Skip to main content

Email server with Postfix, Dovecot, and LDAP

I think I'll skip the introduction as this is mainly a note for myself

The LDAP Setup

I'm not going to cover how to setup LDAP. The setup that I'm using for this system is organized where all users are under an Organizational Unit called 'people' (ou=people,dc=organization,dc=org) with this schema:

dn: uid=user,ou=people,dc=organization,dc=org
objectClass: posixAccount
objectClass: inetOrgPerson
uid: user
homeDirectory: /home/user
userPassword: <passwordhash>

Configuring Dovecot

Add these into dovecot.conf

mail_uid = 5000
mail_gid = 5000

auth default {
  mechanisms = plain
  passdb ldap {
          args = /etc/dovecot-ldap.pass
  userdb ldap {
          args = /etc/dovecot-ldap.user

  # for postfix to authenticate against
  socket listen {
        client {
          # Assuming the default Postfix $queue_directory setting
          path = /var/spool/postfix/private/auth
          mode = 0660
          # Assuming the default Postfix user and group
          user = postfix
          group = postfix


hosts = host.of.ldap.server:389
sasl_bind = no
auth_bind = yes
ldap_version = 3
deref = never
base = uid=%n,ou=people,dc=organization,dc=org
scope = base
dn = uid=manager,dc=organization,dc=org
dnpass = password


hosts = host.of.ldap.server:389
sasl_bind = no
auth_bind = yes
ldap_version = 3
deref = never
base = uid=%n,ou=people,dc=organization,dc=org
scope = base
user_attrs = homeDirectory=home
dn = uid=manager,dc=organization,dc=org
dnpass = password

Configuring Postfix

Add these into your

accounts_server_host = host.of.ldap.server
accounts_search_base = ou=people,dc=organization,dc=org
accounts_query_filter = (&(objectClass=inetOrgPerson)(mail=%s))
accounts_result_attribute = homeDirectory
accounts_result_format  =  %s/Mailbox
accounts_scope = sub
accounts_cache = yes
accounts_bind = yes
accounts_bind_dn = uid=manager,dc=organization,dc=org
accounts_bind_pw = password
accounts_version = 3

virtual_transport = virtual
virtual_uid_maps = static:5000
virtual_gid_maps = static:5000
virtual_mailbox_base = /
virtual_mailbox_maps = ldap:accounts
virtual_mailbox_domains =

smtpd_sasl_type = dovecot
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = no
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_sasl_path = private/auth

Make sure domains under virtual_mailbox_domains is not listed under mydestinations.

Thats it I think, not sure if I missed anyting.
Post a Comment

Popular posts from this blog

Adding simple popup to Plone frontpage

Here is a little guide for those who want to add a simple popup to the Plone frontpage for some purpose (eg: announcements, advertisements, etc).

Create a basic html file containing the content you want to appear in the popup. Upload it into $PLONE_SITE/portal_skins/custom (as Page Template) and for the sake of this example, name it popup.html

Afterward, create a Javascript file with your Pop-Up loader script. For example , this script:

function popup(mylink, windowname)
if (! window.focus)return true;
var href;
if (typeof(mylink) == 'string')
href=mylink.href;, windowname, 'width=220,height=400,scrollbars=no');
return false;

popup('popup.html', 'My Popup');

Also upload this file into $PLONE_SITE/portal_skins/custom (as Page Template too). For this example, name it as popup.js

Afterward, in $PLONE_SITE/portal_javascripts , add popup.js as a new script into portal_javascripts…

Tee'ing Python subprocess.Popen output

A little hack for python coders out there who wanted to have a functionality similar to the unix's tee command for redirecting output to multiple places.

import sys
from subprocess import Popen,PIPE
p = Popen(['put','command','and','arguments','here'],stdout=PIPE)

while True:
o = p.stdout.readline()
if o == '' and p.poll() != None: break
# the 'o' variable stores a line from the command's stdout
# do anything u wish with the 'o' variable here
# this loop will break once theres a blank output
# from stdout and the subprocess have ended

HOWTO: Mirroring Yum repositories using Yum-Utils

As promised before in one of my previous post, a Howto on how to mirror and manage yum repositories using some of the utilities in yum-utils.

The first step is, well, of course, is to get yum-utils from fedora repository
yum install yum-utils

Reposync is a utility for mirroring and synchronizing local copy of a yum/rpmmetadata repository.

This utility is very useful if you wanted to make a yum repository mirror. Before this, I used "wget -R -np -N" but this method is a little bit tedious and it doesnt work with repos that didn't use directory listing. Plus, it also download together additional site stuff that I don't need/want and it doesn't verify checksum of the downloaded packages.

Mirroring a repo using this utility is easy, just execute this command
reposync -r <repoid> -a <arch> -n
and the repo will be mirrored in a folder with the same name of the repoid in the directory you executed the command. Eg: you executed the command in /mnt/storage/mi…