Loading ...
Sorry, an error occurred while loading the content.

Re: SMTP Authentication for users from LDAP?

Expand Messages
  • Jose Alberto
    Check the modules pam /etc/pam.d/ common-session -auth -password -account ... -- Jose Alberto Pertuz GNU-Linux user #452473 Caracas,Venezuela 58+414+1279657
    Message 1 of 3 , Sep 28, 2009
    • 0 Attachment
      Check the modules pam

      /etc/pam.d/

      common-session
      -auth
      -password
      -account


      2009/9/28 Mala Dibbs <griori-mala@...>:
      > Hi
      >
      > I'm trying to setup openLDAP, postfix and dovecot as a mailserver for users
      > stored in the LDAP directory. I followed the following tutorials:
      >
      > https://help.ubuntu.com/community/Postfix
      > https://help.ubuntu.com/community/PostfixDovecotSASL
      > https://help.ubuntu.com/community/Postfix/DovecotLDAP
      >
      > Now I'm trying to authenticate with an user from the LDAP on smtp. But AUTH
      > PLAIN {base64:\000hans@...\000password} returns an error (535
      > authorization failed).
      >
      >> postconf -n
      > alias_database = hash:/etc/aliases
      > alias_maps = hash:/etc/aliases
      > append_dot_mydomain = no
      > biff = no
      > broken_sasl_auth_clients = yes
      > config_directory = /etc/postfix
      > home_mailbox = Maildir/
      > inet_interfaces = all
      > inet_protocols = all
      > mailbox_command = /usr/lib/dovecot/deliver
      > mailbox_size_limit = 524288000
      > mailbox_transport = dovecot
      > mydestination = peter.com, peter.intranet.lan, localhost
      > myhostname = peter.com
      > mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
      > myorigin = /etc/mailname
      > readme_directory = no
      > recipient_delimiter = +
      > relayhost =
      > smtp_tls_note_starttls_offer = yes
      > smtp_tls_security_level = may
      > smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
      > smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
      > smtpd_recipient_restrictions =
      > permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
      > smtpd_sasl_auth_enable = yes
      > smtpd_sasl_local_domain =
      > smtpd_sasl_path = private/auth-client
      > smtpd_sasl_security_options = noanonymous
      > smtpd_sasl_type = dovecot
      > smtpd_sender_login_maps = ldap:/etc/postfix/ldap_senders.cf
      > smtpd_tls_CAfile = /etc/ssl/certs/cacert.pem
      > smtpd_tls_auth_only = no
      > smtpd_tls_cert_file = /etc/ssl/certs/smtpd.crt
      > smtpd_tls_key_file = /etc/ssl/private/smtpd.key
      > smtpd_tls_loglevel = 1
      > smtpd_tls_received_header = yes
      > smtpd_tls_security_level = may
      > smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
      > smtpd_tls_session_cache_timeout = 3600s
      > smtpd_use_tls = yes
      > tls_random_source = dev:/dev/urandom
      > virtual_alias_maps = hash:/etc/postfix/virtual
      > ldap:/etc/postfix/ldap_virtual_users.cf
      > virtual_transport = dovecot
      >
      >> ldap_virtual_users.cf
      > server_host = ldap://localhost
      > search_base = ou=people,dc=peter,dc=com
      > bind = no
      > query_filter = (&(objectclass=posixAccount)(|(mail=%s)))
      > result_attribute = mail
      > domain = peter.com
      >
      >> ldap_senders.cf
      > server_host = ldap://localhost
      > search_base = ou=people,dc=peter,dc=com
      > bind = no
      > query_filter = (&(objectclass=posixAccount)(|(mail=%s)))
      > result_attribute = uid
      > domain = peter.com
      >
      > The LDAP users and groups are not mapped to the system accounts (so e.g. ssh
      > login is not possible with an LDAP user, because that's how I want it).
      > Does anyone see the problem right away? How can I narrow down the problem?
      >
      > postmap ldap_senders yields the uid (e.g p-hans) to a certain mail address
      > (p.hans@...).
      >
      > The ldap users Mailboxes are stored in /home/vmail/%uid/Maildir. Is it a
      > problem if this directory/Maildir does not exist and this user wants to send
      > an Email.
      > Where can I configure postfix to use /home/vmail as homebase for user-dirs
      > instead of /home?
      >
      > And just to get this straight: Postfix can be used by people to send mail to
      > the internet (e.g. *to* an AOL account) but it is also responsible to place
      > mail from the internet (e.g. *from* an AOL account) into the right directory
      > on the local filesystem. Is this correct?
      >
      >
      > Regards, Mala
      >
      >



      --
      Jose Alberto Pertuz
      GNU-Linux user #452473
      Caracas,Venezuela
      58+414+1279657
    Your message has been successfully submitted and would be delivered to recipients shortly.