Atif Ghaffar wrote:
>
> If I can use "." in mailbox then I can create mailboxes as
> [EMAIL PROTECTED] which is cool so users can authentify as [EMAIL PROTECTED]
> which is more userfriendly than user_domain_tld (I have no idea why).
>
> Now the problem is that I dont know how to route mail to this mailbox.
> We are using LDAP to lookup users and maildrops. We use a number a
> mailbox servers (imap servers) and a route mails over SMTP.
[ snip ]
As you have noticed, you cannot have a '@' character in the name
of the destination mailbox because that is interpreted as an email
address. This means that with or without the patch to substitute
the '.' character, something else needs to be done.
One solution I have found is to patch cyrus-imapd to "canonify"
the login name which looks like an email address to a mailbox.
For example, consider the following lines in /etc/imapd.conf:
# IMAP configs for LDAP
imap_ldap_search_base: o=internet
imap_ldap_server_host: localhost
imap_ldap_server_port: 389
imap_ldap_query_filter: (&(uid=%s)(objectClass=spUser))
imap_ldap_result_attribute: mailFolderMap
So when a user logins as "[EMAIL PROTECTED]", it searches for that
uid which is also an objectClass "spUser" and returns the
mailFolderMap. This last attribute contains the mailbox in
a cyrus-friendly format, such as "atif_4unet_net" for example.
Of course, the fun doesn't stop there because cyrus-sasl must
then authenticate the user. This is done with another patch
which allows for the following configurations again in
/etc/imapd.conf:
# SASL configs for LDAP
sasl_pwcheck_method: ldap
sasl_ldap_search_base: o=internet
sasl_ldap_server_host: localhost
sasl_ldap_server_port: 389
sasl_ldap_query_filter: (&(mailfoldermap=%s)(objectClass=spUser))
sasl_ldap_result_attribute: dn
So the mailbox entry is then returned from the LDAP directory,
the dn retrieved, and a bind is attempted using the password
from the login.
I will be releasing these two patches to the mailing list this
week, so stay tuned. Perhaps eventually these patches will find
their way into the cyrus code and will save us the trouble of
mucking around to get LDAP support.
Marc - Sitepak
