Indeed, the user's are on the same distribution list (needed for signature/disclaimer-software). I will try to get an email-header tomorrow from one of my collegues.
BR, Christian Christian Katterl Teamleader Technical IT Asamer Baustoffe AG Unterthalham Straße 2 4694 Ohlsdorf Austria tel +43 50 799 - 2511 mobile +43 664 811 54 99 [email protected] www.abag.at This message is confidential. It may not be disclosed to, or used by, anyone other than the addressee. If you receive this message by mistake, please advise the sender. Firmenbuch: Landesgericht Wels, FN: 407726y, ATU 68646334 -----Ursprüngliche Nachricht----- Von: [email protected] [mailto:[email protected]] Gesendet: Sonntag, 26. November 2017 17:56 An: Piler User Betreff: Re: AW: LDAP Users can see other's mails Hmm, it's odd. Even if a user is member of a group with other users which is totally normal a user still shouldn't see others' emails. Some of the addresses look like some distribution lists. Can you show me such a message you can see and meant for someone else? I'm interested the headers only. (You may send it privately to my address). The selected messages should not belong to any distribution list you are on. Janos On 2017-11-23 12:09, Katterl Christian wrote: > It seems that i can see all messages of members of the same ad-groups. > > > In my case, piler would not need to take care of groups….. > > VON: Janos SUTO [mailto:[email protected]] > GESENDET: Donnerstag, 23. November 2017 09:45 > AN: Piler User > BETREFF: Re: LDAP Users can see other's mails > > Show me the sphinx query from the mail log related to the given user. > > Janos > > ------------------------- > > FROM: Katterl Christian > SENT: Thu Nov 23 07:35:19 GMT+01:00 2017 > TO: "[email protected]" > SUBJECT: LDAP Users can see other's mails > > Dear all, > > i configured piler (1.3.1) on Debian (9) using LDAP authentication > against Active Directory. > > Basically, authentication works. > > BUT: > > Successfully logged in users cannot only see their own mails, but also > mails of other users? > > My ldap-config from config-site.php looks like this: > > $config['ENABLE_LDAP_AUTH'] = 1; > > $config['LDAP_HOST'] = 'mydomaincontroller.mydomain.myforest.tld'; > > $config['LDAP_HELPER_DN'] = > 'CN=pilerldap,OU=ServicesAccounts,DC=mydomain,DC=myforest,DC=tld'; > > $config['LDAP_HELPER_PASSWORD'] = 'highpressurecompressor'; > > $config['LDAP_MAIL_ATTR'] = 'mail'; > > $config['LDAP_ACCOUNT_OBJECTCLASS'] = 'user'; > > $config['LDAP_DISTRIBUTIONLIST_OBJECTCLASS'] = 'group'; > > $config['LDAP_DISTRIBUTIONLIST_ATTR'] = 'member'; > > $config['LDAP_BASE_DN'] = DC=mydomain,DC=myforest,DC=tld; > > $config['LDAP_AUDITOR_MEMBER_DN'] = ''; > > $config['LDAP_ADMIN_MEMBER_DN'] = ''; > > Any ideas? > > BR, Christian > > CHRISTIAN KATTERL > Teamleader Technical IT > > ASAMER BAUSTOFFE AG > Unterthalham Straße 2 > 4694 Ohlsdorf > Austria > TEL +43 50 799 - 2511 > MOBILE +43 664 811 54 99 > EMAIL [email protected] > WWW.ABAG.AT [1] > > This message is confidential. It may not be disclosed to, or used by, > anyone other than the addressee. If you receive this message by > mistake, please advise the sender. > Firmenbuch: Landesgericht Wels, FN: 407726y, ATU 68646334 > > > > Links: > ------ > [1] https://www.abag.at
