Pavel Kislinger wrote:
Hello,
I would like to use this combination of software
(dbmail+mysql+openldap+sendmail), but interface (dbmail+ldap) doesn't
work as I expected.
Dbmail without ldap works fine, so dbmail connection to sendmail and
relaying are ok, as well as connection to mysql database.
I have tested ldapsearch utility on the system, where dbmail is
installed, and it works. Thus all components works.
Can you bind to ldap with ldapsearch using the dn and the password in the vutPin
field? I'm quite sure it can't be done. As far as I know Openldap will always
try to bind using the DN plus the userPassword field. The FIELD_PASSWD option is
only used by dbmail when creating a user of updating a password. Since the exact
field used is different for openldap or active directory it is configurable. But
you cannot specify random fields at will.
Openldap use two extra schemas: dbmail.schema and usi.schema. Second
named schema is my work. It contains implementation specific attributes
and other attributes,
that arenĀ“t implemented in dbmail, but I consider them to be important
(if this could be implemented in any future version of dbmail, it will
be cool):
popEnable, imapEnable, smtpEnable - some users could have ban to some
services (exmple: smtpEnable=no is the way, how can I forbid smtp
service to target user). Its somethig like 'filter' provided by majority
aplications with ldap connector. My future vision is attribute
POP_FILTER (IMAP_FILTER, SMTP_FILTER, ...) in [LDAP] section in
dbmail.conf, which can I set to any leaf node of ldap tree like:
POP_FILTER = "smtpEnable=no"
It would be nice to implement popEnable and imapEnable, but you can already use
perdition to do it. That is - apart form the SMTP_FILTER part, because dbmail
aint another smtp server.
Of course, supporting pop/imapEnable in authldap would require a similar
functionality in authsql (which is already there as dbmail_usermap, but without
the management through dbmail-user). So dbmail_usermap would be a good model.
mailSmtpQuota - spam is all around us, I need a way, how can I limit the
number of outgoing emails per day (I could do through sendmail
capabilities, but more eligant could be direct configuration in dbmail)
Again, dbmail doesn't do smtp so why would you expect something like that? Let's
keep things related smtp in the mta, please. Customized schema are perfectly
valid after all. And dbmail is not and will never be a full featured ldap
management tool. Not on my watch anyway.
# 49378, users, usi.vutbr.cz
dn: uid=49378,ou=users,dc=usi,dc=vutbr,dc=cz
objectClass: usi
objectClass: dbmailUser
objectClass: top
cn: Ing. Pavel Kislinger
sn: Kislinger
uid: 49378
mail: [EMAIL PROTECTED]
vutId: 49378
vutPin: 199ecd
bingo. This doesn't look like a valid rfc2307 encoded password at all. And of
course, only userPassword can be used to store authentication tokens.
May 28 11:11:55 kn dbmail/imap4d[62214]: Error:[auth]
authldap.c,auth_validate(+1274): ldap_bind_s failed: Invalid credentials
which explains the failure to authenticate.
Next problem, how can I announce to dbmail, which aliases and forwards
user have (I mean, standard dbmail.schema isn't implemented completly in
dbmail).
In your case dbmail-user reported:
49378:x:49478:49478:0.02:0.00:[EMAIL PROTECTED]
which is strange because [EMAIL PROTECTED] is in the mail attribute whereas
your config specified mailAlternateAddress as FIELD_MAIL.
I would have to see a level 5 log to tell you more.
Is connection from ldap to dbmail for deliveryMode, accountStatus,
mailAlternateAddress implemented?
I have no idea what you mean by the first two, and the last one should work just
fine.
However, why use mailAlternateAddress rather than mail? I always add additional
'mail' attributes to a user to specify additional aliases.
