* Michael De Groote <[EMAIL PROTECTED]>:
> hi all
>
> I've setup ldap so local users and their corresponding samba parts are
> stored in it (well, the samba part still needs to be done, but that is on of
> the objectives, and i have that part already working on another machine), as
> well as mail information.
>
> mail info is stored in the ldap attribute 'mail'
>
> content of /etc/postfix/ldap-aliases.cf:
> server_host = 127.0.0.1
> server_port = 389
> search_base = ou=people,dc=smb,dc=internal
> #query_filter = (&(objectClass=gosaMailAccount)(mail=%s))
> query_filter = mail=%s
> result_attribute = mail
> version = 3
> bind = no
>
> doing a query with postmap -q [EMAIL PROTECTED] ldap:/etc/postfix/
> ldap-aliases.cf gives the expected behaviour, it returns
> [EMAIL PROTECTED]
Should be only "mytest".
[EMAIL PROTECTED]
>
> However, when sending a mail on the local machine to this user, using the
> following command
> -----------------------
> echo "To: [EMAIL PROTECTED]
> Subject: testje
> w00tz0r" |/usr/sbin/sendmail -t [EMAIL PROTECTED]
> ---------------
>
> i always get the following error:
> Aug 14 12:32:41 mmc-gosa postfix/local[5040]: 1A8443950C:
> to=<[EMAIL PROTECTED]>, relay=local, delay=0.1, delays=0.04/0.01/0/0.05,
> dsn=5.1.1, status=bounced (user unknown)
>
> when sending to a user that is NOT in the ldap tree, i get an error where
> the user name is specified as not found, (user unknown: 'mytest2')
>
> connections are being made to the ldap server (checked by looking at the
> logs, loglevel=1, and also by intentionally entering wrong connection
> parameters for the ldap connection, which makes the connection fail -- of
> course). The query that is shown in the log is different however from what i
> expected to see:
>
> Aug 14 12:39:49 mmc-gosa slapd[7706]: => send_search_entry: conn 5
> dn="cn=mytest mytest,ou=people,dc=smb,dc=internal"
> Aug 14 12:39:49 mmc-gosa slapd[7706]: <= send_search_entry: conn 5 exit.
>
> i would expect something like the filter specified in the ldap-aliases.cf ??
>
>
> below is my main.cf
>
> I'm out of ideas, i really don't know what is wrong...
>
> ---------------------------------
> # See /usr/share/postfix/main.cf.dist for a commented, more complete version
>
> smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
> biff = no
>
> # appending .domain is the MUA's job.
> append_dot_mydomain = yes
> append_at_myorigin = yes
>
> # Uncomment the next line to generate "delayed mail" warnings
> #delay_warning_time = 4h
>
> myhostname = mmc-gosa.smb.internal
> mydomain = smb.internal
> alias_maps = ldap:/etc/postfix/ldap-aliases.cf, hash:/etc/aliases
> #virtual_maps = ldap:/etc/postfix/ldap-aliases.cf
> alias_database = hash:/etc/aliases
> myorigin = /etc/mailname
> mydestination = smb.internal,localhost.localdomain,localhost
> mailbox_command = /usr/lib/dovecot/deliver -d "$USER"@"$DOMAIN"
> relayhost = smtp.scarlet.be
> mynetworks = 127.0.0.0/8
> mailbox_size_limit = 0
> recipient_delimiter = +
> inet_interfaces = all
>
> # Use Maildir
> home_mailbox = Maildir/
>
> # Wait until the RCPT TO command before evaluating restrictions
> smtpd_delay_reject = yes
>
> # Basics Restrictions
> smtpd_helo_required = yes
> strict_rfc821_envelopes = yes
>
> # Requirements for the connecting server
> smtpd_client_restrictions =
> permit_mynetworks,
> permit_sasl_authenticated,
> reject_rbl_client bl.spamcop.net,
> reject_rbl_client dnsbl.njabl.org,
> reject_rbl_client cbl.abuseat.org,
> reject_rbl_client sbl-xbl.spamhaus.org,
> reject_rbl_client list.dsbl.org,
> permit
>
> # Requirements for the HELO statement
> smtpd_helo_restrictions =
> permit_mynetworks,
> permit_sasl_authenticated,
> reject_non_fqdn_hostname,
> reject_invalid_hostname,
> permit
>
> # Requirements for the sender address
> smtpd_sender_restrictions =
> permit_mynetworks,
> permit_sasl_authenticated,
> reject_non_fqdn_sender,
> reject_unknown_sender_domain,
> permit
>
> # Requirement for the recipient address
> smtpd_recipient_restrictions =
> permit_mynetworks,
> permit_sasl_authenticated,
> reject_non_fqdn_recipient,
> reject_unknown_recipient_domain,
> reject_unauth_destination,
> permit
>
> # Enable SASL authentication for the smtpd daemon
> smtpd_sasl_auth_enable = yes
> smtpd_sasl_type = dovecot
> smtpd_sasl_path = private/auth
>
> # Fix for outlook
> broken_sasl_auth_clients = yes
>
> # Reject anonymous connections
> smtpd_sasl_security_options = noanonymous
> smtpd_sasl_local_domain =
>
> # SSL/TLS
> smtpd_tls_security_level = may
> smtpd_tls_loglevel = 1
> smtpd_tls_cert_file = /etc/ssl/certs/mail.pem
> smtpd_tls_key_file = /etc/ssl/private/mail.key
> smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
>
> # Amavis
> content_filter = amavis:[127.0.0.1]:10024
> receive_override_options = no_address_mappings
>
>
>
>
> Michael
>
>
>
>
> --
> Michael De Groote
> ICT-coordinator Sancta Maria Basisschool Leuven
> ICT-coordinator Sint-Pietersschool Korbeek-Lo
> ICT-coordinator Scholengemeenschap Katholieke Basisscholen Leuven
> ICT-coordinator Parkschool Leuven
--
The Book of Postfix
<http://www.postfix-book.com>
saslfinger (debugging SMTP AUTH):
<http://postfix.state-of-mind.de/patrick.koetter/saslfinger/>
