Otagowano: Mail system

Konfiguracja dostarczania poczty w LDAP

Ostatnim razem pisałem o uwierzytelnianiu użytkowników w katalogu LDAP aby umożliwiać im odbieranie i nadawanie poczty. Teraz nadszedł czas aby skonfigurować Postfixa aby dostarczał pocztę do właściwych skrzynek.
Jeśli sam kompilujesz Postfixa musisz pamiętać o dodaniu do niego wsparcia dla LDAP. Mój opis tym razem bazuje na Ubuntu, więc trzeba tylko zainstalować odpowiedni pakiet postfix-ldap:
[bash]
$ sudo -i
# apt-get install postfix-ldap
[/bash]
To załatwi sprawę wsparcia map ldap: w Postfixie.
Teraz idziemy do konfiguracji Postfixa:

Mail system authentication in LDAP

I suppose that Dovecot and Postfix are up and running, and you can receive and send mail with system user (see previous posts). It is time to configure authentication in LDAP.

Use of directory service to user authentication allows for flexible management of mail system, hosting and so on. LDAP is established standard for authentication and authorization and almost all software which requires authentication support this protocol.

Let’s begin from POP3/IMAP Dovecot server, which also deliver authentication mechanism for Postfix:


/usr/bin/sudo -i
cd /etc/dovecot
vi dovecot-ldap.conf

In this file you need to define LDAP server/s parameters, authentication method, filter and attributes. I list those most important:


hosts = localhost
auth_bind = yes
base = o=hosting,dc=example,dc=com
scope = subtree
user_attrs = homeDirectory=home
user_filter = (&(objectClass=mailUser)(mail=%u))
pass_attrs = mail=user,userPassword=password
pass_filter = (&(objectClass=mailUser)(mail=%u))

Installation of mail system on Ubuntu

I assume that you have installed system with basic configuration and SSH running. After login to system we can install dovecot-postfix package, which is described as fully functional mail server:

drfugazi@charr:~% sudo aptitude install dovecot-postfix
[sudo] password for drfugazi:
Reading extended state information
Initializing package states... Gotowe
The following NEW packages will be installed:
  dovecot-common{a} dovecot-imapd{a} dovecot-pop3d{a} dovecot-postfix
0 packages upgraded, 4 newly installed, 0 to remove and 0 not upgraded.
Need to get 7957kB of archives. After unpacking 15,1MB will be used.
Do you want to continue? [Y/n/?] y
...
Configuring dovecot-common (1:1.2.9-1ubuntu6.1) ...
Creating config file /etc/dovecot/dovecot.conf with new version
Creating config file /etc/dovecot/dovecot-ldap.conf with new version
Creating config file /etc/dovecot/dovecot-sql.conf with new version

Now we should check if Dovecot is running and we can connect to IMAP server on localhost:

Installation and configuration of OpenLDAP

Installation and basic configuration of LDAP directory service (OpenLDAP) on Ubuntu:

sudo aptitude install slapd ldap-utils

This description is based on HowtoForge document for Karmic Koala. I used to be to configure of OpenLDAP in slapd.conf file, but this is old method. Here we have possibility to modify LDAP configuration without restart of LDAP server.

cd /etc/ldap

At first I suggest you to add some schemas, which contains objectclasses and attributes useful later:

ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/cosine.ldif
ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/inetorgperson.ldif
ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/ldap/schema/nis.ldif

If you have problem with addition of above because of insufficient permissions then switch to root with sudo su - or sudo -i

dovecot-2.0.6

Dovecot is an open source IMAP and POP3 email server for Linux/UNIX-like systems, written with security primarily in mind. Dovecot is an excellent choice for both small and large installations. It’s fast, simple to set up, requires no special administration and it uses very little memory.

Source: http://dovecot.org/

Dovecot 2.0.6 is bugfix release and should be more stable than previous versions of 2.0.x.

Below you can find transcript of configuration and compilation session of Dovecot server and a script which I use for this purpose (as attachement).

dovecot-2.0-sieve-0.2.0

Pigeonhole – Sieve Support for Dovecot

Projekt Pigeonhole is the name of the project that adds support for the Sieve language (RFC 5228) and the ManageSieve protocol (RFC 5804) to the Dovecot Secure IMAP Server. In the literal sense, a pigeonhole is a a hole or recess inside a dovecot for pigeons to nest in. It is, however, also the name for one of a series of small, open compartments in a cabinet used for filing or sorting mail. As a verb, it describes the act of putting an item into one of those pigeonholes. The name `Pigeonhole’ therefore well describes an important part of the functionality that this project adds to Dovecot: sorting and filing e-mail messages.

Source: http://pigeonhole.dovecot.org/

dovecot-2.0.3

Dovecot is an open source IMAP and POP3 email server for Linux/UNIX-like systems, written with security primarily in mind. Dovecot is an excellent choice for both small and large installations. It’s fast, simple to set up, requires no special administration and it uses very little memory.

Source: http://dovecot.org/

Below you can find transcript of configuration and compilation session of Dovecot server and a script which I use for this purpose (as attachement).

openldap-2.4.23

OpenLDAP Software is an open source implementation of the Lightweight Directory Access Protocol.
The suite includes:

  • slapd – stand-alone LDAP daemon (server)
  • ibraries implementing the LDAP protocol, and
  • utilities, tools, and sample clients.

Source: http://www.openldap.org/

dovecot-1.2-sieve-0.1.17

Dovecot Sieve is a fully rewritten Sieve implementation for Dovecot v1.2 and newer. The main reason for rewriting the Sieve engine was to provide more reliable script execution and to provide better error messages to users and system administrators. This implementation is part of the Pigeonhole project.

Source: http://wiki.dovecot.org/LDA/Sieve/Dovecot

At first you need to download sources, unpack it and make or edit configuration script:

root@feniks:/home/soft/dovecot# su - soft
soft@feniks:~% cd dovecot 
soft@feniks:~/dovecot% wget http://www.rename-it.nl/dovecot/1.2/dovecot-1.2-sieve-0.1.17.tar.gz
soft@feniks:~/dovecot% gtar -zxf dovecot-1.2-sieve-0.1.17.tar.gz
soft@feniks:~/dovecot% cp drf_sieve-1.2-0.1.12_conf drf_sieve-1.2-0.1.17_conf
soft@feniks:~/dovecot% vi drf_sieve-1.2-0.1.17_conf

dovecot-1.2.13

Dovecot is an open source IMAP and POP3 email server for Linux/UNIX-like systems, written with security primarily in mind. Dovecot is an excellent choice for both small and large installations. It’s fast, simple to set up, requires no special administration and it uses very little memory.

Source: http://dovecot.org/

Below you can find transcript of configuration and compilation session of Dovecot server and a script which I use for this purpose (as attachement).

root@feniks:~# su - soft
soft@feniks:~% cd dovecot
soft@feniks:~/dovecot% wget http://dovecot.org/releases/1.2/dovecot-1.2.13.tar.gz
soft@feniks:~/dovecot% gtar -zxf dovecot-1.2.13.tar.gz
soft@feniks:~/dovecot% cp drf_dovecot-1.2.6_conf drf_dovecot-1.2.13_conf
soft@feniks:~/dovecot% vi !$

In this configuration file I set up additional paths to OpenLDAP and SSL libraries and optimalization options (for SunStudio).