[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Problemes avec postfix et LDAP





Bon , je recapitule et je vais donner tous les fichiers la , parce que sinon ca va etre la galere ;).Mon arbre LDAP est comme ceci :


dn: dc=linux-win,dc=org
objectClass: domain
objectClass: domainRelatedObject
associatedDomain: linux-win.org
dc: linux-win

dn: ou=Group,dc=linux-win,dc=org
objectClass: top
objectClass: organizationalUnit
ou: Group
description: System Groups

dn: ou=Contacts,dc=linux-win,dc=org
objectClass: top
objectClass: organizationalUnit
ou: Contacts
description: Address Book

dn: ou=People,dc=linux-win,dc=org
objectClass: top
objectClass: organizationalUnit
ou: People
description: Users of the Organization

dn: ou=Computers,dc=linux-win,dc=org
objectClass: top
objectClass: organizationalUnit
ou: Computers
description: Windows Domain Computers

dn: cn=Domain Admins,ou=Group,dc=linux-win,dc=org
objectClass: posixGroup
gidNumber: 512
cn: Domain Admins
description: Designated administrators for the domain
memberUid: root

dn: cn=Domain Users,ou=Group,dc=linux-win,dc=org
objectClass: posixGroup
gidNumber: 513
cn: Domain Users
description: All domain users

dn: cn=Domain Guests,ou=Group,dc=linux-win,dc=org
objectClass: posixGroup
gidNumber: 514
cn: Domain Guests
description: All domains guests

dn: cn=Domain Computers,ou=Group,dc=linux-win,dc=org
objectClass: posixGroup
gidNumber: 515
cn: Domain Computers
description: All domain computers

dn: cn=Administrators,ou=Group,dc=linux-win,dc=org
objectClass: posixGroup
gidNumber: 544
cn: Administrators
description: Members can fully administer the computer/domain

dn: cn=Users,ou=Group,dc=linux-win,dc=org
objectClass: posixGroup
gidNumber: 545
cn: Users
description: Ordinary users

dn: cn=Guests,ou=Group,dc=linux-win,dc=org
objectClass: posixGroup
gidNumber: 546
cn: Guests
description: Users granted guest access to the computer/domain
memberUid: nobody

dn: cn=Power Users,ou=Group,dc=linux-win,dc=org
objectClass: posixGroup
gidNumber: 547
cn: Power Users
description: Members can share directories and printers

dn: cn=Account Operators,ou=Group,dc=linux-win,dc=org
objectClass: posixGroup
gidNumber: 548
cn: Account Operators
description: Members can administer user and group accounts

dn: cn=Server Operators,ou=Group,dc=linux-win,dc=org
objectClass: posixGroup
gidNumber: 549
cn: Server Operators
description: Members can administer domain servers

dn: cn=Print Operators,ou=Group,dc=linux-win,dc=org
objectClass: posixGroup
gidNumber: 550
cn: Print Operators
description: Members can administer domain printers

dn: cn=Backup Operators,ou=Group,dc=linux-win,dc=org
objectClass: posixGroup
gidNumber: 551
cn: Backup Operators
description: Members can bypass file security to back up files

dn: cn=Replicator,ou=Group,dc=linux-win,dc=org
objectClass: posixGroup
gidNumber: 552
cn: Replicator
description: Supports file replication in a domain




dn: ou=mail,dc=linux-win,dc=org
objectClass: top
objectClass: organizationalUnit
ou: mail
description: Mail
structuralObjectClass: organizationalUnit
entryUUID: 720f4014-9d3b-1029-850e-9750598991b3
creatorsName: cn=Manager,dc=linux-win,dc=org
createTimestamp: 20050809160736Z
entryCSN: 20050809160736Z#000001#00#000000
modifiersName: cn=Manager,dc=linux-win,dc=org
modifyTimestamp: 20050809160736Z

dn: ou=linux-win.org,ou=mail,dc=linux-win,dc=org
objectClass: top
objectClass: organizationalUnit
objectClass: CourierMailAlias
ou: linux-win.org
mail: linux-win.org
maildrop: linux-win.org
structuralObjectClass: organizationalUnit
entryUUID: b8729cb4-9d3f-1029-8515-9750598991b3
creatorsName: cn=Manager,dc=linux-win,dc=org
createTimestamp: 20050809163812Z
entryCSN: 20050809163812Z#000001#00#000000
modifiersName: cn=Manager,dc=linux-win,dc=org
modifyTimestamp: 20050809163812Z

dn: cn=root,ou=linux-win.org,ou=mail,dc=linux-win,dc=org
objectClass: top
objectClass: organizationalRole
objectClass: CourierMailAlias
cn: root
mail: root@linux-win.org
maildrop: root
structuralObjectClass: organizationalRole
entryUUID: b873049c-9d3f-1029-8516-9750598991b3
creatorsName: cn=Manager,dc=linux-win,dc=org
createTimestamp: 20050809163812Z
entryCSN: 20050809163812Z#000002#00#000000
modifiersName: cn=Manager,dc=linux-win,dc=org
modifyTimestamp: 20050809163812Z

dn: cn=admin,ou=linux-win.org,ou=mail,dc=linux-win,dc=org
objectClass: top
objectClass: organizationalRole
objectClass: CourierMailAlias
cn: admin
mail: admin@linux-win.org
maildrop: root
structuralObjectClass: organizationalRole
entryUUID: b8736c98-9d3f-1029-8517-9750598991b3
creatorsName: cn=Manager,dc=linux-win,dc=org
createTimestamp: 20050809163812Z
entryCSN: 20050809163812Z#000003#00#000000
modifiersName: cn=Manager,dc=linux-win,dc=org
modifyTimestamp: 20050809163812Z

dn: cn=flo,ou=linux-win.org,ou=mail,dc=linux-win,dc=org
objectClass: top
objectClass: person
objectClass: CourierMailAlias
objectClass: organizationalPerson
cn: flo
mail: flo@linux-win.org
maildrop: flo
sn: flo
structuralObjectClass: organizationalPerson
entryUUID: b873d962-9d3f-1029-8518-9750598991b3
creatorsName: cn=Manager,dc=linux-win,dc=org
createTimestamp: 20050809163812Z
entryCSN: 20050809163812Z#000004#00#000000
modifiersName: cn=Manager,dc=linux-win,dc=org
modifyTimestamp: 20050809163812Z




dn: uid=flo,ou=People,dc=linux-win,dc=org
objectClass: top
objectClass: posixAccount
objectClass: shadowAccount
objectClass: account
cn: flo
uid: flo
uidNumber: 10000
gidNumber: 513
homeDirectory: /home/flo
loginShell: /sbin/nologin
gecos: Florian Berard
structuralObjectClass: account
entryUUID: d0bc00f8-9d3f-1029-8519-9750598991b3
creatorsName: cn=Manager,dc=linux-win,dc=org
createTimestamp: 20050809163853Z
entryCSN: 20050809163853Z#000001#00#000000
modifiersName: cn=Manager,dc=linux-win,dc=org
modifyTimestamp: 20050809163853Z


Voila pour l'arbre ldap.maintenant ma config posfif c'est la suivante dans le main.cf :

command_directory = /usr/local/sbin
daemon_directory = /usr/local/libexec/postfix

smtpd_banner = $myhostname ESMTP $mail_name $mail_version
setgid_group = maildrop
biff = no
in_flow_delay = 10s
append_dot_mydomain = yes
alias_maps = hash:/usr/local/etc/postfix/aliases, $virtual_alias_maps
alias_database = hash:/usr/local/etc/postfix/aliases
home_mailbox = Maildir/
mail_spool_directory = /var/mail
local_destination_concurrency_limit= 1
default_destination_concurrency_limit = 1
smtpd_recipient_limit = 50
notify_classes=bounce,resource,software,policy
#myhostname = gw-bsd.linux-win.org
relayhost =
relay_domains =
mynetworks = 192.168.1.0/32, 192.168.3.0/32, 127.0.0.0/8
mailbox_command = /usr/local/bin/procmail
mailbox_size_limit = 0
mailq_path = /usr/local/bin/mailq
message_size_limit = 10000000
recipient_delimiter = +
smtpd_helo_required = yes
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,
reject_unauth_pipelining,reject_unauth_destination,reject_invalid_hostname,reject_unknown_recipient_domain smtpd_sender_restrictions = permit_sasl_authenticated, hash:/usr/local/etc/postfix/access,
   reject_unknown_sender_domain,
   reject_invalid_hostname
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /usr/local/etc/postfix/certificats/linux-win.key
smtpd_tls_cert_file = /usr/local/etc/postfix/certificats/linux-win.crt
smtpd_tls_CAfile = /usr/local/etc/postfix/certificats/cacert.crt
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s

header_checks = regexp:/usr/local/etc/postfix/header_checks.cf
body_checks = regexp:/usr/local/etc/postfix/body_checks.cf
strict_rfc821_envelopes = yes
unknown_address_reject_code = 554
unknown_client_reject_code = 554
unknown_hostname_reject_code = 554
readme_directory = no
sample_directory = /usr/local/etc/postfix
sendmail_path = /usr/local/sbin/sendmail
manpage_directory = /usr/local/man
newaliases_path = /usr/local/bin/newaliases
queue_directory = /var/spool/postfix
mail_owner = postfix
unknown_local_recipient_reject_code = 450


mydestination =
virtual_mailbox_maps = ldap:/usr/local/etc/postfix/ldap-accounts.cf
virtual_alias_maps = ldap:/usr/local/etc/postfix/ldap-aliases.cf

Dans ldap-accounts.cf , j'ai ca :

server_host = localhost
server_port = 389
search_base = dc=linux-win, dc=org
query_filter = (mail=%s)
result_attribute = maildrop
bind = yes
bind_dn = cn=Manager, dc=linux-win, dc=org
bind_pw = ***********
version = 3


Dans ldap-aliases.conf , j'ai ca :

server_host = localhost
search_base = dc=linux-win, dc=org
query_filter = (&(objectClass=CourierMailAlias) (mail=%s))
result_attribute = maildrop
bind = yes
bind_dn = cn=Manager, dc=linux-win, dc=org
bind_pw = supermani
version = 3


Et quand je veux envoyer un mail a flo@linux-win.org , j'ai ca dans les logs :

Aug 9 20:27:36 gw-bsd postfix/smtpd[64820]: connect from smtp-102-tuesday.nerim.net[62.4.16.102] Aug 9 20:27:36 gw-bsd postfix/trivial-rewrite[64823]: warning: do not list domain linux-win.org in BOTH virtual_alias_domains and virtual_mailbox_domains Aug 9 20:27:36 gw-bsd postfix/smtpd[64820]: 906245B06: client=smtp-102-tuesday.nerim.net[62.4.16.102] Aug 9 20:27:36 gw-bsd postfix/cleanup[64824]: 906245B06: message-id=<42F8F59A.10405@nerim.net> Aug 9 20:27:36 gw-bsd postfix/qmgr[61595]: 906245B06: from=<bettan@nerim.net>, size=748, nrcpt=1 (queue active) Aug 9 20:27:36 gw-bsd postfix/smtpd[64820]: disconnect from smtp-102-tuesday.nerim.net[62.4.16.102] Aug 9 20:27:36 gw-bsd spamd[1010]: connection from localhost [127.0.0.1] at port 50894
Aug  9 20:27:36 gw-bsd spamd[1010]: info: setuid to vmail succeeded
Aug 9 20:27:36 gw-bsd spamd[1010]: processing message <42F8F59A.10405@nerim.net> for vmail:1005. Aug 9 20:27:40 gw-bsd spamd[1010]: clean message (0.4/4.3) for vmail:1005 in 3.5 seconds, 730 bytes. Aug 9 20:27:40 gw-bsd spamd[1010]: result: . 0 - AWL scantime=3.5,size=730,mid=<42F8F59A.10405@nerim.net>,autolearn=ham Aug 9 20:27:40 gw-bsd postfix/pickup[61594]: 32E855DC2: uid=1005 from=<bettan@nerim.net> Aug 9 20:27:40 gw-bsd postfix/pipe[64825]: 906245B06: to=<flo@gw-bsd.linux-win.org>, orig_to=<flo@linux-win.org>, relay=spamassassin, delay=4, status=sent (gw-bsd.linux-win.org)
Aug  9 20:27:40 gw-bsd postfix/qmgr[61595]: 906245B06: removed
Aug 9 20:27:40 gw-bsd postfix/cleanup[64824]: 32E855DC2: message-id=<42F8F59A.10405@nerim.net> Aug 9 20:27:40 gw-bsd postfix/qmgr[61595]: 32E855DC2: from=<bettan@nerim.net>, size=1050, nrcpt=1 (queue active) Aug 9 20:27:40 gw-bsd postfix/smtp[64830]: 32E855DC2: to=<flo@gw-bsd.linux-win.org>, relay=none, delay=0, status=bounced (mail for gw-bsd.linux-win.org loops back to myself) Aug 9 20:27:40 gw-bsd postfix/cleanup[64824]: 40FB05DD7: message-id=<20050809182740.40FB05DD7@gw-bsd.linux-win.org> Aug 9 20:27:40 gw-bsd postfix/qmgr[61595]: 40FB05DD7: from=<>, size=2778, nrcpt=1 (queue active) Aug 9 20:27:40 gw-bsd postfix/cleanup[64824]: 42D235DEE: message-id=<20050809182740.42D235DEE@gw-bsd.linux-win.org> Aug 9 20:27:40 gw-bsd postfix/qmgr[61595]: 42D235DEE: from=<double-bounce@gw-bsd.linux-win.org>, size=2411, nrcpt=1 (queue active)
Aug  9 20:27:40 gw-bsd postfix/qmgr[61595]: 32E855DC2: removed
Aug 9 20:27:40 gw-bsd postfix/smtp[64832]: 42D235DEE: to=<postmaster@gw-bsd.linux-win.org>, orig_to=<postmaster>, relay=none, delay=0, status=bounced (mail for gw-bsd.linux-win.org loops back to myself) Aug 9 20:27:40 gw-bsd postfix/bounce[64831]: warning: 42D235DEE: undeliverable postmaster notification discarded
Aug  9 20:27:40 gw-bsd postfix/qmgr[61595]: 42D235DEE: removed
Aug 9 20:27:40 gw-bsd postfix/smtp[64830]: 40FB05DD7: to=<bettan@nerim.net>, relay=tyrande.nerim.net[62.4.16.82], delay=0, status=sent (250 Ok: queued as 16F8D2F8B5)
Aug  9 20:27:40 gw-bsd postfix/qmgr[61595]: 40FB05DD7: removed


Voila lol et je sais vraiment pas quoi faire pour arriver simplement a ceux que des users dans le ldap puissent envoyer des mails !




Reply to: