From: Chris Paul (no email)
Date: Mon Mar 01 2004 - 18:44:24 EST
Hello Postfix Users,
I'm running Postfix 2.0.16-20031231.
I just added an LDAP smtpd_sender_login_maps (using OpenLDAP 2.1.25).
All seems to be working well.
I just didn't expect Postfix to do an LDAP lookup on users for
non-SASL-ly authenticated mail, which it is doing:
Mar 1 14:32:22 mx1 amavis[7600]: (07600-05) ESMTP::10024
/var/amavisd/tmp/amavis-20040301T135531-07600:
<> -> <> Received:
SIZE=7840 from mx1.sentinare.net ([127.0.0.1]) by localhost
(mx1.sentinare.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id
07600-05 for <>; Mon, 1 Mar 2004 14:32:22 -0800
(PST)
Mar 1 14:32:22 mx1 postfix/smtpd[6670]: disconnect from
mail16.webcontrolcenter.com[216.119.106.195]
Mar 1 14:32:22 nectar slapd[9014]: conn=3560 op=1 SRCH
base="ou=people,dc=sentinare,dc=net" scope=2
filter="(&(uid=)(|(organizationalStatus=active)(organizationalStatus=shared)))"
Mar 1 14:32:22 nectar slapd[9014]: conn=3560 op=1 SRCH attr=mail
Mar 1 14:32:22 nectar slapd[9014]: conn=3560 op=1 SEARCH RESULT tag=101
err=0 nentries=0 text=
Mar 1 14:32:22 nectar slapd[9015]: conn=3560 op=2 SRCH
base="ou=people,dc=sentinare,dc=net" scope=2
filter="(&(uid=@netlimit.com)(|(organizationalStatus=active)(organizationalStatus=shared)))"
Mar 1 14:32:22 nectar slapd[9015]: conn=3560 op=2 SRCH attr=mail
Mar 1 14:32:22 nectar slapd[9015]: conn=3560 op=2 SEARCH RESULT tag=101
err=0 nentries=0 text=
my ldap-sender_login_maps.cf:
server_host = nectar
server_port = 389
bind = yes
bind_dn = ou=system,dc=sentinare,dc=net
bind_pw = password
search_base = ou=people,dc=sentinare,dc=net
query_filter =
(&(uid=%s)(|(OrganizationalStatus=active)(OrganizationalStatus=shared)))
result_attribute = mail
my postconf -n:
biff = no
broken_sasl_auth_clients = yes
command_directory = /usr/local/sbin
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
daemon_directory = /usr/local/libexec/postfix
empty_address_recipient = MAILER-DAEMON
local_recipient_maps =
luser_relay = spamtrap
mail_owner = _postfix
mailq_path = /usr/local/sbin/mailq
manpage_directory = /usr/local/man
mydestination = $myhostname, localhost.$mydomain
mydomain = sentinare.net
myhostname = mx1.sentinare.net
mynetworks = 127.0.0.1, 10.7.5.0/24, 209.81.10.225, 209.204.154.202,
69.36.229.128/28
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases
notify_classes = bounce,2bounce,policy,protocol,resource,software
queue_directory = /var/spool/postfix
queue_minfree = 160000000
readme_directory = /usr/local/share/doc/postfix/readme
relay_clientcerts = hash:/etc/postfix/relay_clientcerts
sample_directory = /etc/postfix
sendmail_path = /usr/local/sbin/sendmail
setgid_group = _postdrop
smtpd_etrn_restrictions = permit_mynetworks, reject
smtpd_helo_restrictions = permit_mynetworks
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated,
reject_invalid_hostname, reject_non_fqdn_hostname,
reject_non_fqdn_sender, reject_non_fqdn_recipient,
reject_unknown_recipient_domain,
reject_unauth_pipelining,
reject_unauth_destination, permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
smtpd_sender_login_maps = hash:/etc/postfix/smtpd_sender_login_maps,
ldap:/etc/postfix/ldap-sender_login_maps.cf
smtpd_sender_restrictions = permit_mynetworks, reject_sender_login_mismatch
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_ask_ccert = yes
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/postfix/ssl/servercert.pem
smtpd_tls_key_file = /etc/postfix/ssl/serverkey.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
soft_bounce = no
tls_random_source = dev:/dev/srandom
transport_maps = hash:/etc/postfix/transport
virtual_gid_maps = static:787
virtual_mailbox_base = /
virtual_mailbox_domains = sentinare.net
virtual_mailbox_limit = 0
virtual_mailbox_maps = ldap:/etc/postfix/ldap-virtual-mailbox.cf
virtual_minimum_uid = 500
virtual_uid_maps = static:787
CP
|
|
|