I forgot to add … (Doh) … My Dovecot version is 2.1.7. Thanks. ~ Laz Peterson Paravis Business Networks Ph: 909.660.5100
On Oct 2, 2013, at 9:20 AM, Laz Peterson <l...@paravis.net> wrote: > Hi there Dovecot community -- > > I'll try to make this short. Here's the setup … Ubuntu 12.04, Postfix, > Dovecot, along with Amavis/Clamd/Spamassassin. Postfix is currently > receiving emails for virtual users in multiple domains, all of which are > authenticating through Winbind to Windows AD servers. The users log in to > the POP/IMAP/SMTP services using the format u...@domain.corp (the internal > domain, not the external mail domain). The domains are all in the same > forest, but there are many different domains to authenticate against. > > Dovecot is currently handling POP, IMAP, and authentication. Postfix uses a > MySQL database to map the external email domain to the internal AD domain, > for example domain.com -> domain.corp. Postfix also queries the same SQL > database for where to save the messages -- /home/vmail/domain\user -- I have > the SQL query strip off the ".corp". I had to do this because pam_winbind > returns the usernames as "DOMAIN\user" upon successful Dovecot > authentication, instead of "u...@domain.corp", which ends up invalidating all > of the %u, %n, and %d variables. On the user side, after successful auth, I > can only define %u and %n in my Dovecot configuration -- %d is null, %u is > "DOMAIN\user", and %n is "DOMAIN\user". (I use %Lu or %Ln to make it all > lower-case.) > > With this, I am able to authenticate users off of multiple domains, have the > mail delivered to a folder that is also accessible to the user when they log > in. It serves its purpose. > > Here's my problem. I am trying to now integrate Pigeonhole and ManageSieve > using Dovecot-LDA specified by "virtual_transport", and this is where things > get confusing. Dovecot IMAP/POP/SMTP auth notes the user account to be > "DOMAIN\user", while Dovecot-LDA receives the email to u...@domain.com, > noting the user account to be "u...@domain.corp". The same arguments for > userdb in "auth-system.conf.ext" are used by both Dovecot when user is > logging in for IMAP/POP/SMTP and Dovecot-LDA when it is storing the mail. > Because of the way pam_winbind returns the usernames without being able to > use %d anymore, I cannot seem to get the same behavior for both sides of > Dovecot. > > For example, if I set home and maildir to "/home/vmail/%Ln", Dovecot-LDA > delivers emails into the folder "/home/vmail/u...@domain.corp" and Dovecot > IMAP/POP looks in "/home/vmail/domain\user". If I set the home/maildir to > "/home/vmail/%Ld/%Lu", Dovecot-LDA delivers emails into the folder > "/home/vmail/domain.corp/user" and Dovecot IMAP/POP looks in > "/home/vmail/\/domain\user". So, I seem to be thoroughly unable to get > something here that works … The closest I can get is setting home/maildir to > "/home/vmail/%Ld\%Lu", but that now gives the LDA side > "/home/vmail/domain.corp\user" and the IMAP/POP/SMTP side > "/home/vmail/\\domain\user". > > If I am able to get pam_winbind to return "u...@domain.corp" instead of > "DOMAIN\user", I'd be fine. Or, if I could set the home and maildir > locations separately for Dovecot-LDA and Dovecot, I would also be okay. > > Any suggestions? I know this is probably a Winbind limitation, but I do not > know a thing about working with PAM authentication. I tried to compile and > install a pam_regex module (which seems to not be offered as a native package > in Ubuntu), but it gives errors after adding that to my PAM configuration. > I'm stumped. > > Please let me know if I can include my configuration for either Postfix or > Dovecot. > > Thank you so much for any help. > > ~ Laz Peterson