[prev in list] [next in list] [prev in thread] [next in thread]
List: ispman-users
Subject: Re: [Ispman-users] ispman + cyrus imap and user@domain.tld format
From: Atif Ghaffar <aghaffar () developer ! ch>
Date: 2002-12-25 17:15:00
[Download RAW message or body]
Since its Xmas, I'll give out my tricks.
You can use perdition to route between imap client and imap server.
You can use mailLocalAddress to look up mailRoutingAddress if you only
want the user to authenticate using user@domain.tld format.
You will need this line in perdition conf.
map_library_opt
"ldap://localhost/o=ispman?mailRoutingAddress?sub?(mailLocalAddress=%25s)"
But this will work for mail only and not for FTP etc.
If you want the users the ability to auth to anything using
user@domain.tld then follow then also do the following.
Use 2 uids for users.
Example:
dn: uid=aghaffar_ispman_org, ou=users.....
uid: aghaffar_ispman_org
uid: aghaffar@ispman.org
Change ispman/templates/users.ldif.template and after the uid line, add
uid: <perl>join '@', ($r->param("userid"),
$r->param("ispmanDomain"))</perl>
This will allow the users to auth using user_domain_tld or
user@domain.tld and all apps that lookup something via LDAP will be ok.
Note: For cyrus, you still will need to go the perdition route, since
cyrus authentifies mailboxes and not users. I dont know if there is a
mech in cyrus to map user to mailbox. If yes, then the perdition can be
ignored on a single mailserver environment.
Merry Xmas.
Herman Sheremetyev wrote:
> Hey Everybody,
>
> I just finished setting up ispman 0.9.3 on a few RedHat8 boxes with
> cyrus+postfix+bind9+apache2+pureftpd. The biggest problem I ran into
> was changing the default user_domain_tld username format to
> user@domain.tld so that migrating the existing userbase would not cause
> excessive user confusion.
>
> The only place where the switch causes a problem is on the mail server
> since cyrus does not like either .'s or @'s in the usernames. The
> problem with dots is "easy" to get around by setting unixhierarchysep:
> yes in the imapd.conf and messing around with the ispman code a bit to
> create proper directories. However the issue with the '@' is not so
> easy and requires a patch for lmtpd to work. I made some documentation
> of the process involved, hope someone finds it useful.
>
> <Disclaimer>
> Perl is not my first language ;)
> This works for me which doesn't mean it will for you, your mileage may
> vary, please don't hold me responsible if these changes, or any typos
> therein, break your setup.
> It may be easier to just use courier imap, I don't know, I prefer cyrus.
> It may be possible to accomplish the same thing or avoid so many ispman
> source changes by authenticating the user off mailLocalAddress. (If
> somebody got this to work with cyrus I'd like to know about it).
> </Disclaimer>
>
> -Herman
>
>
> ------------------------------------------------------------------------
> Here's my mail server setup procedure:
>
> Install Cyrus:
>
> - download cyrus-imapd-2.1.11
> - patch the lmtpd source using lmtpd.2.1.5.patch2
> (http://www.surf.org.uk/downloads/lmtpd.2.1.5.patch2)
> $ cd $CYRUS_SOURCE/imap
> $ patch -p0 < lmtpd.2.1.5.patch2
> - Install
> $ cd $CYRUS_SOURCE
> $ ./configure --prefix=/usr/local/cyrus-imap
> --with-cyrus-prefix=/usr/local/cyrus-imap --with-auth=unix
> --disable-gssapi --without-krb
> $ make depend
> $ make all CFLAGS=-O
> # make install
>
> Install Postfix:
> - download postfix-1.1.12
> - Install
> $ make tidy
> $ make makefiles CCARGS="-I/usr/local/include
> -DHAS_LDAP" AUXLIBS="-L/usr/lib -lldap -L/usr/lib -llber"
> # make install
>
>
> Configure saslauthd:
> - ensure that saslauthd starts before cyrus on bootup with
> options: -a pam
>
> Configure Cyrus:
> vi /etc/passwd (add cyrus user)
> /usr/bin/pwconv
> passwd cyrus
> vi /etc/syslog.conf (add local6.debug and auth.debug)
> ( Add lines:
> # Cyrus imap logs
> local6.*
> /var/log/cyrus.log
> auth.*
> /var/log/auth.log
> )
>
> vi /etc/imapd.conf
> ( Add the following lines:
> configdirectory: /var/imap
> partition-default: /var/spool/imap
> sasl_pwcheck_method: saslauthd
> admins: cyrus
> unixarchysep: yes
> )
>
> vi /etc/pam.d/imap and /etc/pam.d/pop
> ( Add the following lines:
> #%PAM-1.0
> auth sufficient /lib/security/pam_ldap.so
> account sufficient /lib/security/pam_ldap.so
> )
>
> vi /etc/ldap.conf and /etc/openldap/ldap.conf
> ( Add the following lines:
> host ldap
> base o=ispman
> pam_login_attribute uid
> )
>
> cd /var
> mkdir imap
> chown cyrus imap
> chgrp mail imap
> chmod 750 imap
> cd /var/spool
> mkdir imap
> chown cyrus imap
> chgrp mail imap
> chmod 750 imap
> cd /usr
> mkdir sieve
> chown cyrus sieve
> chgrp mail sieve
> chmod 750 sieve
>
> su - cyrus
> $CYRUS_SRC_DIR/tools/mkimap
> exit
>
> cd /var/imap
> chattr +S user quota user/* quota/*
> chattr +S /var/spool/imap /var/spool/imap/*
> chattr +S /var/spool/postfix
>
>
> Configure Postfix:
>
> cp
> /opt/ispman/build/install-data/examples/postfix_configuration/main.cf.reasonable /etc/postfix/main.cf
> vi /etc/postfix/main.cf
> (
> Change the following line:
> mailbox_transport = cyrus
> to:
> mailbox_transport =
> lmtp:unix:/var/imap/socket/lmtp
>
> Change ldapvirtual_* vars to match your ldap server,
> bind dn, etc.
> )
>
> Make sure to make hashes of all files mentioned in
> /etc/postfix/main.cf that need to be hashed
>
>
> Configure ISPMAN:
>
> These changes to ISPMAN source need to be made in order to make
> user@domain.tld format users work properly.
> The default user format is user_domain_tld which in my opinion
> can be confusing to users.
>
>
> diff ./bin/ispman.createMailbox /opt/ispman/bin/ispman.createMailbox
> 31c31
> < $str join '_', ($uid, $domain);
> ---
>
>> $str=join '_', ($uid, $domain);
>
>
>
>
> diff ./lib/create_mailbox_cyrus.lib
> /opt/ispman/lib/create_mailbox_cyrus.lib
> 7,9c7,9
> < $ispman->{'imap'}->add("$mailbox.Sent", $hostname);
> < $ispman->{'imap'}->add("$mailbox.Drafts", $hostname);
> < $ispman->{'imap'}->add("$mailbox.Trash", $hostname);
> ---
>
>> $ispman->{'imap'}->add("$mailbox/Sent", $hostname);
>> $ispman->{'imap'}->add("$mailbox/Drafts", $hostname);
>> $ispman->{'imap'}->add("$mailbox/Trash", $hostname);
>
>
>
> diff ./lib/cyrusadmin.pm /opt/ispman/lib/cyrusadmin.pm
> 20c20
> < $mailbox_prefix="user.";
> ---
>
>>$mailbox_prefix="user/";
>
>
>
> diff ./lib/ISPMan/IMAP.pm /opt/ispman/lib/ISPMan/IMAP.pm
> 85c85,89
> < $mailbox=($mailbox=~/^user\./)?$mailbox:"user.$mailbox";
> ---
>
>> $mailbox=($mailbox=~/^user\//)?$mailbox:"user\/$mailbox";
>> if($mailbox =~/^user\./) {
>> $mailbox =~ s/^user\./user\//;
>> }
>> #$mailbox=($mailbox=~/^user\./)?$mailbox:"user.$mailbox";
>
> 102c106,111
> < $mailbox=($mailbox=~/^user\./)?$mailbox:"user.$mailbox";
> ---
>
>> $mailbox=($mailbox=~/^user\//)?$mailbox:"user\/$mailbox";
>> if($mailbox =~/^user\./) {
>> $mailbox =~ s/^user\./user\//;
>> }
>> #$mailbox=(!($mailbox=~/^user\./))?"user\/$mailbox":$mailbox;
>> #$mailbox="user/$mailbox";
>
> 115c124,128
> < $mailbox=($mailbox=~/^user\./)?$mailbox:"user.$mailbox";
> ---
>
>> $mailbox=($mailbox=~/^user\//)?$mailbox:"user\/$mailbox";
>> if($mailbox =~/^user\./) {
>> $mailbox =~ s/^user\./user\//;
>> }
>> #$mailbox=($mailbox=~/^user\./)?$mailbox:"user\/$mailbox";
>
>
>
> diff ./lib/ISPMan/UserMan.pm /opt/ispman/lib/ISPMan/UserMan.pm
> 115,116c115,116
> < my $_uid=join '_', ($r->param("uid"), $domain);
> < $_uid=~s/\./_/g;
> ---
>
>> my $_uid=join '@', ($r->param("uid"), $domain);
>> #$_uid=~s/\./_/g;
>
>
>
>
>
>
>
> -------------------------------------------------------
> This sf.net email is sponsored by:ThinkGeek
> Welcome to geek heaven.
> http://thinkgeek.com/sf
> _______________________________________________
> Ispman-users mailing list
> Ispman-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/ispman-users
--
Atif Ghaffar
Technology Consultant
---------------------------.
+41 21 321 65 55 ¦ tel
+41 21 321 54 54 ¦ fax
+41 78 845 31 64 ¦ mobile
aghaffar@developer.ch ¦ email
http://atifghaffar.com ¦ www
http://www.ispman.org ¦
-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
Ispman-users mailing list
Ispman-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ispman-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic