Benjamin
2016-Jun-08 08:13 UTC
postfix+dovecot and usernames different to e-mail addresses
Hi,
I want to replace an old mailserver setup with postfix+dovecot. The
problem I'm facing now is, that the old system had usernames different
to the e-mail address of the user. For example:
E-Mail-Address: foo at example.com
Username: foo-example.com
I configured postfix so that it passes mails to dovecot using the
following command (master.cf):
dovecot unix - n n - - pipe
flags=DRhu user=mail-data:mail-data
argv=/usr/lib/dovecot /dovecot-lda -a $(recipient)
When dovecot now receives an e-mail from postfix it logs
dovecot: lda(mail-data): Error: User initialization failed: Namespace
'INBOX.': Home directory not set for user. Can't expand ~/ for
mail
root dir in: ~/Maildir
dovecot: lda: Fatal: Invalid user settings. Refer to server log for
more information.
My dovecot-ldap configuration looks quite simple:
hosts = 192.168.0.1,192.168.0.2
dn = cn=mailadmin,dc=example,dc=com
dnpass = foo
auth_bind = yes
ldap_version = 3
base = ou=users,dc=example,dc=com
user_attrs = mailMessageStore=home
user_filter = (&(objectClass=qmailUser)(uid=%u))
pass_filter = (&(objectClass=qmailUser)(uid=%u))
I think dovecot does not know that the username is not the e-mail
address, but how can I tell him?
Furthermore we have alternative addresses here, so for example there may
be an e-mail address bar at example.com owned by foo-example.com who has
foo at example.com as primary address.
Dovecot itself (IMAP) works fine, so here it can find the correct
Maildir for the user. The difference is, that I connect using the
username instead of the e-mail address in this case.
# dovecot --version
2.2.22 (fe789d2)
# postconf -d | grep mail_version
mail_version = 3.1.0
# lsb_release -a
No LSB modules are available.
Distributor ID: Ubuntu
Description: Ubuntu 16.04 LTS
Release: 16.04
Codename: xenial
Thanks for your help
Benjamin
Wolfgang Rosenauer
2016-Jun-08 20:45 UTC
postfix+dovecot and usernames different to e-mail addresses
On Wed, Jun 8, 2016 at 10:13 AM, Benjamin <dovecot at benjaminhubert.at> wrote:> > My dovecot-ldap configuration looks quite simple: > > hosts = 192.168.0.1,192.168.0.2 > dn = cn=mailadmin,dc=example,dc=com > dnpass = foo > auth_bind = yes > ldap_version = 3 > base = ou=users,dc=example,dc=com > user_attrs = mailMessageStore=home > user_filter = (&(objectClass=qmailUser)(uid=%u)) > pass_filter = (&(objectClass=qmailUser)(uid=%u)) > > I think dovecot does not know that the username is not the e-mail address, > but how can I tell him? > > Furthermore we have alternative addresses here, so for example there may > be an e-mail address bar at example.com owned by foo-example.com who has > foo at example.com as primary address. >You need user_filter and pass_filter to recognize also the email addresses IMHO. Mine look like: pass_filter = (&(objectClass=suseMailRecipient)(|(alias=%n)(uid=%n))) user_filter = (&(objectClass=suseMailRecipient)(|(alias=%n)(uid=%n))) You have to adapt to your own ldap attributes and use the correct variable (%n) to match your usecase. My users can login (and receive mails) via all of their aliases, primary address (part of the alias set) or their username. HTH, Wolfgang
Benjamin
2016-Jun-09 14:03 UTC
postfix+dovecot and usernames different to e-mail addresses
Thank you for this hint, but no, that does not work.
Does Dovecot really use this user_filter when postfix passes mail using
the dovecot-lda command?
I now tried it with
user_filter = (&(objectClass=qmailUser)(|(uid=%u)(mail=%u)))
and when I search with this filter in LDAP directly (using the
recipients e-mail address as %u) it returns the wanted user.
I also ensured, postfix passes the e-mail address as argument by playing
around with master.cf, and it does. At the moment the dovecot line looks
as follows:
dovecot unix - n n - - pipe
flags=DRhu user=mail-data:mail-data
argv=/usr/lib/dovecot/dovecot-lda -a ${recipient}
Dovecot still tells me that it does not find the home directory for the
user.
Benjamin
On 06/08/2016 10:45 PM, Wolfgang Rosenauer wrote:> On Wed, Jun 8, 2016 at 10:13 AM, Benjamin <dovecot at
benjaminhubert.at> wrote:
>
>>
>> My dovecot-ldap configuration looks quite simple:
>>
>> hosts = 192.168.0.1,192.168.0.2
>> dn = cn=mailadmin,dc=example,dc=com
>> dnpass = foo
>> auth_bind = yes
>> ldap_version = 3
>> base = ou=users,dc=example,dc=com
>> user_attrs = mailMessageStore=home
>> user_filter = (&(objectClass=qmailUser)(uid=%u))
>> pass_filter = (&(objectClass=qmailUser)(uid=%u))
>>
>> I think dovecot does not know that the username is not the e-mail
address,
>> but how can I tell him?
>>
>> Furthermore we have alternative addresses here, so for example there
may
>> be an e-mail address bar at example.com owned by foo-example.com who
has
>> foo at example.com as primary address.
>>
>
> You need user_filter and pass_filter to recognize also the email addresses
> IMHO.
>
> Mine look like:
> pass_filter = (&(objectClass=suseMailRecipient)(|(alias=%n)(uid=%n)))
> user_filter = (&(objectClass=suseMailRecipient)(|(alias=%n)(uid=%n)))
>
> You have to adapt to your own ldap attributes and use the correct variable
> (%n) to match your usecase. My users can login (and receive mails) via all
> of their aliases, primary address (part of the alias set) or their
username.
>
> HTH,
> Wolfgang
>