddress $ mailHost $
mailAlternateAddress $ dbmailUID $ dbmailGID $ deliveryMode $
accountStatus ) )
objectclass ( 1.3.6.1.4.1.12340.6.2.2.2 NAME 'dbmailForwardingAddress'
DESC 'DBMail-LDAP Forwarding Address' SUP top AUXILIARY
MUST ( mail $ mailForwardingAddress ) )
objectclass ( 1.3.6.1.4.1.12340.6.2.2.3 NAME 'dbmailDomain'
DESC 'DBMail-LDAP Virtual Domain' SUP top STRUCTURAL
MUST ( mailDomain )
MAY ( userPassword $ mailQuota $ mailForwardingAddress $
mailHost $ mailCluster ) )
_______________________________________________
DBmail mailing list
[email protected]
https://mailman.fastxs.nl/mailman/listinfo/dbmail
