Re: qmail-getpw
OK, sorry for the confusion here is the setup again: OpenLDAP, the pam_ldap and nss_ldap modules from padl.com, the UW IMAP server, regular qmail (not qmail-ldap). I have no qmail users or cdb files. Here is what /var/qmail/bin/qmail-getpw herbie | tr '\0' '\n' produces: herbie 39500 3 /homes/homefarm/herbie Herbie (me) has an account on the machine and an entry in /etc/passwd /var/qmail/bin/qmail-getpw judygs | tr '\0' '\n' judygs 11371 20 /homes/home21/judygs Judy has only an entry in the LDAP database, but the results of qmail-getpw are the same. Here are judy's permissions: drwx--4 judygs users 103 Jun 25 12:44 /homes/home21/judygs drwx--5 judygs users 92 Jun 13 15:00 /homes/home21/judygs/Maildir/ drwx--2 judygs users 35 Jun 13 15:00 cur drwx--2 judygs users2975 Jun 13 15:00 new drwx--2 judygs users 35 Jun 13 15:00 tmp Yet I can receive mail, and Judy cannot. I did try playing with qmail-ldap, but it's schema was too different from the schema we were already using, and it seemed more geared towards 'virtual users' whereas we want people to have real accounts. Any ideas? herbie On Wed, 27 Jun 2001, Charles Cazabon wrote: Are all of these conditions true for your LDAP users? What is the exact output of the command: qmail-getpw ldap_user_name | tr '\0' '\n' The fact the qmail-getpw seems to work is what confuses me. You said you're not using qmail-users. Does qmail-LDAP still use qmail-getpw then? If not, that would explain this, if you're actually using qmail-LDAP (I can't remember if you said you were).
Re: qmail-getpw
Yes, I'm embarassed to admit that was indeed the fault. I had just tried creating new users, and realised they couldn't access their own homedirs and it clicked. So now all seems to be working very happily again. For the record qmail was less than helpful in it's logging errors merely saying. Jun 28 11:47:36 willow QMAIL: 993746856.402721 delivery 19: failure: Sorry,_no_mailbox_here_by_that_name._(#5.1.1) each time. Oh well. Thanks again. herbie __ This is an email, an electronic Post-It note. Keep your Inbox tidy and dispose of it in a timely fashion. On Thu, 28 Jun 2001, Charles Cazabon wrote: Andrew J Herbert [EMAIL PROTECTED] wrote: OpenLDAP, the pam_ldap and nss_ldap modules from padl.com, the UW IMAP server, regular qmail (not qmail-ldap). I have no qmail users or cdb files. Here is what /var/qmail/bin/qmail-getpw herbie | tr '\0' '\n' produces: herbie 39500 3 /homes/homefarm/herbie Herbie (me) has an account on the machine and an entry in /etc/passwd /var/qmail/bin/qmail-getpw judygs | tr '\0' '\n' judygs 11371 20 /homes/home21/judygs Judy has only an entry in the LDAP database, but the results of qmail-getpw are the same. Here are judy's permissions: drwx--4 judygs users 103 Jun 25 12:44 /homes/home21/judygs drwx--5 judygs users 92 Jun 13 15:00 /homes/home21/judygs/Maildir/ drwx--2 judygs users 35 Jun 13 15:00 cur drwx--2 judygs users2975 Jun 13 15:00 new drwx--2 judygs users 35 Jun 13 15:00 tmp Yet I can receive mail, and Judy cannot. That looks good. But what about the directories leading up to judygs' home directory? Are they all at least r-x for her UID or default GID? Specifically, what is the output of: ls -lind / /homes /homes/home21 /homes/home21/judygs/ /homes/home21/judygs/* I'm concerned that UID 11371 is not judygs or that GID 20 is not group users, or that the parent directories are not r-x for them. Since qmail-getpw is successful for judygs, what appears in the qmail-send logs when you send a message to her? qmail should be logging something when it tries to do a local delivery to her. Charles -- --- Charles Cazabon[EMAIL PROTECTED] GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/ ---
Re: qmail-getpw
No unfortunately I do not, it would make life a lot easier if that was all that was wrong. The way the system is set up the admins have logins in a real /etc/passwd on the machine, then there is an ldap server that provides information on the 'users'. The admins in the /etc/passwd file can receive mail, but the users on the LDAP server can't. However if I run qmail-getpw from the command line it retrieves the users information no problem, same as with the admins. The permissions on the Maildirs and homedirs are all fine, as are ownerships. So I can't understand why qmail still refuses to deliver. The fact the qmail-getpw seems to work is what confuses me. herbie __ This is an email, an electronic Post-It note. Keep your Inbox tidy and dispose of it in a timely fashion. On Tue, 26 Jun 2001, Charles Cazabon wrote: Andrew J Herbert [EMAIL PROTECTED] wrote: Does qmail use any other delivery mechainism's by default? I have found that using nss_ldap, people in the local passwd file will get email, people in the LDAP database will not. Yet I can run qmail-getpw on a user in LDAP and it returns the right response, yet still will not deliver the mail. What am I missing? qmail-getpw will not be used if the qmail-users mechanism is in place. Do you have a /var/qmail/users/cdb file? Charles -- --- Charles Cazabon[EMAIL PROTECTED] GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/ ---
qmail-getpw
Does qmail use any other delivery mechainism's by default? I have found that using nss_ldap, people in the local passwd file will get email, people in the LDAP database will not. Yet I can run qmail-getpw on a user in LDAP and it returns the right response, yet still will not deliver the mail. What am I missing? herbie __ This is an email, an electronic Post-It note. Keep your Inbox tidy and dispose of it in a timely fashion.
YALQ (Yet another LDAP Question)
I've seen variations on this posted, and never seen any answers (Bret Martin, you still there?) I am tasked to try and implement the following. Qmail mail system, utilising one large NFS storage for mail, which is served by a farm of satellite linux boxes taking in mail and running IMAP and POP services, both insecure and secure, utilising separate passwords for the secure and insecure services, all users have actual accounts but are held in an LDAP database. So I have pam_ldap and nss_ldap setup with two sets of libraries and config files, one for secure and one for insecure services. I have hacked the UW IMAP server further to allow me to have two different servers, using different PAM config files to allow lookups in different LDAP branches (secure and insecure), all this works, and then I discovered qmail seems to use some odd lookup mechanism for users. It won't use nss_ldap and doesn't see any of the users. I've now played with qmail_ldap, but fail to see that I can implement it in the same structure as everything else, as it seems primarily geared toward 'virtual users'. Help. herbie __ This is an email, an electronic Post-It note. Keep your Inbox tidy and dispose of it in a timely fashion.
Re: YALQ (Yet another LDAP Question)
It's a nice idea, and we did consider it, and play with it but it doesn't work for a few reasons. 1. We use Eudora as a mail client, it's not my choice unfortunately, and it thrashes Courier, whilst UW doesn't break a sweat, due to the odd way Eudora implements mail filters (using UID's). 2. We have to have people having logons in the system, this isn't just email we're talking about, hence why I said I want to use real users, and not virtual users. Also we run a web based front end to procmail for mail filtering that has to be 'grannied' in. Anyone know how to get qmail-ldap compliant with RFC2307? How does qmail look up local users anyway? Why won't it work with nss_ldap? herbie __ This is an email, an electronic Post-It note. Keep your Inbox tidy and dispose of it in a timely fashion. On Mon, 25 Jun 2001, Mike Jackson wrote: Andrew J Herbert wrote: I've now played with qmail_ldap, but fail to see that I can implement it in the same structure as everything else, as it seems primarily geared toward 'virtual users'. You want qmail-ldap. If these are mail servers, why do users need to have a system account? They aren't administrators. I run several qmail-ldap servers, with only system accounts for the IT staff. Even if they need a system account, you can store their mail in /var/qmail/maildirs owned and grouped to the qmail-ldap daemons, and make them use pine over IMAP or pop. UW-Imap is a resource HOG. You have to patch it twice to get it to work in your setup, and you have to recompile it when you make configuration changes. Low tech. Courier Imap has native support for ldap authentication and maildirs, has low memory requirements, and can be reconfigured without recompiling. Regards, Mike
Re: YALQ (Yet another LDAP Question)
Aah, now this is an interesting thing, I can run qmail-getpw from the command line, and it finds all the correct information, using the LDAP lookup (this is using regular qmail with nss_ldap), the permissions on the users home directory look OK (owned by user 700) as does the Maildir and there is a .qmail file (owned by user 644) which contains ./Maildir/ so why isn't mail being delivered? Suggestions anyone? herbie __ This is an email, an electronic Post-It note. Keep your Inbox tidy and dispose of it in a timely fashion. On Mon, 25 Jun 2001, Charles Cazabon wrote: Andrew J Herbert [EMAIL PROTECTED] wrote: How does qmail look up local users anyway? Why won't it work with nss_ldap? If the qmail-users mechanism is configured, that's used -- `man qmail-users` for details. Fallback is qmail-getpw, which relies on the system's implementation of the getpwnam() function. stock qmail doesn't know anything about LDAP. I don't know if LDAP-patched qmail gets user information in a different way. If not, you could dump your LDAP users information through qmail-pw2u and qmail-newu to use the qmail-users mechanism. Charles -- --- Charles Cazabon[EMAIL PROTECTED] GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/ ---
Re: Help with Installation
Well check your maillog and see if there's an error in there, is the message in the queue still, maybe qmail-send isn't running, in which case it won't be delivered. There are oh so many ways it can go wrong :) Oh and correct permissions on the users homedir, and a .qmail file help too. __ This is an email, an electronic Post-It note. Keep your Inbox tidy and dispose of it in a timely fashion. On Mon, 25 Jun 2001, Cordell Bourne wrote: I have followed the directions in the Life with Qmail doc for installing Qmail and all appears to be working expcept that I can't get mail into my INBOX. Here is what my system had before I started... SunOS 5.7 U of W IMAP server Sendmail There are about 2000+ users on the server I have been able to telnet to the SMTP service and send a message from myself to myself without errors, but the message never arrives in my INBOX. What do I need to check to make sure mail is getting delivered to where I want it? Cordell Bourne Sr. Software Test Engineer Campus Pipeline, Inc.