Problemes avec postfix et LDAP

Bonjour la liste,

Tu trouveras un tuto sur Postfix et OpenLDAP avec Debian à cette adresse :
http://www.neokraft.net/articles/mail-postfix-ldap/

Ca date un peu mais les grandes lignes sont toujours valables.

Jean-Yves



Quoting fire67 <bettan@nerim.net>:

Salut , je viens d'installer openldap et postfix sur ma machine
seulement j'ai un probleme avec postfix qui refuse de permettre aux
users crees par le ldap d'envoyer des mails.Par exemple , j'ai un
user 'flo' qui arrive tres bien a se connecter a son imap et lorsque
je fais 'id flo' j'ai ca comme reponse :
uid=10000(flo) gid=513(Domain Users) groups=513(Domain Users)

De plus , avec un 'postmap -q flo unix:passwd.byname' j'ai ca comme repon se :
flo:x:10000:513:Florian Berard:/home/flo:/sbin/nologin

Je ne comprends donc pas pourquoi postfix me renvoit cette erreur
'Recipient address rejected: User unknown in local recipient
table'.Mon main.cf est ici http://www.linux-win.org/main.cf , mon
master.cf est http://www.linux-win.org/master.cf et ca c'est le
fichier ldif qui concerne le user flo
http://www.linux-win.org/user.ldif .Est-ce que quelqu'un voit d'ou
vient le probleme ?


--
Pensez à lire la FAQ de la liste avant de poser une question :
http://wiki.debian.net/?DebianFrench

Pensez à rajouter le mot ``spam'' dans vos champs "From" et "Reply-To:"

To UNSUBSCRIBE, email to debian-user-french-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian .org

fire67 wrote:

Salut , je viens d'installer openldap et postfix sur ma machine
seulement j'ai un probleme avec postfix qui refuse de permettre aux
users crees par le ldap d'envoyer des mails.Par exemple , j'ai un user
'flo' qui arrive tres bien a se connecter a son imap et lorsque je
fais 'id flo' j'ai ca comme reponse :
uid000(flo) gidQ3(Domain Users) groupsQ3(Domain Users)

Donc un truc du genre ldapsearch "ou=People,dc=foo,dcºr" "uid=flo"
te renvoie l'entrée LDAP ?

De plus , avec un 'postmap -q flo unix:passwd.byname' j'ai ca comme
reponse :
flo:x:10000:513:Florian Berard:/home/flo:/sbin/nologin

Là c'est la sortie pour une utilisation de l'authentification Unix. Cela
ne devrait pas plutôt ressembler à postmap -q flo
ldap:/etc/postfix/ma_config_ldap ?

Je ne comprends donc pas pourquoi postfix me renvoit cette erreur
'Recipient address rejected: User unknown in local recipient
table'.Mon main.cf est ici http://www.linux-win.org/main.cf , mon
master.cf est http://www.linux-win.org/master.cf et ca c'est le
fichier ldif qui concerne le user flo
http://www.linux-win.org/user.ldif .Est-ce que quelqu'un voit d'ou
vient le probleme ?

Je n'accède pas à ton site pour l'instant, n'ai pas regardé.
--
David



--
Pensez à lire la FAQ de la liste avant de poser une question :
http://wiki.debian.net/?DebianFrench

Pensez à rajouter le mot ``spam'' dans vos champs "From" et "Reply-To:"

To UNSUBSCRIBE, email to debian-user-french-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Bon , je recapitule et je vais donner tous les fichiers la , parce que
sinon ca va etre la galere ;).Mon arbre LDAP est comme ceci :


dn: dc=linux-win,dc=org
objectClass: domain
objectClass: domainRelatedObject
associatedDomain: linux-win.org
dc: linux-win

dn: ou=Group,dc=linux-win,dc=org
objectClass: top
objectClass: organizationalUnit
ou: Group
description: System Groups

dn: ou=Contacts,dc=linux-win,dc=org
objectClass: top
objectClass: organizationalUnit
ou: Contacts
description: Address Book

dn: ou=People,dc=linux-win,dc=org
objectClass: top
objectClass: organizationalUnit
ou: People
description: Users of the Organization

dn: ou=Computers,dc=linux-win,dc=org
objectClass: top
objectClass: organizationalUnit
ou: Computers
description: Windows Domain Computers

dn: cn=Domain Admins,ou=Group,dc=linux-win,dc=org
objectClass: posixGroup
gidNumber: 512
cn: Domain Admins
description: Designated administrators for the domain
memberUid: root

dn: cn=Domain Users,ou=Group,dc=linux-win,dc=org
objectClass: posixGroup
gidNumber: 513
cn: Domain Users
description: All domain users

dn: cn=Domain Guests,ou=Group,dc=linux-win,dc=org
objectClass: posixGroup
gidNumber: 514
cn: Domain Guests
description: All domains guests

dn: cn=Domain Computers,ou=Group,dc=linux-win,dc=org
objectClass: posixGroup
gidNumber: 515
cn: Domain Computers
description: All domain computers

dn: cn­ministrators,ou=Group,dc=linux-win,dc=org
objectClass: posixGroup
gidNumber: 544
cn: Administrators
description: Members can fully administer the computer/domain

dn: cn=Users,ou=Group,dc=linux-win,dc=org
objectClass: posixGroup
gidNumber: 545
cn: Users
description: Ordinary users

dn: cn=Guests,ou=Group,dc=linux-win,dc=org
objectClass: posixGroup
gidNumber: 546
cn: Guests
description: Users granted guest access to the computer/domain
memberUid: nobody

dn: cn=Power Users,ou=Group,dc=linux-win,dc=org
objectClass: posixGroup
gidNumber: 547
cn: Power Users
description: Members can share directories and printers

dn: cn¬count Operators,ou=Group,dc=linux-win,dc=org
objectClass: posixGroup
gidNumber: 548
cn: Account Operators
description: Members can administer user and group accounts

dn: cn=Server Operators,ou=Group,dc=linux-win,dc=org
objectClass: posixGroup
gidNumber: 549
cn: Server Operators
description: Members can administer domain servers

dn: cn=Print Operators,ou=Group,dc=linux-win,dc=org
objectClass: posixGroup
gidNumber: 550
cn: Print Operators
description: Members can administer domain printers

dn: cnºckup Operators,ou=Group,dc=linux-win,dc=org
objectClass: posixGroup
gidNumber: 551
cn: Backup Operators
description: Members can bypass file security to back up files

dn: cn=Replicator,ou=Group,dc=linux-win,dc=org
objectClass: posixGroup
gidNumber: 552
cn: Replicator
description: Supports file replication in a domain




dn: ou=mail,dc=linux-win,dc=org
objectClass: top
objectClass: organizationalUnit
ou: mail
description: Mail
structuralObjectClass: organizationalUnit
entryUUID: 720f4014-9d3b-1029-850e-9750598991b3
creatorsName: cn=Manager,dc=linux-win,dc=org
createTimestamp: 20050809160736Z
entryCSN: 20050809160736Z#000001#00#000000
modifiersName: cn=Manager,dc=linux-win,dc=org
modifyTimestamp: 20050809160736Z

dn: ou=linux-win.org,ou=mail,dc=linux-win,dc=org
objectClass: top
objectClass: organizationalUnit
objectClass: CourierMailAlias
ou: linux-win.org
mail: linux-win.org
maildrop: linux-win.org
structuralObjectClass: organizationalUnit
entryUUID: b8729cb4-9d3f-1029-8515-9750598991b3
creatorsName: cn=Manager,dc=linux-win,dc=org
createTimestamp: 20050809163812Z
entryCSN: 20050809163812Z#000001#00#000000
modifiersName: cn=Manager,dc=linux-win,dc=org
modifyTimestamp: 20050809163812Z

dn: cn=root,ou=linux-win.org,ou=mail,dc=linux-win,dc=org
objectClass: top
objectClass: organizationalRole
objectClass: CourierMailAlias
cn: root
mail: root@linux-win.org
maildrop: root
structuralObjectClass: organizationalRole
entryUUID: b873049c-9d3f-1029-8516-9750598991b3
creatorsName: cn=Manager,dc=linux-win,dc=org
createTimestamp: 20050809163812Z
entryCSN: 20050809163812Z#000002#00#000000
modifiersName: cn=Manager,dc=linux-win,dc=org
modifyTimestamp: 20050809163812Z

dn: cn­min,ou=linux-win.org,ou=mail,dc=linux-win,dc=org
objectClass: top
objectClass: organizationalRole
objectClass: CourierMailAlias
cn: admin
mail: admin@linux-win.org
maildrop: root
structuralObjectClass: organizationalRole
entryUUID: b8736c98-9d3f-1029-8517-9750598991b3
creatorsName: cn=Manager,dc=linux-win,dc=org
createTimestamp: 20050809163812Z
entryCSN: 20050809163812Z#000003#00#000000
modifiersName: cn=Manager,dc=linux-win,dc=org
modifyTimestamp: 20050809163812Z

dn: cn=flo,ou=linux-win.org,ou=mail,dc=linux-win,dc=org
objectClass: top
objectClass: person
objectClass: CourierMailAlias
objectClass: organizationalPerson
cn: flo
mail: flo@linux-win.org
maildrop: flo
sn: flo
structuralObjectClass: organizationalPerson
entryUUID: b873d962-9d3f-1029-8518-9750598991b3
creatorsName: cn=Manager,dc=linux-win,dc=org
createTimestamp: 20050809163812Z
entryCSN: 20050809163812Z#000004#00#000000
modifiersName: cn=Manager,dc=linux-win,dc=org
modifyTimestamp: 20050809163812Z




dn: uid=flo,ou=People,dc=linux-win,dc=org
objectClass: top
objectClass: posixAccount
objectClass: shadowAccount
objectClass: account
cn: flo
uid: flo
uidNumber: 10000
gidNumber: 513
homeDirectory: /home/flo
loginShell: /sbin/nologin
gecos: Florian Berard
structuralObjectClass: account
entryUUID: d0bc00f8-9d3f-1029-8519-9750598991b3
creatorsName: cn=Manager,dc=linux-win,dc=org
createTimestamp: 20050809163853Z
entryCSN: 20050809163853Z#000001#00#000000
modifiersName: cn=Manager,dc=linux-win,dc=org
modifyTimestamp: 20050809163853Z


Voila pour l'arbre ldap.maintenant ma config posfif c'est la suivante
dans le main.cf :

command_directory = /usr/local/sbin
daemon_directory = /usr/local/libexec/postfix

smtpd_banner = $myhostname ESMTP $mail_name $mail_version
setgid_group = maildrop
biff = no
in_flow_delay = 10s
append_dot_mydomain = yes
alias_maps = hash:/usr/local/etc/postfix/aliases, $virtual_alias_maps
alias_database = hash:/usr/local/etc/postfix/aliases
home_mailbox = Maildir/
mail_spool_directory = /var/mail
local_destination_concurrency_limit= 1
default_destination_concurrency_limit = 1
smtpd_recipient_limit = 50
notify_classes=bounce,resource,software,policy
#myhostname = gw-bsd.linux-win.org
relayhost relay_domains mynetworks = 192.168.1.0/32, 192.168.3.0/32, 127.0.0.0/8
mailbox_command = /usr/local/bin/procmail
mailbox_size_limit = 0
mailq_path = /usr/local/bin/mailq
message_size_limit = 10000000
recipient_delimiter = +
smtpd_helo_required = yes
smtpd_recipient_restrictions = permit_mynetworks,permit_sasl_authenticated,

reject_unauth_pipelining,reject_unauth_destination,reject_invalid_hostname,reject_unknown_recipient_domain
smtpd_sender_restrictions = permit_sasl_authenticated,
hash:/usr/local/etc/postfix/access,
reject_unknown_sender_domain,
reject_invalid_hostname
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain smtp_use_tls = yes
smtpd_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_key_file = /usr/local/etc/postfix/certificats/linux-win.key
smtpd_tls_cert_file = /usr/local/etc/postfix/certificats/linux-win.crt
smtpd_tls_CAfile = /usr/local/etc/postfix/certificats/cacert.crt
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s

header_checks = regexp:/usr/local/etc/postfix/header_checks.cf
body_checks = regexp:/usr/local/etc/postfix/body_checks.cf
strict_rfc821_envelopes = yes
unknown_address_reject_code = 554
unknown_client_reject_code = 554
unknown_hostname_reject_code = 554
readme_directory = no
sample_directory = /usr/local/etc/postfix
sendmail_path = /usr/local/sbin/sendmail
manpage_directory = /usr/local/man
newaliases_path = /usr/local/bin/newaliases
queue_directory = /var/spool/postfix
mail_owner = postfix
unknown_local_recipient_reject_code = 450


mydestination virtual_mailbox_maps = ldap:/usr/local/etc/postfix/ldap-accounts.cf
virtual_alias_maps = ldap:/usr/local/etc/postfix/ldap-aliases.cf

Dans ldap-accounts.cf , j'ai ca :

server_host = localhost
server_port = 389
search_base = dc=linux-win, dc=org
query_filter = (mail=%s)
result_attribute = maildrop
bind = yes
bind_dn = cn=Manager, dc=linux-win, dc=org
bind_pw = ***********
version = 3


Dans ldap-aliases.conf , j'ai ca :

server_host = localhost
search_base = dc=linux-win, dc=org
query_filter = (&(objectClass=CourierMailAlias) (mail=%s))
result_attribute = maildrop
bind = yes
bind_dn = cn=Manager, dc=linux-win, dc=org
bind_pw = supermani
version = 3


Et quand je veux envoyer un mail a flo@linux-win.org , j'ai ca dans les
logs :

Aug 9 20:27:36 gw-bsd postfix/smtpd[64820]: connect from
smtp-102-tuesday.nerim.net[62.4.16.102]
Aug 9 20:27:36 gw-bsd postfix/trivial-rewrite[64823]: warning: do not
list domain linux-win.org in BOTH virtual_alias_domains and
virtual_mailbox_domains
Aug 9 20:27:36 gw-bsd postfix/smtpd[64820]: 906245B06:
client=smtp-102-tuesday.nerim.net[62.4.16.102]
Aug 9 20:27:36 gw-bsd postfix/cleanup[64824]: 906245B06:
message-id=<42F8F59A.10405@nerim.net>
Aug 9 20:27:36 gw-bsd postfix/qmgr[61595]: 906245B06:
from=<bettan@nerim.net>, sizet8, nrcpt=1 (queue active)
Aug 9 20:27:36 gw-bsd postfix/smtpd[64820]: disconnect from
smtp-102-tuesday.nerim.net[62.4.16.102]
Aug 9 20:27:36 gw-bsd spamd[1010]: connection from localhost
[127.0.0.1] at port 50894
Aug 9 20:27:36 gw-bsd spamd[1010]: info: setuid to vmail succeeded
Aug 9 20:27:36 gw-bsd spamd[1010]: processing message
<42F8F59A.10405@nerim.net> for vmail:1005.
Aug 9 20:27:40 gw-bsd spamd[1010]: clean message (0.4/4.3) for
vmail:1005 in 3.5 seconds, 730 bytes.
Aug 9 20:27:40 gw-bsd spamd[1010]: result: . 0 - AWL
scantime=3.5,sizes0,mid=<42F8F59A.10405@nerim.net>,autolearn=ham
Aug 9 20:27:40 gw-bsd postfix/pickup[61594]: 32E855DC2: uid05
from=<bettan@nerim.net>
Aug 9 20:27:40 gw-bsd postfix/pipe[64825]: 906245B06:
to=<flo@gw-bsd.linux-win.org>, orig_to=<flo@linux-win.org>,
relay=spamassassin, delay=4, status=sent (gw-bsd.linux-win.org)
Aug 9 20:27:40 gw-bsd postfix/qmgr[61595]: 906245B06: removed
Aug 9 20:27:40 gw-bsd postfix/cleanup[64824]: 32E855DC2:
message-id=<42F8F59A.10405@nerim.net>
Aug 9 20:27:40 gw-bsd postfix/qmgr[61595]: 32E855DC2:
from=<bettan@nerim.net>, size50, nrcpt=1 (queue active)
Aug 9 20:27:40 gw-bsd postfix/smtp[64830]: 32E855DC2:
to=<flo@gw-bsd.linux-win.org>, relay=none, delay=0, status=bounced (mail
for gw-bsd.linux-win.org loops back to myself)
Aug 9 20:27:40 gw-bsd postfix/cleanup[64824]: 40FB05DD7:
message-id=<20050809182740.40FB05DD7@gw-bsd.linux-win.org>
Aug 9 20:27:40 gw-bsd postfix/qmgr[61595]: 40FB05DD7: from=<>,
size'78, nrcpt=1 (queue active)
Aug 9 20:27:40 gw-bsd postfix/cleanup[64824]: 42D235DEE:
message-id=<20050809182740.42D235DEE@gw-bsd.linux-win.org>
Aug 9 20:27:40 gw-bsd postfix/qmgr[61595]: 42D235DEE:
from=<double-bounce@gw-bsd.linux-win.org>, size$11, nrcpt=1 (queue active)
Aug 9 20:27:40 gw-bsd postfix/qmgr[61595]: 32E855DC2: removed
Aug 9 20:27:40 gw-bsd postfix/smtp[64832]: 42D235DEE:
to=<postmaster@gw-bsd.linux-win.org>, orig_to=<postmaster>, relay=none,
delay=0, status=bounced (mail for gw-bsd.linux-win.org loops back to myself)
Aug 9 20:27:40 gw-bsd postfix/bounce[64831]: warning: 42D235DEE:
undeliverable postmaster notification discarded
Aug 9 20:27:40 gw-bsd postfix/qmgr[61595]: 42D235DEE: removed
Aug 9 20:27:40 gw-bsd postfix/smtp[64830]: 40FB05DD7:
to=<bettan@nerim.net>, relay=tyrande.nerim.net[62.4.16.82], delay=0,
status=sent (250 Ok: queued as 16F8D2F8B5)
Aug 9 20:27:40 gw-bsd postfix/qmgr[61595]: 40FB05DD7: removed


Voila lol et je sais vraiment pas quoi faire pour arriver simplement a
ceux que des users dans le ldap puissent envoyer des mails !



--
Pensez à lire la FAQ de la liste avant de poser une question :
http://wiki.debian.net/?DebianFrench

Pensez à rajouter le mot ``spam'' dans vos champs "From" et "Reply-To:"

To UNSUBSCRIBE, email to debian-user-french-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org