Re: mail system in debian-edu
Hi,
On Wed, May 19, 2010 at 09:49:26PM +0200, Petter Reinholdtsen wrote:
> [Andreas B. Mundt]
> > This would have one advantage: There is only on location where the
> > user's data is stored and if a user is removed, all his mails will
> > also be cleared. Are there any disadvantages?
>
> It would make it very hard to move the mail server away from the
> machine with access to the home directories. This was the reason such
> setup was choosen in the first place. Access to emails should be
> limited to network protocols to avoid any hard dependencines between
> the mail and home directory services.
After investigating a bit more, I can offer the following with minimal
changes to our sources:
Mails in home directory:
When the home directory is created, create a maildir too:
mkdir $HOMEDIR/Maildir
chown mail:mail $HOMEDIR/Maildir
chmod 2700 $HOMEDIR/Maildir
Alternatively, create a symlink like this:
ln -s /var/mail/$USERID $HOMEDIR/Maildir
Would the latter allow to separate mail-server and home dirs?
The problem with the current setup is, that gosa does not use the
mailMessageStore attribute which is used by courier-imap. The only way
to get around that is to use the default which is ~/Maildir. I could
not find any other way to specify the mail directory. The changes to
svn are attached.
Is there a reason why we use courier? I ask because gosa contains
some administrative tools to maintain a cyrus IMAP server. For a
standard setup this is probably not needed, but imagine a larger setup
where several schools served by a central admin.
Another related question: Any objections about removing the old
etc/exim configuration, I guess we only need exim4?
Regards,
Andi
Index: etc/courier/authldaprc-debian-edu
===================================================================
--- etc/courier/authldaprc-debian-edu (revision 64249)
+++ etc/courier/authldaprc-debian-edu (working copy)
@@ -3,7 +3,7 @@
LDAP_SERVER ldap
LDAP_URI ldap://ldap
-LDAP_BASEDN ou=People,dc=skole,dc=skolelinux,dc=no
+LDAP_BASEDN dc=skole,dc=skolelinux,dc=no
LDAP_TIMEOUT 10
LDAP_AUTHBIND 1
@@ -11,8 +11,8 @@
LDAP_MAIL uid
# LDAP_DOMAIN example.com
-LDAP_HOMEDIR mailMessageStore
-LDAP_MAILDIR mailMessageStore
+LDAP_HOMEDIR homeDirectory
+#LDAP_MAILDIR mailMessageStore
# LDAP_MAILDIRQUOTA maildirQuota
Index: etc/exim4/exim-ldap-server-v4.conf
===================================================================
--- etc/exim4/exim-ldap-server-v4.conf (revision 64249)
+++ etc/exim4/exim-ldap-server-v4.conf (working copy)
@@ -277,7 +277,7 @@
ldapuser:
driver = accept
- condition = ${if eq {}{${lookup ldap {ldap://LDAPSERVER/ou=People,LDAPBASE?uid?one?uid=${local_part}}}}{no}{yes}}
+ condition = ${if eq {}{${lookup ldap {ldap://LDAPSERVER/LDAPBASE?uid?sub?uid=${local_part}}}}{no}{yes}}
retry_use_local_part
transport = ldap_delivery
@@ -299,7 +299,7 @@
check_string = ""
create_directory
delivery_date_add
- directory = ${lookup ldap {ldap://LDAPSERVER/ou=People,LDAPBASE?mailMessageStore?one?uid=${local_part}} {$value} fail}
+ directory = ${lookup ldap {ldap://LDAPSERVER/LDAPBASE?homeDirectory?sub?(uid=$local_part)}}/Maildir
directory_mode = 0700
envelope_to_add
group = mail
Reply to: