Mail system authentication in LDAP
I suppose that Dovecot and Postfix are up and running, and you can receive and send mail with system user (see previous posts). It is time to configure authentication in LDAP.
Use of directory service to user authentication allows for flexible management of mail system, hosting and so on. LDAP is established standard for authentication and authorization and almost all software which requires authentication support this protocol.
Let’s begin from POP3/IMAP Dovecot server, which also deliver authentication mechanism for Postfix:
/usr/bin/sudo -i
cd /etc/dovecot
vi dovecot-ldap.conf
In this file you need to define LDAP server/s parameters, authentication method, filter and attributes. I list those most important:
hosts = localhost
auth_bind = yes
base = o=hosting,dc=example,dc=com
scope = subtree
user_attrs = homeDirectory=home
user_filter = (&(objectClass=mailUser)(mail=%u))
pass_attrs = mail=user,userPassword=password
pass_filter = (&(objectClass=mailUser)(mail=%u))