Postfix with LDAP for Dovecot¶
When it is used for ldap server for authentication of IMAP4 or POP3 server are used with LDAP, firstly needs to set up MTA with LDAP for mail delivery to users. I have used Postfix as MTA in this case. OS is Ubuntu 12.04, and POP3 server is dovecot2, and MTA is Postfix.
Install packages¶
$ sudo apt-get install postfix-ldap mailutils
Install postfix-doc if you needs postfix-ldap documentation, then see /usr/share/doc/postfix/html/LDAP_README.html.
Configuration of debconf¶
General type of mail configuration
Internet Site
System mail name
mail.example.org
Configuration¶
The points are next parameters of postmap for ldap.
“query_filter” is “(mail=%s)”
“result_attribute” is some cases
“scope” is “one”
LDAP lookups¶
postmap file name is any. I have named “/etc/postfix/ldap-alias.cf” in this case.
$ sudo postconf alias_maps=hash:/etc/aliases,ldap:/etc/postfix/ldap-aliases.cf
/etc/postfix/ldap-aliases.cf is as follows.
server_host = ldap://ldap01.example.org ldap://ldap02.example.org
timeout = 10
search_base = ou=People,dc=example,dc=org
domain = example.org
query_filter = (mail=%s)
result_attribute = mail
scope = one
bind = no
dereference = 0
start_tls = yes
version = 3
tls_ca_cert_dir = /etc/ssl/certs
tls_ca_cert_file = /etc/ssl/certs/ca-certificates.crt
Confirm above settings.
$ sudo postmap -q user0@example.org ldap:/etc/postfix/ldap-aliaces.cf
user0@example.org
Create and/or update database.
$ sudo postmap /etc/postfix/ldap-aliases.cf
Setting alias maps.
$ postconf alias_maps
alias_maps = hash:/etc/aliases
$ sudo postconf alias_maps = hash:/etc/aliases,ldap:/etc/postfix/ldap-aliases.cf
see more ldap_table(5)
domain setting¶
$ postconf mydomain
mydomain = localdomain
$ sudo postconf mydomain=example.org
Virtual domains¶
Set up “virtual_mailbox_domains” if you use virtual domains.
$ postconf virtual_mailbox_domains
virtual_mailbox_domains = $virtual_mailbox_maps
$ sudo virtual_mailbox_domains=/etc/postfix/virtual_domains
/etc/postfix/virtual_domains
example.org
example.net
example.com
Virtual mailbox¶
/etc/postfix/virtual_mailbox is follows;
server_host = ldap://ldap01.example.org ldap://ldap02.example.org
timeout = 10
search_base = ou=People,dc=example,dc=org
domain = example.org
query_filter = (mail=%s)
result_attribute = mail
result_format = %d/%u/Maildir/
scope = one
bind = no
dereference = 0
start_tls = yes
version = 3
tls_ca_cert_dir = /etc/ssl/certs
tls_ca_cert_file = /etc/ssl/certs/ca-certificates.crt
Confirmation
$ postalias -q user0@example.org ldap:/etc/postfix/virtual_mailbox
example.org/user0/Maildir/
Create database
$ sudo postmap /etc/postfix/virtual_mailbox
Set up “virtual_mail_box_maps” and “virtual_mailbox_base”.
$ postconf virtual_mailbox_maps
virtual_mailbox_maps =
$ sudo postconf virtual_mailbox_maps=ldap:/etc/postfix/virtual_mailbox
$ postconf virtual_mailbox_base
virtual_mailbox_base =
$ sudo postconf virtual_mailbox_base=/var/vmail
Make directory, and change owner & group, permission.
$ sudo mkdir -p /var/vmail/example.org
$ sudo chown -R root:mail /var/vmail
$ sudo chmod 2775 /var/vmail
Mailbox owner¶
You set up mailbox owners are each uid, /etc/postfix/virtual_uids is follows;
server_host = ldap://ldap01.example.org ldap://ldap02.example.org
timeout = 10
search_base = ou=People,dc=example,dc=org
domain = example.org
query_filter = (mail=%s)
result_attribute = uidNumber
scope = one
bind = no
dereference = 0
version = 3
start_tls = yes
tls_ca_cert_dir = /etc/ssl/certs
tls_ca_cert_file = /etc/ssl/certs/ca-certificates.crt
Confirm
$ postalias -q user0@example.org ldap:/etc/postfix/virtual_uids
10001
Create database
$ postmap /etc/postfix/virtual_uids
Set up “virtual_uid_maps”.
$ postconf virtual_uid_maps
virtual_uid_maps =
$ sudo postconf virtual_uid_maps=ldap:/etc/postfix/virtual_uids
Mailbox group¶
Mailbox group is specified “mail” group.
$ postconf virtual_gid_maps
virtual_gid_maps =
$ id mail
uid=8(mail) gid=8(mail) groups=8(mail)
$ sudo postconf virtual_gid_maps=static:8
Confirmation¶
$ date | mail -s test user0@example.org
$ sudo tree /var/vmail
/var/vmail/example.org/
└── user0
└── Maildir
├── cur
├── new
│ ├── 1348801351.V805I2b4cM580106.mx2
│ ├── 1348801351.V805I2c6dM544653.mx2
│ ├── 1348801351.V805I2c6eM565186.mx2
│ ├── 1348801351.V805I2c71M587794.mx2
│ └── 1348801396.V805I232dM112750.mx2
└── tmp
5 directories, 5 files