Настроил postfix, вот конфиг
# postconf -n
Код: Выделить всё
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
html_directory = no
inet_interfaces = all
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = $myhostname, localhost.$mydomain, localhost
mydomain = eqvator.net
myhostname = mail.eqvator.local
mynetworks = 127.0.0.0/8, 192.168.100.0/24, 192.168.103/24, 192.168.105.0/24, 192.168.110.0/24, 192.168.120.0/24
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
sample_directory = /usr/share/doc/postfix-2.3.3/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtp_tls_note_starttls_offer = yes
smtp_use_tls = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = eqvator.net
smtpd_sasl_security_options = noanonymous
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_key_file = /etc/pki/CA/private/rootCA.key
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 550
virtual_alias_maps = ldap:/etc/postfix/ldap/ldap-groups.cf
virtual_gid_maps = static:800
virtual_mailbox_base = /home/vmail/
virtual_mailbox_domains = $mydomain
virtual_mailbox_maps = ldap:/etc/postfix/ldap/ldap-users.cf
virtual_transport = virtual
virtual_uid_maps = static:800
# cat /etc/postfix/ldap/ldap-groups.cf
Код: Выделить всё
server_host = ldap://s-proxy.eqvator.local ldap://srv.eqvator.local
search_base = dc=eqvator,dc=local
version = 3
query_filter = (&(objectclass=group)(mail=%s))
leaf_result_attribute = mail
result_attribute = mail
special_result_attribute = member
bind = yes
bind_dn = CN=postfix_connect,CN=Users,DC=eqvator,DC=local
# cat /etc/postfix/ldap/ldap-users.cf
Код: Выделить всё
server_host = ldap://s-proxy.eqvator.local ldap://srv.eqvator.local
search_base = dc=eqvator, dc=local
version = 3
query_filter = (&(&(objectclass=user)(|(postOfficeBox=%s)(mail=%s)))(!(userAccountControl=66050)))
result_attribute = sAMAccountName
result_format = %s/Maildir/
bind = yes
bind_dn = CN=postfix_connect,CN=Users,DC=eqvator,DC=local
bind_pw = PWD
domain = eqvator.net
Т.е. при получении письма Postfix ищет в АД запись о таком адресе и если находит, создает ящик в /home/vmail/user_name и кладет туда почту. Это как бы работает, а вот с довекотом не получается. Вроде как авторизация проходит
telnet mail 110
Код: Выделить всё
+OK Dovecot ready.
user sysadm
+OK
pass user_pwd
+OK Logged in.
list
+OK 0 messages:
.
quit
+OK Logging out.
Конфиг Довекота
# dovecot -n
Код: Выделить всё
# 1.0.7: /etc/dovecot.conf
protocols: imap pop3
listen(default): *:143
listen(imap): *:143
listen(pop3): *:110
ssl_listen(default): *:943
ssl_listen(imap): *:943
ssl_listen(pop3): *:995
login_dir: /var/run/dovecot/login
login_executable(default): /usr/libexec/dovecot/imap-login
login_executable(imap): /usr/libexec/dovecot/imap-login
login_executable(pop3): /usr/libexec/dovecot/pop3-login
mail_access_groups: vmail
mail_location: maildir:/home/vmail/%u/
mail_debug: yes
mail_executable(default): /usr/libexec/dovecot/imap
mail_executable(imap): /usr/libexec/dovecot/imap
mail_executable(pop3): /usr/libexec/dovecot/pop3
mail_plugin_dir(default): /usr/lib/dovecot/imap
mail_plugin_dir(imap): /usr/lib/dovecot/imap
mail_plugin_dir(pop3): /usr/lib/dovecot/pop3
pop3_client_workarounds(default):
pop3_client_workarounds(imap):
pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh
auth default:
mechanisms: plain login
username_format: %Lu
verbose: yes
debug: yes
debug_passwords: yes
passdb:
driver: ldap
args: /etc/dovecot-ldap.cf
userdb:
driver: static
args: uid=800 gid=800 home=/home/vmail/%u
socket:
type: listen
client:
path: /var/run/dovecot/auth-client
mode: 432
master:
path: /var/run/dovecot/auth-master
mode: 384
# cat /etc/dovecot-ldap.cf
Код: Выделить всё
hosts = s-proxy.eqvator.local srv.eqvator.local
ldap_version = 3
base = dc=eqvator, dc=local
deref = searching
scope = subtree
auth_bind = yes
auth_bind_userdn = eqvator\%u
pass_filter = (&(objectClass=user)(uid=%u))
user_filter = (&(objectClass=user)(mailBox=%u)(!(userAccountControl=66050)))
user_attrs = homeDirectory=home,uidNumber=uid,gidNumber=gid
А вот лог в этот момент
# tail /var/log/maillog
Код: Выделить всё
Apr 20 12:32:39 mail dovecot: auth(default): client in: AUTH 1 PLAIN service=POP3 lip=192.168.100.235 rip=192.168.100.101 resp=AHN5c2FkbQ4NzgMDI1MU2MQ=
Apr 20 12:32:39 mail dovecot: auth(default): ldap(sysadm,192.168.100.101): bind: dn=eqvator\sysadm
Apr 20 12:32:39 mail dovecot: auth(default): client out: OK 1 user=sysadm
Apr 20 12:32:39 mail dovecot: auth(default): master in: REQUEST 2 2121 1
Apr 20 12:32:39 mail dovecot: auth(default): master out: USER 2 sysadm uid=800 gid=800 home=/home/vmail/sysadm
Apr 20 12:32:39 mail dovecot: POP3(sysadm): Effective uid=800, gid=800
Apr 20 12:32:39 mail dovecot: POP3(sysadm): maildir: data=/home/vmail/sysadm/
Apr 20 12:32:39 mail dovecot: POP3(sysadm): maildir: root=/home/vmail/sysadm, index=/home/vmail/sysadm, control=, inbox=
Apr 20 12:32:39 mail dovecot: pop3-login: Login: user=<sysadm>, method=PLAIN, rip=192.168.100.101, lip=192.168.100.235
Apr 20 12:32:46 mail dovecot: POP3(sysadm): Disconnected: Logged out top=0/0, retr=0/0, del=0/0, size=0
Меня смущает вот это maildir: root=/home/vmail/sysadm, index=/home/vmail/sysadm, control=, inbox= почему control=, inbox= пустые, что и где им дописать надо?