[Exim] HELP - ldap and forward files

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Keith Goettert
Date:  
À: exim-users
Anciens-sujets: [Exim] ldap and forward files
Sujet: [Exim] HELP - ldap and forward files
A repost -- I didn't get any replies last time (hopefully just poor timing):

> I must be missing something. Having read through the spec doc on the forward
> director and also I have referenced the O'Reilly Exim book and I still don't
> get my .forward problem
>
> Ok, I got my ldap configuration from AKBKHome.com. With a little effort I
> got
> his configuration to work and I can now do successful deliveries via an ldap
> lookup to a MailDir. Here is a typical user in the ldap:
>
> dn: uid=dan,ou=People,dc=7fountains,dc=com
> givenName: Dan
> mail: dan
> uid: dan
> sn: Figlo
> cn: Dan Figlo
> userPassword:: N2ZvdW50YWlucw==
> objectClass: inetOrgPerson
> objectClass: organizationalPerson
> objectClass: person
> objectClass: top
> objectClass: posixAccount
> objectClass: CourierMailAccount
> uidNumber: 1003
> gidNumber: 1003
> homeDirectory: /opt/mail/dan
> creatorsName: cn=admin,dc=7fountains,dc=com
> createTimestamp: 20030530203821Z
> modifiersName: cn=admin,dc=7fountains,dc=com
> modifyTimestamp: 20030530203821Z
>
> I am using a single uid and gid for all users and these belong to the
> Courier-Imap user. Deliveries work well, and all seems happy.
>
> Now I want to forward this user to his normal email account (almost none of
> the
> users on this system will ever take delivery here). Since he has a "home
> directory" I would like to use it to host a .forward file. Yes, I know that
> with some ldap magic I can put the forward into the directory, but I won't
> have
> the flexibility of filters (this will be very important in the future).
>
> Here is the director section from my exim.conf file:
>
> -----------------------------------------------------------------------
> ######################################################################
> #                      DIRECTORS CONFIGURATION                       #
> #             Specifies how local addresses are handled              #
> ######################################################################
> #                          ORDER DOES MATTER                         #
> #   A local address is passed to each in turn until it is accepted.  #
> ######################################################################

>
> # This looks up the user in the LDAP directory and delivers it to the
> # Courier-IMAP Maildir directory for use through SquirrelMail
>
> ldap_user:
> driver = aliasfile
> search_type = ldapm
> query =
> "ldap://localhost:389/ou=People,dc=7fountains,dc=com?mail?sub?(&(uid=$
> {local_part}))"
> expand
> errors_to = real-admin
> user = courier
> group = courier
> transport = local_delivery
>
> # This allows local delivery to be forced, avoiding alias files and
> # forwarding.
>
> real_local:
> prefix = real-
> driver = localuser
> transport = local_delivery
>
> # This director handles aliasing using a traditional /etc/aliases file.
> # If any of your aliases expand to pipes or files, you will need to set
> # up a user and a group for these deliveries to run under. You can do
> # this by uncommenting the "user" option below (changing the user name
> # as appropriate) and adding a "group" option if necessary.
>
> system_aliases:
> driver = aliasfile
> file_transport = address_file
> pipe_transport = address_pipe
> file = /etc/aliases
> search_type = lsearch
> # user = list
> # Uncomment the above line if you are running smartlist
>
>
> # This director handles forwarding using traditional .forward files.
> # It also allows mail filtering when a forward file starts with the
> # string "# Exim filter": to disable filtering, uncomment the "filter"
> # option. The check_ancestor option means that if the forward file
> # generates an address that is an ancestor of the current one, the
> # current one gets passed on instead. This covers the case where A is
> # aliased to B and B has a .forward file pointing to A.
>
> # For standard debian setup of one group per user, it is acceptable---normal
> # even---for .forward to be group writable. If you have everyone in one
> # group, you should comment out the "modemask" line. Without it, the exim
> # default of 022 will apply, which is probably what you want.
>
> userforward:
> driver = forwardfile
> file_transport = address_file
> pipe_transport = address_pipe
> reply_transport = address_reply
> no_verify
> check_ancestor
> check_local_user = false
> file = /opt/mail/$local_part.forward
> modemask = 002
> filter
>
> # This director runs procmail for users who have a .procmailrc file
>
> procmail:
> driver = localuser
> transport = procmail_pipe
> require_files =
> ${local_part}:+${home}:+${home}/.procmailrc:+/usr/bin/procmail
> no_verify
>
> # This director matches local user mailboxes.
>
> localuser:
> driver = localuser
> transport = local_delivery
>
> ---------------------------------------------------------------------
>
> When I deliver a message, it gets swept up by local_deliver and the forward
> director never gets checked. I guess I don't understand how the forward
> director really works. It seems strange that I would put it AFTER the other
> directors. Still, I have a POP based system running exim without ldap and
> the
> forward director works great even though it is after all the other directors.
> (did I miss that paragraph in one of the books?) Anyway, here is the output
> of a successful delivery to the users MailDir EVEN THOUGH HE HAD A FORWARD
> FILE.
>
> (PS... I had debug set to level 3)
>
> -----------------------------------------------------------------------------
> /home/keith# exim -v -d 3 -bd
> Exim version 3.35 debug level 3 uid=0 gid=0
> Berkeley DB: Sleepycat Software: Berkeley DB 3.2.9: (March 19, 2002)
> Caller is an admin user
> Caller is a trusted user
> LOG: 0 MAIN
> Failed to create IPv6 socket for wildcard listening (Address family not
> suppor
> ted by protocol): falling back to IPv4
> pid written to /var/run/exim/exim.pid-bd
> LOG: 0 MAIN
> exim 3.35 daemon started: pid=28725, no queue runs, listening for SMTP on
> port
> 25
> set_process_info: 28725 daemon: no queue runs, port 25
> daemon running with uid=8 gid=8 euid=8 egid=8
> listening on port 25...
> Connection request from 216.136.131.234/22455
> 1 SMTP accept process running
> listening on port 25...
> host in rfc1413_hosts? yes (*)
> Process 28733 is handling incoming connection from [216.136.131.234]
> host in host_lookup? yes (*)
> looking up host name for 216.136.131.234
> IP address lookup yielded web11404.mail.yahoo.com
> set_process_info: 28733 handling incoming connection from
> web11404.mail.yahoo.co
> m [216.136.131.234]
> host in host_reject? no (option unset)
> host in host_reject_recipients? no (option unset)
> host in auth_hosts? no (option unset)
> host in auth_over_tls_hosts? no (option unset)
> host in tls_hosts? no (option unset)
> host in sender_unqualified_hosts? no (option unset)
> host in receiver_unqualified_hosts? no (option unset)
> host in helo_verify? no (option unset)
> host in helo_accept_junk_hosts? no (option unset)
> SMTP>> 220 sevenfountains.7fountains.com ESMTP Exim 3.35 #1 Sat, 31 May 2003
> 17:
> 16:53 -0700
> set_process_info: 28733 handling incoming connection from
> web11404.mail.yahoo.co
> m [216.136.131.234]
> ready for new message
> smtp_setup_msg entered
> SMTP<< HELO web11404.mail.yahoo.com
> set_process_info: 28733 handling incoming connection from
> web11404.mail.yahoo.co
> m [216.136.131.234]
> SMTP>> 250 sevenfountains.7fountains.com Hello web11404.mail.yahoo.com
> [216.136.
> 131.234]
> SMTP<< MAIL FROM:<cakoala@???>
> cakoala@??? in sender_reject? no (option unset)
> cakoala@??? in sender_reject_recipients? no (option unset)
>

=== message truncated ===


__________________________________
Do you Yahoo!?
Yahoo! Calendar - Free online calendar with sync to Outlook(TM).
http://calendar.yahoo.com