On Thu, 16 Sep 2010, Nigel Wade wrote:
Thank you for your hlep.
I will use real names. I have simple LDAP base on one mail host
(not for all environment).
I had been following:
Router configuration
--------------------
dnslookup:
driver = dnslookup
[...]
userforward:
driver = redirect
[...]
system_aliases:
driver = redirect
allow_fail
allow_defer
data = ${lookup{$local_part}lsearch{/etc/exim4/aliases}}
# user = Debian-exim
file_transport = address_file
pipe_transport = address_pipe
(I have many complex aliases so I keep it in aliases file not LDAP)
localuser:
driver = accept
check_local_user
transport = local_delivery
cannot_route_message = Unknown user
Transport configuration
-----------------------
remote_smtp:
driver = smtp
local_delivery:
driver = appendfile
maildir_format = true
maildir_use_size_file
directory = ${home}/Maildir
create_directory
create_file = anywhere
directory_mode = 0700
delivery_date_add
envelope_to_add
return_path_add
address_pipe:
driver = pipe
return_output
address_file:
driver = appendfile
delivery_date_add
envelope_to_add
return_path_add
address_reply:
driver = autoreply
And LDAP Authentication
-----------------------
plain_plain:
driver = plaintext
public_name = PLAIN
server_condition = ${if ldapauth {user="uid=${quote_ldap:$2},
ou=people,dc=pam,dc=szczecin,dc=pl" pass="$3"
ldap://ara.pam.szczecin.pl/}{yes}{no}}
server_set_id = $2
login_server:
driver = plaintext
public_name = LOGIN
server_prompts = "Username:: : Password::"
server_condition = ${if ldapauth {user="uid=${quote_ldap:$1},
ou=people,dc=pam,dc=szczecin,dc=pl" pass="$2"
ldap://ara.pam.szczecin.pl/}{yes}{no}}
server_set_id = $1
+++++++++++++++
I wanted to define router and transport section for ldap user.
I changed following:
Main configuration:
UBASE = ou=people,dc=pam,dc=szczecin,dc=pl
ldap_default_servers = ara.pam.szczecin.pl::389
-----------------------------------------------
("ldap_default_servers = ara.pam.szczecin.pl" <- doesn't work)
Router configuration:
ldap_user:
debug_print = "R: ldap_user for $local_p...@$domain"
driver = accept
domains = +local_domains
condition = ${lookup
ldap{ldap:///UBASE?uid?sub?(uid=${quote_ldap:$local_part})}{$value}}
transport = local_delivery
--------------------------
cannot_route_message = Unknown user
Transport configuration:
local_delivery:
---------------
debug_print = "T: local_delivery for $local_p...@$domain"
driver = appendfile
directory = $home/Maildir
create_directory
create_file = anywhere
delivery_date_add
envelope_to_add
return_path_add
maildir_format
directory_mode = 0700
mode = 0660
mode_fail_narrower = false
group = Debian-exim
It's fine. Exim find LDAP user but it can't deliver message:
[email protected] R=ldap_user T=local_delivery defer (13):
Permission denied: cannot create /Maildir
-----------------------------------------
Why "/Maildir"?
---------------
14:36:05 14298 --------> [email protected] <--------
14:36:05 14298 locking /var/spool/exim4/db/retry.lockfile
14:36:05 14298 locked /var/spool/exim4/db/retry.lockfile
14:36:05 14298 EXIM_DBOPEN(/var/spool/exim4/db/retry)
14:36:05 14298 returned from EXIM_DBOPEN
14:36:05 14298 opened hints database /var/spool/exim4/db/retry:
flags=O_RDONLY
14:36:05 14298 dbfn_read: key=T:[email protected]
14:36:05 14298 retry record exists: age=26m33s (max 1w)
14:36:05 14298 time to retry = 33m27s expired = 0
14:36:05 14298 search_tidyup called
14:36:05 14299 changed uid/gid: local delivery to opr
<[email protected]> transport=local_delivery
14:36:05 14299 uid=100 gid=102 pid=14299
14:36:05 14299 auxiliary group list: <none>
14:36:05 14299 home=NULL current=/
14:36:05 14299 set_process_info: 14299 delivering 1OwDh7-0003ia-4O to opr
using local_delivery
14:36:05 14299 expanding: T: local_delivery for $local_p...@$domain
14:36:05 14299 result: T: local_delivery for [email protected]
14:36:05 14299 T: local_delivery for [email protected]
14:36:05 14299 appendfile transport entered
14:36:05 14299 expanding: $home/Maildir
14:36:05 14299 result: /Maildir
----------------------------------
14:36:05 14299 appendfile: mode=660 notify_comsat=0 quota=0 warning=0
14:36:05 14299 directory=/Maildir format=maildir
14:36:05 14299 message_prefix=null
14:36:05 14299 message_suffix=null
14:36:05 14299 maildir_use_size_file=no
14:36:05 14299 ensuring maildir directories exist in /Maildir
14:36:05 14299 search_tidyup called
14:36:05 14298 local_delivery transport returned DEFER for
[email protected]
14:36:05 14298 added retry item for T:[email protected]: errno=13
more_errno=0 flags=0
14:36:05 14298 post-process [email protected] (1)
14:36:05 14298 LOG: MAIN
14:36:05 14298 == [email protected] R=ldap_user T=local_delivery
defer (13): Permission denied: cannot create /Maildir
ara:~# ls -l /home/prac/sec/opr/Maildir
total 48
drwx------ 2 opr sec 4096 2010-09-04 05:30 cur
drwx------ 2 opr sec 4096 2010-09-16 12:04 new
-----------------------------------------------
-rw------- 1 opr sec 31374 2010-09-16 12:04 procmail.log
-rw------- 1 opr sec 25 2010-09-04 05:30 subscriptions
drwx------ 2 opr sec 4096 2010-09-16 12:04 tmp
How Exim define "$home/Maildir" variable?
It is not "$HOME/Maildir" ("/home/prac/sec/opr/Maildir")?
Regards
Slawomir Stanczak
--
## List details at http://lists.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://wiki.exim.org/
