Email server with Postfix, Dovecot, and LDAP
I think I'll skip the introduction as this is mainly a note for myself
The LDAP Setup
I'm not going to cover how to setup LDAP. The setup that I'm using for this system is organized where all users are under an Organizational Unit called 'people' (ou=people,dc=organization,dc=org) with this schema:
Configuring Dovecot
Add these into dovecot.conf
dovecot-ldap.pass
dovecot-ldap.user
Configuring Postfix
Add these into your main.cf
Make sure domains under virtual_mailbox_domains is not listed under mydestinations.
Thats it I think, not sure if I missed anyting.
The LDAP Setup
I'm not going to cover how to setup LDAP. The setup that I'm using for this system is organized where all users are under an Organizational Unit called 'people' (ou=people,dc=organization,dc=org) with this schema:
dn: uid=user,ou=people,dc=organization,dc=org objectClass: posixAccount objectClass: inetOrgPerson uid: user homeDirectory: /home/user userPassword: <passwordhash>
Configuring Dovecot
Add these into dovecot.conf
mail_uid = 5000 mail_gid = 5000 auth default { mechanisms = plain passdb ldap { args = /etc/dovecot-ldap.pass } userdb ldap { args = /etc/dovecot-ldap.user } # for postfix to authenticate against socket listen { client { # Assuming the default Postfix $queue_directory setting path = /var/spool/postfix/private/auth mode = 0660 # Assuming the default Postfix user and group user = postfix group = postfix } }
dovecot-ldap.pass
hosts = host.of.ldap.server:389 sasl_bind = no auth_bind = yes ldap_version = 3 deref = never base = uid=%n,ou=people,dc=organization,dc=org scope = base dn = uid=manager,dc=organization,dc=org dnpass = password
dovecot-ldap.user
hosts = host.of.ldap.server:389 sasl_bind = no auth_bind = yes ldap_version = 3 deref = never base = uid=%n,ou=people,dc=organization,dc=org scope = base user_attrs = homeDirectory=home dn = uid=manager,dc=organization,dc=org dnpass = password
Configuring Postfix
Add these into your main.cf
accounts_server_host = host.of.ldap.server accounts_search_base = ou=people,dc=organization,dc=org accounts_query_filter = (&(objectClass=inetOrgPerson)(mail=%s)) accounts_result_attribute = homeDirectory accounts_result_format = %s/Mailbox accounts_scope = sub accounts_cache = yes accounts_bind = yes accounts_bind_dn = uid=manager,dc=organization,dc=org accounts_bind_pw = password accounts_version = 3 virtual_transport = virtual virtual_uid_maps = static:5000 virtual_gid_maps = static:5000 virtual_mailbox_base = / virtual_mailbox_maps = ldap:accounts virtual_mailbox_domains = organization.org smtpd_sasl_type = dovecot smtpd_sasl_auth_enable = yes smtpd_sasl_authenticated_header = no smtpd_sasl_local_domain = smtpd_sasl_security_options = noanonymous broken_sasl_auth_clients = yes smtpd_sasl_path = private/auth
Make sure domains under virtual_mailbox_domains is not listed under mydestinations.
Thats it I think, not sure if I missed anyting.
Comments