'[Ispman-users] ispman + postfix server config HOWTO'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ispman-users
Subject:    [Ispman-users] ispman + postfix server config HOWTO
From:       David Morton <mortonda () osprey ! net>
Date:       2002-11-20 19:31:51
[Download RAW message or body]

I'm currently in the process of migrating my system to ispman (I've been
doing some development work too) and one thing I never have found is a
good explanation of how to set up postfix.  There have been some sample
config files, which I will include here, but I think some explanation
would also help.  This is a work in progress for me, but I think this
might help to document what I have learned.  Any suggestions are
welcome.  This is designed to be a help to someone installing an ispman
system, but it is very important that you understand why things are
working - never just cut and paste!

WARNING! At the time of this writing, I have not yet used this setup in
a production setting! (I'm about to, unless someone replies with an
obvious screwup :)

I have a config file format that works for either a border mx server or
local delivery, and it appears to work with ispman without any
modifications.  It is not necessary to have two mail servers, this will
even work on a one mail server setup.  (I wish I had known this before I
started hosting)  This setup should also allow for splitting mail
storage among many mail stores, even dividing a single domain among
multiple stores. 

Providing a catchall email address, per domain, can also be
accomplished.

The magic is in which fields are searched in ldap to determine delivery.
I am using courier imap on the mail stores, so any special
considerations for cyrus delivery are not covered here.

I also have the following patches applied to postfix when compiling...
I believe the maildirsiz patch also has support for a Maildir suffix
config item that helps postfix deliver to the correct directory.

per_user_uce_patch-1.1.4.gz
postfix-1.1.11_quota_maildirsize.patch.gz

here's the relevent config file options:


--------------------------------------------------------------
home_mailbox = Maildir/

mailbox_transport = virtual

virtual_maildir_suffix = Maildir/
virtual_mailbox_base = /
virtual_mailbox_maps = ldap:ldapvirtualmaps
virtual_uid_maps = ldap:ldapvirtualuidmap
virtual_gid_maps = ldap:ldapvirtualgidmap
virtual_maps = ldap:ldapvirtualmap

ldapvirtualmaps_server_host = localhost
ldapvirtualmaps_server_port = 389
ldapvirtualmaps_bind_dn = o=ispman
ldapvirtualmaps_bind_pw = secret
ldapvirtualmaps_bind = yes
ldapvirtualmaps_timeout = 5
ldapvirtualmaps_search_base = o=ispman
ldapvirtualmaps_query_filter = (mailRoutingAddress=%s)
ldapvirtualmaps_result_attribute = homeDirectory
ldapvirtualmaps_lookup_wildcards = no

ldapvirtualuidmap_server_host = localhost
ldapvirtualuidmap_server_port = 389
ldapvirtualuidmap_bind_dn = o=ispman
ldapvirtualuidmap_bind_pw = secret
ldapvirtualuidmap_bind = yes
ldapvirtualuidmap_timeout = 5
ldapvirtualuidmap_search_base = o=ispman
ldapvirtualuidmap_query_filter =(mailRoutingAddress=%s)
ldapvirtualuidmap_result_attribute = uidNumber
ldapvirtualuidmap_lookup_wildcards = no

ldapvirtualgidmap_server_host = localhost
ldapvirtualgidmap_server_port = 389
ldapvirtualgidmap_bind_dn = o=ispman
ldapvirtualgidmap_bind_pw = secret
ldapvirtualgidmap_bind = yes
ldapvirtualgidmap_timeout = 5
ldapvirtualgidmap_search_base = o=ispman
ldapvirtualgidmap_query_filter = (mailRoutingAddress=%s)
ldapvirtualgidmap_result_attribute = gidNumber
ldapvirtualgidmap_lookup_wildcards = no


ldapvirtualmap_server_host = localhost
ldapvirtualmap_server_port = 389
ldapvirtualmap_bind_dn = o=ispman
ldapvirtualmap_bind_pw = secret
ldapvirtualmap_bind = yes
ldapvirtualmap_timeout = 15
ldapvirtualmap_search_base = o=ispman
ldapvirtualmap_query_filter = (|(mailRoutingAddress=%s)(mailAlias=%s))
ldapvirtualmap_result_attribute = mailRoutingAddress
ldapvirtualmap_lookup_wildcards = no

--------------------------------------------------------------------- 

the virtual_maps table is the key table on an incoming mx server: it
looks up the recipient address in ldap (mailLocalAddress or mailAlias)
and returns the mailRoutingAddress.  This specifies what specific box to
deliver the mail to.  for example, user@domain.tld should translate to
user_domain_tld@mailhost.hosting.tld, where mailhost.hosting.tld is the
fully qualified hostname of your mail store.  This can be the same box
as the mx, or not.  It is important that the ispman Hosts has the fully
qualified domain name as the configured hostname, and that the hostname
command on the server returns the same thing.

the virtual_mailbox_maps, virtual_uid_maps, and virtual_gid_maps are the
key tables on the mail storage servers.  this looks at the mailRouting
attribute and returns the home directory, uidNumber and gidNumber to
store the mail, under
/ispman/domains/domain.tld/users/user_domain_tld/Maildir

In order to create a catchall account, a little ldap hacking is
required.  The virtual_maps lookup needs to find an entry for
@domain.tld and have a value in mailRoutingAddress.  To accomplish this,
the entry for "ispmanDomain=domain.tld, rootdn" needs to have three
attributes added:

objectClass: ispmanDomainUser
mailRoutingAddress: catchalluser@domain.tld
mailLocalAddress: @domain.tld
 

---------------
TODO: add support for mail Forwarding... I currently edit
mailRoutingAddress by hand to achieve this.  ispman does not currently
allow for editing this via web interface, as far as I can tell.

Support for the other mail forwarding can be added with another
virtual_maps lookup, but this time returning mailForwardingAddress
instead.  

I rarely need to have email delivered locally and forwarded elsewhere at
the same time, so ispman's handling of this is a bit awkward for me.


-- 
David Morton
Vice President
Osprey Network Technologies



-------------------------------------------------------
This sf.net email is sponsored by: 
Battle your brains against the best in the Thawte Crypto 
Challenge. Be the first to crack the code - register now: 
http://www.gothawte.com/rd521.html
_______________________________________________
Ispman-users mailing list
Ispman-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ispman-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic