Re: imap with qmail-ldap

[Nicolas de Bari Embriz Garcia Rojas]

Give a try to dovecot.

Use qmail-ldap only for SMTP, dovecot for POP/IMAP, both authenticate
using the same ldap but they use their own configurations.

regards.

On Tue, Apr 15, 2014 at 1:07 PM, Friedrich Locke
 wrote:
> Hi folks,
>
> i am trying to run imap (i choose courier imap) and when i try to connect to
> it, all i got was:
>
> obsd# telnet obsd imap2
> Trying 200.235.128.97...
> Connected to obsd.
> Escape character is '^]'.
> * BYE imaplogin expected exactly two arguments.
> Connection closed by foreign host.
> obsd#
>
> And what sounds strange is that i am running qmail-imap. qmail-imap/run is:
>
> #!/bin/sh
> exec 2>&1
> #
> # IMAP service: this script is for courier-imap
> #
> QMAIL="/var/qmail"
> CONCURRENCY=500
> ME="`head -1 $QMAIL/control/me`"
> if [ -e $QMAIL/control/defaultdelivery ]; then
> ALIASEMPTY=`head -1 $QMAIL/control/defaultdelivery 2> /dev/null`
> else
> ALIASEMPTY=`head -1 $QMAIL/control/aliasempty 2> /dev/null`
> fi
> ALIASEMPTY=${ALIASEMPTY:="./Inbox/"}
>
> PATH="$QMAIL/bin:$PATH"
>
> # source the environemt in ./env
> eval `env - PATH=$PATH envdir ./env awk '\
> BEGIN { for (i in ENVIRON) \
> if (i != "PATH") { \
> printf "export %s=\"%s\"\\n", i, ENVIRON[i] \
> } \
>
> # enforce some sane defaults
> COURIER=${COURIER:="/usr/local"}
> PBSTOOL=${PBSTOOL:="$QMAIL/bin/pbsadd"}
>
> if [ X${NOPBSR+"true"} = X"true" ]; then
> unset PBSTOOL
> fi
>
> exec \
> tcpserver -v -HRl $ME -x$QMAIL/control/qmail-imapd.cdb \
> ${CONCURRENCY:+"-c$CONCURRENCY"} ${BACKLOG:+"-b$BACKLOG"} 0 imap
> \
> $COURIER/sbin/imaplogin \
> $QMAIL/bin/auth_imap ${PBSTOOL:+"-d$PBSTOOL"} \
> $COURIER/bin/imapd "$ALIASEMPTY"
>
>
> May someone clarify what is happening ?
>
> Thank you for your time and cooperation.



-- 
> nbari

Re: ssl (smtpd and remote)

[Nicolas de Bari Embriz Garcia Rojas]

Create/sign your certificate (pem) format, and put it for example in:
/var/qmail/control/my_smtp.pem

next use something like this https://gist.github.com/nbari/10548384#file-run-L26

for TLS use something like this https://gist.github.com/nbari/10548546

check that the file called smtpcert (/var/qmail/control/smtpcert)
contains the path to your 'pem' certificate.

regards

PS the links show run (daemontools) scripts



On Sat, Apr 12, 2014 at 6:41 PM, Friedrich Locke
 wrote:
> Hi folks,
>
> i am trying to get ssl for qmail-smtpd and qmail-remote. Up to know i am
> very confused with the certificate files necessary.
>
> For instance:
>
> "make cert" saves the certificate file in control/cert.pm
> This approach (the one above) does not make qmail-smtpd support STARTTLS
> after a telnet connection on port smtp and issue "ehlo obsd.cpd.ufv.br"
>
> I took a look at qmail-dmtpd.c source file and i saw it expects the cert
> file in "control/smtpcert".
>
> And qmail-remote.c: accordingly qmail-remote.c, it looks in
> "control/remotecert".
>
> So, i have some doubts, what are the file i need to allow tls/ssl in my
> qmail installations ? How to generate them ? I am really in need for these
> informations.
>
> Thank you a laot for your time and cooperation.
>
> Best regards,
>
> Fried.



-- 
> nbari

Re: imap

[Nicolas de Bari Embriz Garcia Rojas]

You can just use qmail-ldap just to receive/send email and use
alternative software to query the inbox, something like dovecot for
example could be a good choice.

regards

On Mon, Mar 24, 2014 at 11:38 AM, Friedrich Locke
 wrote:
> Dear list members,
>
> i am studying qmail-ldap and i saw it supports imap. I have never played
> with imap and i have heard that imap may consume lot of CPU. Is that true ?
> What experience you have to report on this regards.
>
> Thanks a lot for your time and cooperation.
>
> Best regards,
>
> []s fried.



-- 
> nbari

Re: mailing list

[Nicolas de Bari Embriz Garcia Rojas]

Hi,

lista-*

is handled by

mailAlternateAddress: lista-catch...@yourdomain.tld.

That makes lista-unsbuscribe, lists-subscribe, lists-anything to work.

The mailing list flow, is handled by the ezml-idx package.

For example, to create a mailing list called 'li...@mydomain.tld' you
could do something like:

ezmlm-make -Jmlrth -3 mydomain.tld -5 ad...@mydomain.tld
/home/qmail/maildirs/mydomain.tld/lista
/home/qmail/maildirs/mydomain.tld/lista/.qmail lista mydomain.tld

To know more about the flags check this site:
http://untroubled.org/ezmlm/man/man1/ezmlm-make.1.html



On Fri, Mar 14, 2014 at 4:57 PM, Gustavo Rios  wrote:
> Simple like that ?
> What about redirections, like in lista-subscribe@x.z.y ?
>
> Thanks once more.
>
> PS: In order to have lists with qmail, is it necessary any esspecial patch ?
>
>
> 2014-03-14 13:54 GMT-03:00 Nicolas de Bari Embriz Garcia Rojas
> :
>>
>> Yes, but you will need a special schema, for example:
>>
>> dn: uid=li...@zunzun.io,ou=zunzun.io,ou=vusers,dc=route,dc=mx
>> objectClass: top
>> objectClass: person
>> objectClass: inetOrgPerson
>> objectClass: qmailUser
>> uid: li...@zunzun.io
>> cn: lista
>> sn: lista
>> mail: li...@zunzun.io
>> mailAlternateAddress: lista-catch...@zunzun.io
>> mailMessageStore: zunzun.io/lista
>> accountStatus: nopop
>> qmailDotMode: dotonly
>>
>>
>> On Fri, Mar 14, 2014 at 4:45 PM, Gustavo Rios 
>> wrote:
>> > Hi folks,
>> >
>> > is it possible to have ezmlm (i mean: mailing lists) with qmail-ldap ?
>> >
>> > Thanks in advance.
>> >
>> > --
>> > www.bigpremium.co.uk
>> > Aqui sua sorte vale dinheiro.
>>
>>
>>
>> --
>> > nbari
>
>
>
>
> --
> www.bigpremium.co.uk
> Aqui sua sorte vale dinheiro.



-- 
> nbari

Re: mailing list

[Nicolas de Bari Embriz Garcia Rojas]

Yes, but you will need a special schema, for example:

dn: uid=li...@zunzun.io,ou=zunzun.io,ou=vusers,dc=route,dc=mx
objectClass: top
objectClass: person
objectClass: inetOrgPerson
objectClass: qmailUser
uid: li...@zunzun.io
cn: lista
sn: lista
mail: li...@zunzun.io
mailAlternateAddress: lista-catch...@zunzun.io
mailMessageStore: zunzun.io/lista
accountStatus: nopop
qmailDotMode: dotonly


On Fri, Mar 14, 2014 at 4:45 PM, Gustavo Rios  wrote:
> Hi folks,
>
> is it possible to have ezmlm (i mean: mailing lists) with qmail-ldap ?
>
> Thanks in advance.
>
> --
> www.bigpremium.co.uk
> Aqui sua sorte vale dinheiro.



-- 
> nbari

Re: ezmlm

[Nicolas de Bari Embriz Garcia Rojas]

yes, with out any issue.

you can used an ldiff like this one:

dn: uid=l...@ejemplo.org,ou=ejemplo.org,ou=vusers,dc=domain,dc=tld
objectClass: top
objectClass: person
objectClass: inetOrgPerson
objectClass: qmailUser
uid: l...@ejemplo.org
cn: list
sn: list
mail: l...@ejemplo.org
mailAlternateAddress: list-catch...@ejemplo.org
mailMessageStore: ejemplo.org/list
accountStatus: nopop
qmailDotMode: dotonly

then just create the list using the ezml commands






On Tue, Apr 2, 2013 at 8:37 PM, Friedrich Locke
wrote:

> Does qmail-ldap works with ezmlm ?
>
> Thanks.
>
> Fried
>



-- 
> nbari

Re: Want to blacklist a sender and drop mails silently

[Nicolas de Bari Embriz Garcia Rojas]

Try using later version of qmail-ldap or patch your version so that it
can support this:

http://code.google.com/p/qmail-ldap-smtpauthuser/wiki/SETUP
http://code.google.com/p/qmail-ldap-smtpauthuser/wiki/HowTo

if you are using freebsd , from the qmail-ldap ports you can select to
use the SMTPAUTHUSER once done. you can configure your filters and do
exactly what you are looking for.

An example of the filter is here:
http://code.google.com/p/qmail-ldap-smtpauthuser/source/browse/trunk/test-ldap.pl

regards.

On Wed, Feb 6, 2013 at 10:14 AM, Raja T Nair  wrote:
> Hello Dawie,
>
> Yes I have tried `badmailfrom', but this sends a message back to the sender,
> saying `your mail is administratively denied' - which I do not want.
>
> Regards,
> Raja.
>
>
> On 4 February 2013 19:21, Dawie Swarts  wrote:
>>
>> Hi
>>
>>
>>
>> As far as I remember you can add badmailfrom to your /var/qmail/control/
>> directory. Just list the email address you want to drop in there.
>>
>>
>>
>>
>>
>> Regards
>>
>> Dawie
>>
>>
>>
>>
>>
>> From: Shepherd Nhongo [mailto:shepher...@gmail.com]
>> Sent: 04 February 2013 03:41 PM
>> To: Raja T Nair
>> Cc: qmail-ldap@qmail-ldap.org
>> Subject: Re: Want to blacklist a sender and drop mails silently
>>
>>
>>
>> :-) don't be evil hahahahahaha
>>
>>
>>
>>
>>
>> Yes there is a way
>>
>> On Mon, Feb 4, 2013 at 3:09 PM, Raja T Nair  wrote:
>>
>> Hello All,
>>
>> Is there a way in qmail-ldap, where I can blacklist one sender and drop
>> all mails from this id silently?
>> I don't want to send a 'mail rejected' message to her.
>>
>> Regards,
>> Raja.
>> --
>> :^)
>>
>>
>>
>>
>> --
>> Shepherd Nhongo
>>
>> Do not Queue mail with SENDMAIL, send mail with QMAIL
>>
>> Mobile +263 772 688 072
>>
>> __
>> This email has been scanned by the IS Symantec Email Security.cloud
>> service.
>> For more information please visit http://www.symanteccloud.com
>> __
>>
>> Important Notice: This e-mail and attachments are confidential/legally
>> privileged and any unauthorised use, distribution or disclosure thereof, in
>> whatever form, by anyone other than the addressee is prohibited. If you have
>> received this e-mail in error, please destroy it. The views and opinions in
>> this e-mail and attachments may not necessarily be those of the Directors
>> and Management of the Bidvest Paperplus Group of Companies. The
>> aforementioned does not accept any liability for any damage, loss or expense
>> arising from this e-mail and/or from accessing any attachments.
>> __
>> This email has been scanned by the IS Symantec Email Security.cloud
>> service.
>> For more information please visit http://www.symanteccloud.com
>> __
>
>
>
>
> --
> :^)



-- 
> nbari

Re: studing qmail-ldap

[Nicolas de Bari Embriz Garcia Rojas]

You can also try to add the pureftp ldap schema:

http://download.pureftpd.org/pure-ftpd/doc/README.LDAP

with that you could have vmail for qmail and also vftp for your ftp
accounts, apart of your *nix accounts (shell).

regards


On Sun, Jan 13, 2013 at 6:08 PM, Ismail YENIGUL
 wrote:
> Hi Friedrich,
>
> My answer are in line.
>
> On 13.01.2013 19:46, Friedrich Locke wrote:
>>
>> Hi!
>>
>> i am studing qmail-ldap solution and some doubts arose.
>>
>> I would like to integrate qmail-ldap with my current unix user base.
>>
>> My base tree for posix accounts is: dc=people,ou=abc,ou=de. So for
>> instance if a have a user called vlobo, its dn is:
>> uid=vlobo,ou=people,dc=abc,dc=de. Since it is a unix user, its entry object
>> class is posixAccount.
>> Since, i want this same unix user as a qmail user, I added an object class
>> qmailUser to the same posixAccount entry.
>>
>> First doubt: is it wrong ?
>>
> No, That's very good idea.
>
>> For the qmailUser, the only mandatory attribute is "mail". So, when i
>> should add the objectClass qmailUser, I must, at least, define this
>> attribute, right?
>>
> even if objectclass say mail  is must. it is not enough. You must also add
> the following attributes:
> mailMessageStore,userPassword,mailHost,accountStatus,
>
> The following are optional but very useful:
> deliveryMode,mailQuotaSize,mailQuotaCount
>
>> So, what would it be procedures in order to remove the user vlobo as qmail
>> user ? Should I "take" out the qmailUser attributes for the given entry ?
>> How should I do it ?
>>
> Delete objectclass qmailUser from the user and other attributes defined in
> this objectclass.
>
>> Thanks in advance.
>>
>



-- 
> nbari

Re: SRS patch for qmail-ldap-1.03-20120221

[Nicolas de Bari Embriz Garcia Rojas]

Hi, the FreeBSD port /usr/ports/mail/qmail-ldap includes the SRS patch.


On Wed, Oct 24, 2012 at 3:13 PM, Berger Stefan  wrote:
> Hi all,
>
> i would like to know if anyone has an SRS patch for
> qmail-ldap-1.03-20120221 ?
> There is a patch for qmail-ldap-1.03-20060201 but it doesn't apply to
> the new version
> You can find the patch at
> http://qmail-ldap-smtpauthuser.googlecode.com/svn-history/r26/trunk/qmai
> l-ldap-1.03-20060201-SRS.patch
> Maybe there is another solution but I haven't found one
>
> Regards
> Stefan Berger
>
>



-- 
> nbari

Re: block attachments on per user basis

[Nicolas de Bari Embriz Garcia Rojas]

To apply it per user try to follow the logic describe here:
http://code.google.com/p/qmail-ldap-smtpauthuser/wiki/HowTo

you can use try to extend this:
http://qmail-ldap-smtpauthuser.googlecode.com/svn/trunk/smtpthrottle.pl
to meat your needs.

regards


On Mon, Sep 17, 2012 at 4:12 PM, Mario Remy Almeida  wrote:
> Hi,
>
> I have the attached patched which works fine, but its per IP base not per
> user. I need to know how can I read an attribute from ldap in qmail-smtpd.c.
>
>
>
> Subject: Re: block attachments on per user basis
> Date: Mon, 17 Sep 2012 15:47:28 +0100
> From: Nicolas de Bari Embriz Garcia Rojas 
> To: Mario Remy Almeida Cc: qmail-ldap@qmail-ldap.org
>
>
>> attachments + txt build the full email package so for been available
>> to allow user to send only attachments maybe you will need something
>> that could read the full package before releasing the email, maybe is
>> simpler to limit the user via send quota.
>>
>> On Mon, Sep 17, 2012 at 1:03 PM, Mario Remy Almeida 
>> wrote:
>>>
>>> Hi All,
>>>
>>> Dose anyone has a patch for qmail-ldap to block attachments on per user
>>> basis?
>>>
>>> For example:
>>> us...@example.com is allowed to send emails but us...@example.com is not
>>> allowed to send emails with attachments.
>>
>>
>>
>>
>



-- 
> nbari

Re: block attachments on per user basis

[Nicolas de Bari Embriz Garcia Rojas]

attachments + txt build the full email package so for been available
to allow user to send only attachments maybe you will need something
that could read the full package before releasing the email, maybe is
simpler to limit the user via send quota.

On Mon, Sep 17, 2012 at 1:03 PM, Mario Remy Almeida  wrote:
> Hi All,
>
> Dose anyone has a patch for qmail-ldap to block attachments on per user
> basis?
>
> For example:
> us...@example.com is allowed to send emails but us...@example.com is not
> allowed to send emails with attachments.



-- 
> nbari

spf patch

[Nicolas de Bari Embriz Garcia Rojas]

Hi, I am testing this SPF patch,
http://www.qmail-ldap.org/wiki/index.php/SPF_and_SRS

So far everything working well, and blocking tons of spam, when using
spfbehavior set to 3, but now I am have a problem, when the main
server is down and the slave servers queue mail.

When the main server is up and running again, the slaves (secondary
MX) deliver as supposed the mail to the main host but the main host
block the email since the SPF does not match.

so wondering if you guys have found a way of dealing with this, with
out adding on the main server the file spfrules with the IP's of the
secondaries MX servers.

regards.

-- 
> nbari

Re: smtpauth - qmail-ldap with samba4

[Nicolas de Bari Embriz Garcia Rojas]

Hi, check that your /var/qmail/control/qmail-smtpd.rules have something like

:allow,SMTPAUTH=""



On Fri, Mar 30, 2012 at 12:10 AM, Bob Miller  wrote:
> greetings
>
> I have been trying to get qmail-ldap to work with samba4's Active
> Directory implementation.  It seems that all parts are working with the
> exception of smtpauth.
>
> WHAT WORKS: When I send a mail to the system, it successfully verifies
> if a user exists and denies if the user doesn't exist.  qmail-ldaplookup
> -m/-u both run without error and report what I would expect to see.
> When I set samba4 into a debug mode, I can see the ldb query coming
> through in the logs.  In fairness, those logs do not report success or
> failure of the lookup, or the values returned, but the fact that things
> work indicate the ldap communication to samba4 was a success.  I also
> take these successes to mean my ~controls/ldap* files are set up
> correctly.  I can also use ldbsearch to verify my user/pass info is
> correct.
>
> SMTPAUTH: I have compiled with TLS and enabled SMTPAUTH="TLSREQUIRED", I
> can verify the encryption is working because when I rename the cert, I
> get an error in qmail's logs when it is not working (presumably thanks
> to TLSDEBUG).  I gather from what I have read that that is all I need to
> do.  There were mentions in the life with qmail-ldap that some extra
> arguments are required in the run script, but I found some mailing list
> post that says that is not required.
>
> BROKEN:When I try to send a authenticated mail using thunderbird, I see
> the following in qmail logs:
>
> auth login
> authentication failed: authentication failure
>
> However, the samba4 logs continue to indicate a valid search query is
> being made.  When I base64-encode my user/pass and use telnet to test
> the smtp connection, I get the exact same symptoms as using thunderbird;
> the samba4 logs indicate a good search string and the qmail logs say
> authentication failure.
>
> TRIED: I have scoured the mailing lists, there are those who say active
> directory works out of the box just by modifying qmail-ldap.h, there are
> those who say you need to modify qldap.c and/or qmail-ldaplookup.c in
> order to account for userAccountControl.  Over the last days, I have
> tried any patches/suggestions that could apply to samba4 (as opposed to
> windows server), but not one of them has solved this problem.
>
> In the interest of not making this a novel nobody wants to read, I will
> leave out the remaining details on what I have done and which articles I
> have referenced, but I can make that info available.
>
> If anyone can get me pointed in the right direction, I would truly
> appreciate it...
>
> --
> Bob Miller
> 867-334-7117 / 867-633-3760
> http://computerisms.ca
> b...@computerisms.ca
> Network, Internet, Server,
> and Open Source Solutions
>



-- 
> nbari

Re: Re: qmail-ldaplookup: fatal: qldap_filter: unspecified error

[Nicolas de Bari Embriz Garcia Rojas]

Forget this 'patch/modification' bellow, it will just crash
ldapcluster forwarding

On Sat, Mar 17, 2012 at 12:05 AM, Nicolas de Bari Embriz Garcia Rojas
 wrote:
> Hi, thanks for the reply, I applied the patch and it is working now.
>
> Changing a little the topic, I modified  qmail-qmqpc.c  for supporting
> multiple qmpqc servers ( one server per line in DIR/qmqpservers/0),
> but would like to know your feed back about it.
>
> the patch: 
> http://qmail-ldap-smtpauthuser.googlecode.com/svn/trunk/qmail-qmqpc-servers_on_cmd_line.c
>
> Original:
> ---
>  if ( argv[1] ) {
>    char temp[IPFMT];
>    if (!stralloc_copys(&servers,argv[1])) nomem();
>    dns_init(0);
>    switch (dns_ip(&ia,&servers)) {
>      case DNS_HARD: die_perm();
>      case DNS_SOFT: die_temp();
>      case DNS_MEM: nomem();
>    }
>
>    temp[ip_fmt(temp,&ia.ix[0].ip)]=0;
>    if (!stralloc_copys(&servers, temp)) nomem();
>    if (!stralloc_0(&servers)) nomem();
>  }
> ---
>
> Replaced with this:
>
> ---
>  if ( argv[1] ) {
>    getmess();
>    i = 1;
>    while (argv[i])
>      doit(argv[i++]);
>  }
> ---
>
> thanks in advance.
>
>
> On Fri, Mar 16, 2012 at 10:39 PM, Claudio Jeker  wrote:
>> On Fri, Mar 16, 2012 at 08:26:55PM +, Nicolas de Bari Embriz Garcia 
>> Rojas wrote:
>>> I think I have found the problem. but need some help fixing the code
>>>
>>> For some reason the qldap-filter.c is not adding the
>>> /var/qmail/control/ldapobjectclass
>>>
>>
>> ... thanks for the detailed report. I was able to verify it and the
>> attached diff should fix this problem.
>>
>> --
>> :wq Claudio
>>
>> Index: qldap-filter.c
>> ===
>> RCS file: /home/cvs-djbware/CVS/qmail-ldap/qldap-filter.c,v
>> retrieving revision 1.10
>> diff -u -p -r1.10 qldap-filter.c
>> --- qldap-filter.c      10 Nov 2009 22:46:06 -      1.10
>> +++ qldap-filter.c      16 Mar 2012 23:37:23 -
>> @@ -107,7 +107,7 @@ filter_uid(char *uid)
>>                return 0;
>>
>>        if (!filter_start(&filter)  ||
>> -           !stralloc_copys(&filter,"(") ||
>> +           !stralloc_cats(&filter,"(") ||
>>            !stralloc_cats(&filter, LDAP_UID) ||
>>            !stralloc_cats(&filter, "=") ||
>>            !filter_escape(&filter, uid, str_len(uid)) ||
>> @@ -179,7 +179,6 @@ filter_mail(char *mail, int *done)
>>                }
>>                extcnt--;
>>  #else
>> -#error XXX XXX
>>                /* basic qmail-ldap behavior test for usern...@domain.com and
>>                   catch...@domain.com */
>>                ext = 0;
>> @@ -193,7 +192,7 @@ filter_mail(char *mail, int *done)
>>                        /* build the search string for the email address */
>>                        /* mail address */
>>                        if (!filter_start(&filter) ||
>> -                           !stralloc_copys(&filter, "(|(") ||
>> +                           !stralloc_cats(&filter, "(|(") ||
>>                            !stralloc_cats(&filter, LDAP_MAIL) ||
>>                            !stralloc_cats(&filter, "="))
>>                                return 0;
>> Index: qmail-ldaplookup.c
>> ===
>> RCS file: /home/cvs-djbware/CVS/qmail-ldap/qmail-ldaplookup.c,v
>> retrieving revision 1.39
>> diff -u -p -r1.39 qmail-ldaplookup.c
>> --- qmail-ldaplookup.c  10 Nov 2009 22:43:06 -      1.39
>> +++ qmail-ldaplookup.c  16 Mar 2012 23:37:23 -
>> @@ -223,12 +223,12 @@ int main(int argc, char **argv)
>>                switch (mode) {
>>                case mail:
>>                        f = filter_mail(value, &done);
>> -                       if (value == 0)
>> +                       if (f == 0)
>>                                strerr_die2sys(1, FATAL, "building filter: ");
>>                        break;
>>                case uid:
>>                        f = filter_uid(value);
>> -                       if (value == 0)
>> +                       if (f == 0)
>>                                strerr_die2sys(1, FATAL, "building filter: ");
>>                        done = 1;
>>                        break;
>
>
>
> --
>> nbari



-- 
> nbari

Re: Re: qmail-ldaplookup: fatal: qldap_filter: unspecified error

[Nicolas de Bari Embriz Garcia Rojas]

Hi, thanks for the reply, I applied the patch and it is working now.

Changing a little the topic, I modified  qmail-qmqpc.c  for supporting
multiple qmpqc servers ( one server per line in DIR/qmqpservers/0),
but would like to know your feed back about it.

the patch: 
http://qmail-ldap-smtpauthuser.googlecode.com/svn/trunk/qmail-qmqpc-servers_on_cmd_line.c

Original:
---
  if ( argv[1] ) {
char temp[IPFMT];
if (!stralloc_copys(&servers,argv[1])) nomem();
dns_init(0);
switch (dns_ip(&ia,&servers)) {
  case DNS_HARD: die_perm();
  case DNS_SOFT: die_temp();
  case DNS_MEM: nomem();
}

temp[ip_fmt(temp,&ia.ix[0].ip)]=0;
if (!stralloc_copys(&servers, temp)) nomem();
if (!stralloc_0(&servers)) nomem();
  }
---

Replaced with this:

---
  if ( argv[1] ) {
getmess();
i = 1;
while (argv[i])
  doit(argv[i++]);
  }
---

thanks in advance.


On Fri, Mar 16, 2012 at 10:39 PM, Claudio Jeker  wrote:
> On Fri, Mar 16, 2012 at 08:26:55PM +0000, Nicolas de Bari Embriz Garcia Rojas 
> wrote:
>> I think I have found the problem. but need some help fixing the code
>>
>> For some reason the qldap-filter.c is not adding the
>> /var/qmail/control/ldapobjectclass
>>
>
> ... thanks for the detailed report. I was able to verify it and the
> attached diff should fix this problem.
>
> --
> :wq Claudio
>
> Index: qldap-filter.c
> ===
> RCS file: /home/cvs-djbware/CVS/qmail-ldap/qldap-filter.c,v
> retrieving revision 1.10
> diff -u -p -r1.10 qldap-filter.c
> --- qldap-filter.c      10 Nov 2009 22:46:06 -      1.10
> +++ qldap-filter.c      16 Mar 2012 23:37:23 -
> @@ -107,7 +107,7 @@ filter_uid(char *uid)
>                return 0;
>
>        if (!filter_start(&filter)  ||
> -           !stralloc_copys(&filter,"(") ||
> +           !stralloc_cats(&filter,"(") ||
>            !stralloc_cats(&filter, LDAP_UID) ||
>            !stralloc_cats(&filter, "=") ||
>            !filter_escape(&filter, uid, str_len(uid)) ||
> @@ -179,7 +179,6 @@ filter_mail(char *mail, int *done)
>                }
>                extcnt--;
>  #else
> -#error XXX XXX
>                /* basic qmail-ldap behavior test for usern...@domain.com and
>                   catch...@domain.com */
>                ext = 0;
> @@ -193,7 +192,7 @@ filter_mail(char *mail, int *done)
>                        /* build the search string for the email address */
>                        /* mail address */
>                        if (!filter_start(&filter) ||
> -                           !stralloc_copys(&filter, "(|(") ||
> +                           !stralloc_cats(&filter, "(|(") ||
>                            !stralloc_cats(&filter, LDAP_MAIL) ||
>                            !stralloc_cats(&filter, "="))
>                                return 0;
> Index: qmail-ldaplookup.c
> ===
> RCS file: /home/cvs-djbware/CVS/qmail-ldap/qmail-ldaplookup.c,v
> retrieving revision 1.39
> diff -u -p -r1.39 qmail-ldaplookup.c
> --- qmail-ldaplookup.c  10 Nov 2009 22:43:06 -      1.39
> +++ qmail-ldaplookup.c  16 Mar 2012 23:37:23 -
> @@ -223,12 +223,12 @@ int main(int argc, char **argv)
>                switch (mode) {
>                case mail:
>                        f = filter_mail(value, &done);
> -                       if (value == 0)
> +                       if (f == 0)
>                                strerr_die2sys(1, FATAL, "building filter: ");
>                        break;
>                case uid:
>                        f = filter_uid(value);
> -                       if (value == 0)
> +                       if (f == 0)
>                                strerr_die2sys(1, FATAL, "building filter: ");
>                        done = 1;
>                        break;



-- 
> nbari

Re: Re: qmail-ldaplookup: fatal: qldap_filter: unspecified error

[Nicolas de Bari Embriz Garcia Rojas]

I think I have found the problem. but need some help fixing the code

For some reason the qldap-filter.c is not adding the
/var/qmail/control/ldapobjectclass

There is a method call 'filter_objectclass' on version
qmail-ldap-1.03-20060201.patch the one is called after filtering by
(uid/mail) and properly builds the ldap query.

but on version qmail-ldap-1.03-20120221.patch

The filter_objectclass has been replaced with this one:

int
filter_start(stralloc *filter)
{
  if (!stralloc_copys(filter, ""))
return 0;
  if (objectclass.s != (char *)0 && objectclass.len != 0) {
/* (&(objectclass=...)%searchfilter%) */
if (!stralloc_copys(filter, "(&(") ||
!stralloc_cats(filter, LDAP_OBJECTCLASS) ||
!stralloc_cats(filter, "=") ||
!stralloc_cat(filter, &objectclass) ||
!stralloc_cats(filter, ")"))
  return 0;
  }
  return 1;
}

But for an unknown reason it is not  appending  the : /*
(&(objectclass=...)%searchfilter%) */ in my case
(&(objectClass=qmailUser) that is why I am getting:

qmail-ldaplookup: fatal: qldap_filter: unspecified error

since the ldap query is malformed :
Searching ldap for:
(|(mail=t...@ejemplo.org)(mailAlternateAddress=t...@ejemplo.org)))

The correct query (using /var/qmail/control/ldapobjectclass) should be
something like:

(&(objectClass=qmailUser)(|(mail=t...@ejemplo.org)(mailAlternateAddress=t...@ejemplo.org)))




On Fri, Mar 16, 2012 at 6:21 PM, Nicolas de Bari Embriz Garcia Rojas
 wrote:
> There is something else missing, I am sure, that it is not an issue
> with the ldap entries. this is the full ldap I am using for testing,
> as you can notice it as only 1 user:
>
> ---
> dn: dc=lab,dc=inbox,dc=im
> dc: lab
> objectClass: top
> objectClass: domain
> objectClass: domainRelatedObject
> associatedDomain: lab.inbox.im
>
> dn: ou=vusers,dc=lab,dc=inbox,dc=im
> objectClass: top
> objectClass: organizationalUnit
> ou: vusers
> description: vusers
> structuralObjectClass: organizationalUnit
>
> dn: ou=ejemplo.org,ou=vusers,dc=lab,dc=inbox,dc=im
> objectClass: top
> objectClass: organizationalUnit
> ou: ejemplo.org
> description: ejemplo.org
> structuralObjectClass: organizationalUnit
>
> dn: uid=t...@ejemplo.org,ou=ejemplo.org,ou=vusers,dc=lab,dc=inbox,dc=im
> objectClass: top
> objectClass: person
> objectClass: iimOrgPerson
> objectClass: qmailUser
> uid: t...@ejemplo.org
> cn: test
> sn: test
> mail: t...@ejemplo.org
> mailMessageStore: ejemplo.org/test
> accountStatus: active
> smtpThrottle: 7
> mailQuotaSize: 2147483648
> mailQuotaCount: 0
> ---
>
> the only "Found 4 entries" that I see when running ./qmail-ldaplookup
> -m test are
> uid: t...@ejemplo.org
> cn: test
> sn: test
> mail: t...@ejemplo.org
>
> when running ./qmail-ldaplookup -m t...@ejemplo.org (the right way
> full email with @) on versions qmail-ldap-1.03-20060201.patch works
> fine, by returning the ldiff  but  on qmail-ldap-1.03-20120221.patch
> Id does not returns nothing.
>
> If the ldifs where wrong, the qmail-ldaplooup would fail also with
> versions < qmail-ldap-1.03-20120221.patch
>
> regards.
>
>
> On Fri, Mar 16, 2012 at 5:53 PM,   wrote:
>> Hi
>> -- orijinal mesaj --
>>>Found 4 entries:
>>>Uh-oh: multiple entries found but should >be unique!
>>
>> I think something wrong with your ldap records. This error occurs usually 
>> when you define the same mail/mailalternate address for the different user.
>> Please check your ldap entries.
>> -ismail
>> On Fri, Mar 16, 2012 at 3:26 PM, Ismail YENIGUL
>>  wrote:
>>> Hi Nicolas,
>>>
>>> I am also using  qmail-ldap-1.03-20120221.patch without extra patch (just
>>> small fix about auth_dovecot sent by Claudio)
>>> It does not report any error for qmail-ldaplookup.  Are you applying
>>> domainalias patch to qmail-ldap-1.03-20120221.patch?
>>> This patch is already exist in qmail-ldap-1.03-20120221.patch
>>>
>>> Can you please do following and tell the result:
>>>
>>> 1. Apply only qmail-ldap-1.03-20120221.patch and just type make without
>>> setup check
>>> 2. run ./qmail-ldaplookup -m  test
>>>
>>>
>>>
>>>
>>> Ismail YENIGUL
>>> Team Leader / Takım Lideri
>>> SurGATE Labs
>>> Phone :+90 216-4709423 | Mobile:+90 533 747 36 65
>>> SurGATE: West Coast Labs Premium Anti-Spam Certificated
>>> Twitter: http://www.twitter.com/surgate
>>> Blog: http://www.surgate.com/blog
>>>
>>> On 16.03.2012 17:15, Nicolas de Bari Embriz Garcia Rojas wrote:
>

Re: Re: qmail-ldaplookup: fatal: qldap_filter: unspecified error

[Nicolas de Bari Embriz Garcia Rojas]

There is something else missing, I am sure, that it is not an issue
with the ldap entries. this is the full ldap I am using for testing,
as you can notice it as only 1 user:

---
dn: dc=lab,dc=inbox,dc=im
dc: lab
objectClass: top
objectClass: domain
objectClass: domainRelatedObject
associatedDomain: lab.inbox.im

dn: ou=vusers,dc=lab,dc=inbox,dc=im
objectClass: top
objectClass: organizationalUnit
ou: vusers
description: vusers
structuralObjectClass: organizationalUnit

dn: ou=ejemplo.org,ou=vusers,dc=lab,dc=inbox,dc=im
objectClass: top
objectClass: organizationalUnit
ou: ejemplo.org
description: ejemplo.org
structuralObjectClass: organizationalUnit

dn: uid=t...@ejemplo.org,ou=ejemplo.org,ou=vusers,dc=lab,dc=inbox,dc=im
objectClass: top
objectClass: person
objectClass: iimOrgPerson
objectClass: qmailUser
uid: t...@ejemplo.org
cn: test
sn: test
mail: t...@ejemplo.org
mailMessageStore: ejemplo.org/test
accountStatus: active
smtpThrottle: 7
mailQuotaSize: 2147483648
mailQuotaCount: 0
---

the only "Found 4 entries" that I see when running ./qmail-ldaplookup
-m test are
uid: t...@ejemplo.org
cn: test
sn: test
mail: t...@ejemplo.org

when running ./qmail-ldaplookup -m t...@ejemplo.org (the right way
full email with @) on versions qmail-ldap-1.03-20060201.patch works
fine, by returning the ldiff  but  on qmail-ldap-1.03-20120221.patch
Id does not returns nothing.

If the ldifs where wrong, the qmail-ldaplooup would fail also with
versions < qmail-ldap-1.03-20120221.patch

regards.


On Fri, Mar 16, 2012 at 5:53 PM,   wrote:
> Hi
> -- orijinal mesaj --
>>Found 4 entries:
>>Uh-oh: multiple entries found but should >be unique!
>
> I think something wrong with your ldap records. This error occurs usually 
> when you define the same mail/mailalternate address for the different user.
> Please check your ldap entries.
> -ismail
> On Fri, Mar 16, 2012 at 3:26 PM, Ismail YENIGUL
>  wrote:
>> Hi Nicolas,
>>
>> I am also using  qmail-ldap-1.03-20120221.patch without extra patch (just
>> small fix about auth_dovecot sent by Claudio)
>> It does not report any error for qmail-ldaplookup.  Are you applying
>> domainalias patch to qmail-ldap-1.03-20120221.patch?
>> This patch is already exist in qmail-ldap-1.03-20120221.patch
>>
>> Can you please do following and tell the result:
>>
>> 1. Apply only qmail-ldap-1.03-20120221.patch and just type make without
>> setup check
>> 2. run ./qmail-ldaplookup -m  test
>>
>>
>>
>>
>> Ismail YENIGUL
>> Team Leader / Takım Lideri
>> SurGATE Labs
>> Phone :+90 216-4709423 | Mobile:+90 533 747 36 65
>> SurGATE: West Coast Labs Premium Anti-Spam Certificated
>> Twitter: http://www.twitter.com/surgate
>> Blog: http://www.surgate.com/blog
>>
>> On 16.03.2012 17:15, Nicolas de Bari Embriz Garcia Rojas wrote:
>>>
>>> Hi, sorry for the confusion, I mean qmail-ldap-1.03-20120221.patch.
>>>
>>> Also I do not think it is an issue with the control/ldap settings
>>> since with the past versions<  20120221 the qmail-ldaplookup  works
>>> fine, I think something is missing/broken on qldap-filter.c.
>>>
>>> What I am doing for testing (FreeBSD 9 amd64) is compiling the base of
>>> qmail-ldap-1.03-20060201.patch plus this patches:
>>>
>>> domain alias
>>> http://kristof.bajnok.hu/qmail/qldap-domainalias.patch (domain alias)
>>>
>>> multiple qmqpc servers (for ezml lists)
>>>
>>> http://code.google.com/p/qmail-ldap-smtpauthuser/source/browse/trunk/qmail-qmqpc-servers_on_cmd_line.c
>>>
>>> SRS support
>>>
>>> http://code.google.com/p/qmail-ldap-smtpauthuser/source/browse/trunk/qmail-ldap-1.03-20060201-SRS.patch
>>>
>>> my conf-cc looks like this:
>>> cc -O2 -pipe -DLDAP_DEPRECATED -fno-strict-aliasing
>>>
>>> and conf-ld
>>> cc -s  -rpath=/usr/lib:/usr/local/lib
>>>
>>> So far, version qmail-ldap-1.03-20060201 works fine with all this
>>> patches, but now when trying to 'upgrade'/compile/test  version
>>> qmail-ldap-1.03-20120221.patch using/sharing the same
>>> /var/qmail/control, qmail-ldaplookup does not work.
>>>
>>> Using only qmail-ldap-1.03-20120221.patch (no extra patches) compiles
>>> fine but qmail-ldaplook fails again, doing a little debug/diff between
>>> versions (2012 vs 2006)  I notice that qldap-filter.c on version 2012
>>> change considerable and this is because the implementation of the
>>> 'domainalias'  patch:
>>>
>>> http://kristof.bajnok.hu/qmail/qldap-domainalias.patch
>>>
>>> I think that 

Re: qmail-ldaplookup: fatal: qldap_filter: unspecified error

[Nicolas de Bari Embriz Garcia Rojas]

Hi,  I am not applying the domain alias patch, I am only using
qmail-ldap-1.03-20120221.patch (no extra patches) that is why I
mention that I think the problem is with qldap-filter.c or either
qmail-ldap in the way the 'domain alias' patch was applied on this
release to support domain aliasing.

On freebsd qbiff/auth_dovecot cause problems, in the middle time I
will disable them, since I currently don't have the fix that Claudio
post earlier.

After compiling, just using (make) and running ./qmail-ldaplookup -m
test I got this:

Searching ldap for: (null pointer)
under dn: ou=vusers,dc=inbox,dc=im
Found 4 entries:
Uh-oh: multiple entries found but should be unique!

dn: ou=vusers,dc=inbox,dc=im
---
objectClass: top
objectClass: organizationalUnit
qmail-ldaplookup: fatal: qldap_get_attr(mail): no such object

And when using  ./qmail-ldaplookup -m t...@ejemplo.org

Searching ldap for:
(|(mail=t...@ejemplo.org)(mailAlternateAddress=t...@ejemplo.org)))
under dn: ou=vusers,dc=inbox,dc=im
qmail-ldaplookup: fatal: qldap_filter: unspecified error


any ideas?

Another test that I did was to use the same qmail-ldaplookup.c  (of
version qmail-ldap-1.03-20060201.patch ) replacing the "new" version
of qmail-ldap-1.03-20120221.patch but got the same results.

regards.



On Fri, Mar 16, 2012 at 3:26 PM, Ismail YENIGUL
 wrote:
> Hi Nicolas,
>
> I am also using  qmail-ldap-1.03-20120221.patch without extra patch (just
> small fix about auth_dovecot sent by Claudio)
> It does not report any error for qmail-ldaplookup.  Are you applying
> domainalias patch to qmail-ldap-1.03-20120221.patch?
> This patch is already exist in qmail-ldap-1.03-20120221.patch
>
> Can you please do following and tell the result:
>
> 1. Apply only qmail-ldap-1.03-20120221.patch and just type make without
> setup check
> 2. run ./qmail-ldaplookup -m  test
>
>
>
>
> Ismail YENIGUL
> Team Leader / Takım Lideri
> SurGATE Labs
> Phone :+90 216-4709423 | Mobile:+90 533 747 36 65
> SurGATE: West Coast Labs Premium Anti-Spam Certificated
> Twitter: http://www.twitter.com/surgate
> Blog: http://www.surgate.com/blog
>
> On 16.03.2012 17:15, Nicolas de Bari Embriz Garcia Rojas wrote:
>>
>> Hi, sorry for the confusion, I mean qmail-ldap-1.03-20120221.patch.
>>
>> Also I do not think it is an issue with the control/ldap settings
>> since with the past versions<  20120221 the qmail-ldaplookup  works
>> fine, I think something is missing/broken on qldap-filter.c.
>>
>> What I am doing for testing (FreeBSD 9 amd64) is compiling the base of
>> qmail-ldap-1.03-20060201.patch plus this patches:
>>
>> domain alias
>> http://kristof.bajnok.hu/qmail/qldap-domainalias.patch (domain alias)
>>
>> multiple qmqpc servers (for ezml lists)
>>
>> http://code.google.com/p/qmail-ldap-smtpauthuser/source/browse/trunk/qmail-qmqpc-servers_on_cmd_line.c
>>
>> SRS support
>>
>> http://code.google.com/p/qmail-ldap-smtpauthuser/source/browse/trunk/qmail-ldap-1.03-20060201-SRS.patch
>>
>> my conf-cc looks like this:
>> cc -O2 -pipe -DLDAP_DEPRECATED -fno-strict-aliasing
>>
>> and conf-ld
>> cc -s  -rpath=/usr/lib:/usr/local/lib
>>
>> So far, version qmail-ldap-1.03-20060201 works fine with all this
>> patches, but now when trying to 'upgrade'/compile/test  version
>> qmail-ldap-1.03-20120221.patch using/sharing the same
>> /var/qmail/control, qmail-ldaplookup does not work.
>>
>> Using only qmail-ldap-1.03-20120221.patch (no extra patches) compiles
>> fine but qmail-ldaplook fails again, doing a little debug/diff between
>> versions (2012 vs 2006)  I notice that qldap-filter.c on version 2012
>> change considerable and this is because the implementation of the
>> 'domainalias'  patch:
>>
>> http://kristof.bajnok.hu/qmail/qldap-domainalias.patch
>>
>> I think that the implementation of the domain alias patch to the core
>> (for avoiding the -DDOMAIN_ALIAS) on version
>> qmail-ldap-1.03-20120221.patch is causing problems.
>>
>> The ldiff that I use is something like:
>>
>> dn: uid=t...@ejemplo.org,ou=ejemplo.org,ou=vusers,dc=inbox,dc=im
>> objectClass: top
>> objectClass: person
>> objectClass: inetOrgPerson
>> objectClass: qmailUser
>> uid: t...@ejemplo.org
>> cn: test
>> sn: test
>> mail: t...@ejemplo.org
>> mailMessageStore: ejemplo.org/test
>> accountStatus: active
>> smtpThrottle: 7
>> mailQuotaSize: 2147483648
>> userPassword: {SSHA}bRfoHmTRZTXyVywVdunoncu9jWWx32G2
>> mailQuotaCount: 0
>>
>>
>> PS. On either version qmail-ldap-1

Re: qmail-ldaplookup: fatal: qldap_filter: unspecified error

[Nicolas de Bari Embriz Garcia Rojas]

Hi, sorry for the confusion, I mean qmail-ldap-1.03-20120221.patch.

Also I do not think it is an issue with the control/ldap settings
since with the past versions < 20120221 the qmail-ldaplookup  works
fine, I think something is missing/broken on qldap-filter.c.

What I am doing for testing (FreeBSD 9 amd64) is compiling the base of
qmail-ldap-1.03-20060201.patch plus this patches:

domain alias
http://kristof.bajnok.hu/qmail/qldap-domainalias.patch (domain alias)

multiple qmqpc servers (for ezml lists)
http://code.google.com/p/qmail-ldap-smtpauthuser/source/browse/trunk/qmail-qmqpc-servers_on_cmd_line.c

SRS support
http://code.google.com/p/qmail-ldap-smtpauthuser/source/browse/trunk/qmail-ldap-1.03-20060201-SRS.patch

my conf-cc looks like this:
cc -O2 -pipe -DLDAP_DEPRECATED -fno-strict-aliasing

and conf-ld
cc -s  -rpath=/usr/lib:/usr/local/lib

So far, version qmail-ldap-1.03-20060201 works fine with all this
patches, but now when trying to 'upgrade'/compile/test  version
qmail-ldap-1.03-20120221.patch using/sharing the same
/var/qmail/control, qmail-ldaplookup does not work.

Using only qmail-ldap-1.03-20120221.patch (no extra patches) compiles
fine but qmail-ldaplook fails again, doing a little debug/diff between
versions (2012 vs 2006)  I notice that qldap-filter.c on version 2012
change considerable and this is because the implementation of the
'domainalias'  patch:

http://kristof.bajnok.hu/qmail/qldap-domainalias.patch

I think that the implementation of the domain alias patch to the core
(for avoiding the -DDOMAIN_ALIAS) on version
qmail-ldap-1.03-20120221.patch is causing problems.

The ldiff that I use is something like:

dn: uid=t...@ejemplo.org,ou=ejemplo.org,ou=vusers,dc=inbox,dc=im
objectClass: top
objectClass: person
objectClass: inetOrgPerson
objectClass: qmailUser
uid: t...@ejemplo.org
cn: test
sn: test
mail: t...@ejemplo.org
mailMessageStore: ejemplo.org/test
accountStatus: active
smtpThrottle: 7
mailQuotaSize: 2147483648
userPassword: {SSHA}bRfoHmTRZTXyVywVdunoncu9jWWx32G2
mailQuotaCount: 0


PS. On either version qmail-ldap-1.03-20120221.patch or
qmail-ldap-1.03-20060201-SRS.patch I edit the Makefile and modify the
auto_uids.c with something like this:

auto_uids.c:
  mv auto_uids.c.tmp auto_uids.c

where auto_uids.c has this:

/* These values are hard-coded here, which looks bad until you *
 * realise that they're hard-coded in ${PORTSDIR}/?IDs anyway. */
/* $FreeBSD: ports/mail/qmail/files/patch-auto_uids-c-dist,v 1.1
2011/07/18 20:55:29 garga Exp $ */
int auto_uida = 81;
int auto_uidd = 82;
int auto_uidl = 83;
int auto_uido = 0;
int auto_uidp = 84;
int auto_uidq = 85;
int auto_uidr = 86;
int auto_uids = 87;
int auto_gidq = 82;
int auto_gidn = 81;


On Fri, Mar 16, 2012 at 2:05 PM, Ismail YENIGUL
 wrote:
> Hi Nicolas,
>
> First of all new patch is qmail-ldap-1.03-20120221.patch not
> qmail-ldap-1.03-20060201.patch
> I compiled both patch on FreeBSD & Linux without any problem.
> Can you please post here exact output and ldap ldiff about
> dom...@ejemplo.org
> Did you verify that control/ldap* settings are correct?
>
>
> Thanks
>
> Ismail YENIGUL
> Team Leader / Takım Lideri
> SurGATE Labs
> Phone :+90 216-4709423 | Mobile:+90 533 747 36 65
> SurGATE: West Coast Labs Premium Anti-Spam Certificated
> Twitter: http://www.twitter.com/surgate
> Blog: http://www.surgate.com/blog
>
>
> On 15.03.2012 15:41, Nicolas de Bari Embriz Garcia Rojas wrote:
>>
>> Hi, after compiling qmail with the new patch qmail-ldap-1.03-20060201,
>> (freebsd) something seems to be broken on qldap-filter.c
>>
>> when trying to run /var/qmail/bin/qmail-ldaplookup -m dom...@ejemplo.org
>>
>> I get qmail-ldaplookup: fatal: qldap_filter: unspecified error
>>
>> Any idea of how to fix this?
>>
>> regards.
>>
>>
>>
>



-- 
> nbari

qmail-ldaplookup: fatal: qldap_filter: unspecified error

[Nicolas de Bari Embriz Garcia Rojas]

Hi, after compiling qmail with the new patch qmail-ldap-1.03-20060201,
(freebsd) something seems to be broken on qldap-filter.c

when trying to run /var/qmail/bin/qmail-ldaplookup -m dom...@ejemplo.org

I get qmail-ldaplookup: fatal: qldap_filter: unspecified error

Any idea of how to fix this?

regards.



-- 
> nbari

Re: qmail-ldap-1.03-20120221.patch

[Nicolas de Bari Embriz Garcia Rojas]

Hi all,  I have made some patches but wondering if there are any plans
to include them on the latest version the patch or if they are already
included.

2 of the patches are here:
http://code.google.com/p/qmail-ldap-smtpauthuser/wiki/SETUP   (SRS and
smtpauthuser environment var)

and the third one is here:

http://www.freebsd.org/cgi/query-pr.cgi?pr=165277 or
http://qmail-ldap-smtpauthuser.googlecode.com/svn/trunk/qmail-qmqpc-servers_on_cmd_line.c

this one is for allowing ezmlm list to use multiple servers when using
qmqpservers

regards.



On Fri, Feb 24, 2012 at 4:15 PM, Claudio Jeker  wrote:
> Can you send me the exact Makefile definitions you used to build?
> I will see that we can fix this...
>
> On Fri, Feb 24, 2012 at 02:49:41PM +0200, Ismail YENIGUL wrote:
>> Hello,
>>
>> It seems that there is a progress in qmail-ldap project. The latest
>> patch is 20120221 at http://www.nrg4u.com.
>> I tried but failed to compile with the following errors:
>>
>> qldap-filter.c: In function ā??filter_mailā??:
>> qldap-filter.c:147: warning: assignment discards qualifiers from
>> pointer target type
>> qldap-filter.c:182:2: error: #error XXX XXX
>> make: *** [qldap-filter.o] Error 1
>> and
>> auth_dovecot.o: In function `auth_init':
>> auth_dovecot.c:(.text+0x228): undefined reference to `loglevel'
>> auth_dovecot.c:(.text+0x234): undefined reference to `loglevel'
>> collect2: ld returned 1 exit status
>> make: *** [auth_dovecot] Error 1
>>
>> diff -ruN qmail-ldap.orig/auth_dovecot.c qmail-ldap.new/auth_dovecot.c
>> --- qmail-ldap.orig/auth_dovecot.c 2012-02-24 14:43:41.615196114 +0200
>> +++ qmail-ldap.new/auth_dovecot.c 2012-02-24 14:31:59.668186556 +0200
>> @@ -127,7 +127,7 @@
>> void
>> auth_init(int argc, char **argv, stralloc *login, stralloc *authdata)
>> {
>> - extern unsigned long loglevel;
>> + unsigned long loglevel;
>
> I think this is wrong. loglevel should be a global variable defined
> somewhere, seems it is not included.
>
>> char *l, *p;
>> unsigned int uplen, u;
>> int n, opt;
>>
>> The following changes let me to compile on Centos 6
>> diff -ruN qmail-ldap.orig/qldap-filter.c qmail-ldap.new/qldap-filter.c
>> --- qmail-ldap.orig/qldap-filter.c 2012-02-24 14:43:41.682431376 +0200
>> +++ qmail-ldap.new/qldap-filter.c 2012-02-24 14:30:19.985209641 +0200
>> @@ -179,8 +179,8 @@
>> }
>> extcnt--;
>> #else
>> -#error XXX XXX
>> /* basic qmail-ldap behavior test for usern...@domain.com and
>> +#error XXX XXX
>> catch...@domain.com */
>> ext = 0;
>> extcnt = 0;
>
> Not sure what this is, will investigate.
>
>>
>> Best regards.
>>
>> --
>> Ismail YENIGUL
>> Project Manager
>>
>> Endersys is the 17th fastest growing company of Turkey
>> Phone :+90 216-4709423 | Mobile:+90 533 747 36 65
>> SurGATE: West Coast Labs Premium Anti-Spam Certificated
>> Twitter: http://www.twitter.com/endersys
>> Blog: http://blog.endersys.com
>
> --
> :wq Claudio

Re: Serving one domain on multiple servers

[Nicolas de Bari Embriz Garcia Rojas]

Hi, enable ldap-cluster and QMQP (mainly used in clusters) later your
schema could just be something like:

mail: u...@domain.tld
mailMessageStore: /yuour/path/u/s/e/user
mailHost: mail1.domain.tld

That will cover the "incoming" part so that the email will be stored
on the specified "mailHost" server.

regards

On Tue, Nov 15, 2011 at 9:19 PM, Khodayar Doustar  wrote:
> Hi all,
> I'm planning to install lwq with ldap on a distributed mail system,
> separated servers for webmail(roundcube), mail gateway (lwq), directory and
> authentication server (ldap) and mail hubs(lwq), each one on separated
> server(s).
> All is OK with lwq but the fact that I'm going to host just one domain on
> more than on mail hub server, it means that mailboxes of some users will be
> stored in hub1.domain.com server and some other users will be stored in
> hub2.domain.com.
> I just want to know if that's possible, is ldap capable of handling such a
> system? For example could I have such information for users:
> mailname: us...@domain.com
> mailhost: hub1.domain.com
> mailpath: /var/qmail/domains/domain.com/user1
> and
> mailname: us...@domain.com
> mailhost: hub2.domain.com
> mailpath: /var/qmail/domains/domain.com/user2
> and how the user creation will take place? Is that possible to choose
> between servers the user is going to be created on? Or could it be
> distributed between servers?
> Any hint would be greatly appreciated since I couldn't find anything about
> this case on the web.
> Warm regards,
> Khodayar Doustar

Re: Qmail-ldap + dovecot

[Nicolas de Bari Embriz Garcia Rojas]

Hi, I am running dovecot2 under FreeBSD, I had some issues with users
that create imap mailboxes with dots, at the end I solve this with a
namespace and plugging listescape, here my final configuration, hoping
it can help

file /usr/local/etc/dovecot/dovecot.conf
--
base_dir = /var/run/dovecot/

first_valid_uid = 200
last_valid_uid = 200
first_valid_gid = 200
last_valid_gid = 200
mail_uid = 200
mail_gid = 200

syslog_facility = local1
log_path = /var/log/maillog
log_timestamp = %Y-%m-%d %H:%M:%S
debug_log_path = /var/log/dovecot.debug
mail_debug = no
#auth_verbose = yes
#auth_debug = yes
#mail_debug = yes

login_greeting = INBOX.IM

mail_location = maildir:~/Maildir
maildir_very_dirty_syncs = yes
maildir_copy_with_hardlinks = yes
maildir_stat_dirs = no

userdb {
  args = /usr/local/etc/dovecot/dovecot-ldap.conf
  driver = ldap
}

passdb {
  args = /usr/local/etc/dovecot/dovecot-ldap.conf
  driver = ldap
}

protocols = imap pop3

service imap-login {
  service_count = 1
  chroot = login
  inet_listener imap {
address = *
port = 143
  }
  inet_listener imaps {
address = *
port = 993
ssl = yes
  }
}

service pop3-login {
  service_count = 1
  chroot = login
  inet_listener pop3 {
address = *
port = 110
  }
  inet_listener pop3s {
address = *
port = 995
ssl = yes
  }
}

ssl_cert = http://code.google.com/p/qmail-ldap-smtpauthuser/wiki/SETUP?tm=6

regards.



2011/8/30 Nickitas :
> Hi ,
>
>  This configuration seems to work for me .
>
>  Thanx a lot :)
>
>
> On 08/26/2011 04:54 PM, ismail.yeni...@endersys.com wrote:
>>
>> Hi
>>
>> here is my working config.
>> The key part is passdb.
>>
>> # 2.0.13: /usr/local/etc/dovecot/dovecot.conf
>> # OS: Linux 2.6.32-71.el6.x86_64 x86_64 CentOS Linux release 6.0 (Final)
>> auth_debug = yes
>> auth_verbose = yes
>> base_dir = /var/run/dovecot
>> disable_plaintext_auth = no
>> first_valid_gid = 500
>> last_valid_gid = 65000
>> last_valid_uid = 65000
>> listen = *
>> log_path = /var/log/dovecot
>> mail_debug = yes
>> mail_location = maildir:~/Maildir
>> passdb {
>>    args = /var/qmail/bin/auth_dovecot ./Maildir/
>>    driver = checkpassword
>> }
>> plugin {
>>    mail_log_events = delete undelete expunge copy mailbox_delete
>> mailbox_rename
>>    mail_log_fields = uid box msgid from subject
>>    mail_log_group_events =
>>    mechanisms = plain login
>>    quota = maildir
>>    quota_rule = *:storage=1024
>>    quota_rule2 = Trash:storage=1024000
>>    quota_rule3 = SPAM:ignore
>>    trash = /usr/local/etc/dovecot/dovecot-trash.conf
>> }
>> protocols = imap pop3
>> service imap-login {
>>    inet_listener imaps {
>>      port = 993
>>      ssl = yes
>>    }
>>    process_min_avail = 1
>> }
>> service pop3-login {
>>    inet_listener pop3s {
>>      port = 995
>>      ssl = yes
>>    }
>>    process_min_avail = 1
>> }
>> ssl_cert => ssl_cipher_list = ALL
>> ssl_key => userdb {
>>    driver = prefetch
>> }
>> verbose_proctitle = yes
>> verbose_ssl = yes
>> protocol imap {
>>    mail_plugins = quota mail_log notify imap_quota
>>    ssl_cert =>    ssl_key => }
>> protocol pop3 {
>>    mail_plugins = quota mail_log notify
>>    ssl_cert =>    ssl_key => }
>>
>> -sent via mobile device
>>
>> -- orijinal mesaj --
>> Konu: Re: Qmail-ldap + dovecot
>> Kimden: Nickitas
>> Tarih: 26.08.2011 15:19
>>
>> Thank you Russel , I am definitely  gonna try it when I get the chance
>> cause your setup is almost identical to ours :)
>>
>> On 08/26/2011 02:47 PM, Russell Simpkins wrote:
>>>
>>> On 8/26/11 7:12 AM, Nickitas wrote:

 Thanx all for the answers :)

  I added strsalloc.o at both sections in Makefile and it worked ok
 (for the compilation) . I keep getting an error 111 though using this
 method (test pop connection) ..

  I ve also tried the Felipe's implementation , but I can't pass the
 authentication , think there is something that has to do with ldap
 config , will look more in this later ..

 Thank you again :)
>>>
>>> I too use dovecot for imap and simply configure dovecot to auth
>>> against the ldap server. I do not use the patch you listed, I use
>>> stock qmail-1.0.3 with qmail-ldap-1.03-20060201.patch. I use a similar
>>> method to Felipe, configuring dovecot to auth directly against LDAP
>>> and configuring qmail to use auth_smtp. If you can login using qmail,
>>> then there's no reason you shouldn't be able to log in with dovecot,
>>> it may just be a case of making sure you have the correct password
>>> scheme configured for dovecot.
>>>
>>> ## dovecot.conf
>>> protocols = imap imaps
>>> syslog_facility = mail
>>> ssl_cert_file = /etc/httpd/conf/certs/mail.crt
>>> ssl_key_file = /etc/httpd/conf/keys/mail.key
>>> mail_location = maildir:%h
>>> namespace private {
>>>   prefix = INBOX.
>>>   inbox = yes
>>> }
>>> mail_debug = yes
>>> maildir_copy_with_hardlinks = yes
>>> protocol imap {
>>> }
>>> protocol pop3 {
>>> }
>>> protocol lda {
>>>   postmaster_address = postmas...@cttechhos

Re: env SMTPAUTHUSER (possible added to main patch)

[Nicolas de Bari Embriz Garcia Rojas]

Hi, the installation is very simple, a normal qmail-ldap setup with
QMAILQUEUE support. but just before compiling modify the file
qmail-smtpd.c and put this:

env_put2("SMTPAUTHUSER", remoteinfo);

after line 1598

in here:

 case '2':
   flagauthok = 1;
   remoteinfo = line.s;    out(status);
   logline2(2,"authentication success, user ", remoteinfo);
   env_put2("SMTPAUTHUSER", remoteinfo);
   break;  case '4

later just install qmail-qfilter on FreeBSD (/usr/ports/mail/qmail-qfilter)

after that modify your qmail-smtpd.rules and set the QMAILQUEUE to
something like this:

:allow,SMTP550DISCONNECT="Yes",SANITYCHECK="",BLOCKRELAYPROBE="",RETURNMXCHECK="",RCPTCHECK="",SENDERCHECK="",LOGLEVEL="3",REJECTEXEC="",NOBOUNCE="",SMTPAUTH="",NOPBS="",QMAILQUEUE="/var/qmail/bin/qmail-smtpd-filter.sh"

where "/var/qmail/bin/qmail-smtpd-filter.sh" as:
--
#!/bin/sh
exec /usr/local/bin/qmail-qfilter /var/qmail/filter/smtpthrottle.pl
--

and smtpthrottle.pl is:

--
#!/usr/bin/perl
$from = $ENV{SMTPAUTHUSER};
$db_file ='/var/qmail/control/smtpThrottle.db';
##
use DB_File;
tie (%db, 'DB_File', "$db_file", O_CREAT|O_RDWR, 0664, $DB_HASH) ||
die ("Can't open DB File, $!\n");
$cmd ="ldapsearch -h 172.16.13.2 -b
'ou=vusers,dc=pegaso,dc=unixmexico,dc=orgt' -LLL
\"(&(objectclass=qmailuser)(uid=$from))\" smtpThrottle | grep
smtpThrottle | awk '{print \$2}'";chomp($limit =qx!$cmd!);
$today = (localtime(time))[3];
if ($limit eq '') {
  $limit = 10;
}
if($limit == 0) {
  if ($db{$from}) {
    ($day,$msgs) = split(/:/, $db{$from});
    $msgs = $msgs + 1;
    $db{$from} = join(":", $today, $msgs, $limit);
    untie (%db);
    exit 0;
  }
}
if ($db{$from}) {
  ($day,$msgs) = split(/:/, $db{$from});
  if ($msgs <= $limit && $day == $today) {
    $msgs = $msgs + 1;
    $db{$from} = join(":", $day, $msgs, $limit);
    untie (%db);
    exit 0;
  } elsif ($day != $today) {
    $db{$from} = join(":", $today, 2, $limit);
    untie (%db);
    exit 0;
  } else {
    print STDERR "Outgoing mail quota exceeded\n"; exit (31);
  }
} else {
  $db{$from} = join(":", $today, 2, $limit);
}
untie (%db);
--
I also created a query-throttle.pl: (i can see the emails sent by users)
--
#!/usr/bin/perl
$db_file ='/var/qmail/control/smtpThrottle.db';
##
use DB_File;
tie (%db, 'DB_File', "$db_file", O_RDWR, 0640, $DB_HASH) || die
("Can't open DB File, $!\n");
while (($k,$v) = each %db) {
  print "$k -> $v\n"
}
untie (%db);
--
I am not an expert on 'perl' maybe has some bugs but currently working fine.

now you also have to modify your qmail.schema, just add this:

attributetype ( 1.3.6.1.4.1.7914.1.2.1.18 NAME 'smtpThrottle'
  DESC 'The number of message the user is allowed to send'
  EQUALITY integerMatch
  SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

and

objectclass ( 1.3.6.1.4.1.7914.1.2.2.1 NAME 'qmailUser'
DESC 'QMail-LDAP User'
SUP top
AUXILIARY
MUST ( mail )
MAY ( uid $ mailMessageStore $ homeDirectory $ userPassword $
  mailAlternateAddress $ qmailUID $ qmailGID $
  mailHost $ mailForwardingAddress $ deliveryProgramPath $
  qmailDotMode $ deliveryMode $ mailReplyText $
      accountStatus $ qmailAccountPurge $
  mailQuotaSize $ mailQuotaCount $ mailSizeMax $ smtpThrottle ) )


and to your users add this new param:

smtpThrottle: 5 (only sent 5 emails per day)

if you set smtpThrottle: 0 they will have no limit

Thats all, hope this can help some one.



2010/8/16 Felipe Augusto van de Wiel
:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> On 31-07-2010 10:10, Nicolas de Bari Embriz Garcia Rojas wrote:
> [...]
>> this is the filter I am using for doing the smtp throttle currently working
>
> How did you setup your environment to run the script and implement
> the SMTP throttle?
>
> [...]
>> Hope this can help someone.
>
> This seems very nice, perhaps you could add this to the qmail-ldap
> wiki page, including the patch and configuration procedures?
>
> Kind regards,
> - --
> Felipe Augusto van de Wiel 
> Tecnologia da Informação (TI) - Complexo Pequeno Príncipe
> http://www.pequenoprincipe.org.br/    T: +55 41 3310 1747
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.4.10 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iQIcBAEBCgAGBQ

env SMTPAUTHUSER (possible added to main patch)

[Nicolas de Bari Embriz Garcia Rojas]

Hi, after patching I added one line to the qmail-smtpd.c so that I could get
the user that makes the authentication on the environment var, instead of
the 'from user' so I can later use any filter (smtp throttle in my case)
based on the sender.

the file that was edited was the qmail-smtpd.c

and just added this line after patching:  env_put2("SMTPAUTHUSER",
remoteinfo); after line 1598

in here:

 case '2':
   flagauthok = 1;
   remoteinfo = line.s;out(status);
   logline2(2,"authentication success, user ", remoteinfo);
 *  env_put2("SMTPAUTHUSER", remoteinfo);*
   break;  case '4

Maybe this is a tmp solution but if it works do you thing can be added to
the main patch? it wont hurt much and help allot, or is there is a simple
solution for getting this info please let me know.

this is the filter I am using for doing the smtp throttle currently working

-
#!/usr/bin/perl

$from = $ENV{SMTPAUTHUSER};

$db_file ='/var/qmail/control/smtpThrottle.db';

##
use DB_File;
tie (%db, 'DB_File', "$db_file", O_CREAT|O_RDWR, 0664, $DB_HASH) || die
("Can't open DB File, $!\n");

$cmd ="ldapsearch -h 192.168.1.1 -b
'ou=vusers,dc=pegaso,dc=unixmexico,dc=net' -LLL
\"(&(objectclass=qmailuser)(uid=$from))\" smtpThrottle | grep smtpThrottle |
awk '{print \$2}'";
chomp($limit =qx!$cmd!);

# if no smtpTrhottle value found limit default to 10 per day

if (!$limit) {
  $limit = 10;
}

$today = (localtime(time))[3];

if ($db{$from}) {
  ($day,$msgs) = split(/:/, $db{$from});
  if ($msgs <= $limit && $day == $today) {
$msgs = $msgs + 1;
$db{$from} = join(":", $day, $msgs);
exit 0;
  } elsif ($day != $today) {
$db{$from} = join(":", $today, 2);
exit 0;
  } else {
print STDERR "Outgoing mail quota exceeded\n"; exit (31);
  }
} else {
  $db{$from} = join(":", $today, 2);
}

untie (%db);
-

the qmail.scheme has this extra lines:

attributetype ( 1.3.6.1.4.1.7914.1.2.1.18 NAME 'smtpThrottle'
  DESC 'The number of message the user is allowed to send'
  EQUALITY integerMatch
  SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )

...

# Object Class Definitions

objectclass ( 1.3.6.1.4.1.7914.1.2.2.1 NAME 'qmailUser'
  DESC 'QMail-LDAP User'
  SUP top
  AUXILIARY
  MUST ( mail )
  MAY ( uid $ mailMessageStore $ homeDirectory $ userPassword $
mailAlternateAddress $ qmailUID $ qmailGID $
mailHost $ mailForwardingAddress $ deliveryProgramPath $
qmailDotMode $ deliveryMode $ mailReplyText $
accountStatus $ qmailAccountPurge $
mailQuotaSize $ mailQuotaCount $ mailSizeMax $
smtpThrottle $ spamassassin $ AlternateEmailAddress $
YourSecretQuestion $ YourAnswer) )

---

Hope this can help someone.


regards.

how to get the user that authenticates

[Nicolas de Bari Embriz Garcia Rojas]

Hi, I am trying to make a filter so that users can only send for
example 100 emails per day, so far I got something to work but the
problem that I am facing now is that the sender  can change the 'from'
of the email and avoid the 'protection' since is based only on the env
qmailuser and qmailhost, I get the from like this:

$from = $ENV{QMAILUSER};
$from .= "\...@$env{qmailhost}";

and later query ldap for a param that i called 'smtpThrottle',  but I
would like to get the real email of the users that authenticates so i
can exactly throttle the emails sent per authenticated user

On the logs I can see that qmail-smtp with can get the auth user and
from the code i see this 'logline2(2,"authentication success, user ",
remoteinfo);

also i see patch i see this remoteinfo = env_get("TCPREMOTEINFO");

my question is how can i get that var remoteinfo or the content of
TCPREMOTEINFO so I can use it on my filter.

thanks in advance.

how to get TCPREMOTEINFO

[Nicolas de Bari Embriz Garcia Rojas]

Hi, any idea of how to get the env TCPREMOTEINFO so I can use it on a
filter with qmail-qfilter

regards

Re: DOMAIN ALIAS

[Nicolas de Bari Embriz Garcia Rojas]

I use mailAlternateAddress it work perfect for aliasing.

regards.

On Oct 25, 2007, at 1:19 PM, Robert Wolfe wrote:


On Thu, 25 Oct 2007 19:16:24 +0200
Alain Wolf <[EMAIL PROTECTED]> wrote:


[EMAIL PROTECTED] schrieb:

It would seem that the easiest way of doing this, would be to
simply use the MX records on the domain's record.  For example,
example.com would have the MX record for mail.example.com.  Then
the records for the .net and .org domains, have the mail.example.com
MX for the domain also.

Pardon me if I am missing something simple, it is early here and
I am just waking up.

Josh



Hello

I´m trying to do domain aliasing.


my domain is example.com but example.net, example, org too.

I want that  example.XXX --> redirects to example.com

How can I do this?

Thanks

I use qmail-ldap 20060201







Morning Josh
What about the users? How will mail to [EMAIL PROTECTED] be  
delivered to
[EMAIL PROTECTED], without duplicating the user-records for every  
aliased

domain?


He could always point the IP to both domains in DNS.  That would be  
the easiest
way.  That way, users at @example.net will also get email at  
@example.com

is dovecot fine for qmail-ldap

[Nicolas de Bari Embriz Garcia Rojas]

Hello, i have seen some good reviews about dovecot and trying to  
migrate some sites that currently use courier-imap, so far the  
problem that I have found is with quotas, on dovecot are in kbytes  
and qmail-ldap use them in bytes besides that seems that everything  
to work well, but i would like to know if some one has experience  
with dovecot and qmail-ldap and if is a good option for a site with  
more than 1000 users using an average mailbox size of 50Mb with no  
more than 5 folders.


regards.


PGP.sig
Description: This is a digitally signed message part

smtp_auth for php mail() function

[Nicolas de Bari Embriz Garcia Rojas]

Any idea on how to set SMTP_AUTH for localhost so users that use the  
mail() function can only send mail if they  autenticate. or protect/ 
block some local users to use 127.0.0.1.





regards.


PGP.sig
Description: This is a digitally signed message part

Re: Spam problems smtp proxy or patch (tmp solution)

[Nicolas de Bari Embriz Garcia Rojas]

Hi have found a tmp solution for this problem, i installed TMDA and  
configured for all my ldap users, this prevents only incoming email.


for the deliveryProgramPath of all my ldap users i used this: /var/ 
qmail/bin/preline /usr/local/bin/tmda-filter


also for creating the mailMessageStore i used this dirmaker script

> cat dirmaker
#!/bin/sh
echo '-' >> /usr/home/ 
qmail/dirmaker.log

date >> /usr/home/qmail/dirmaker.log
echo $1 >> /usr/home/qmail/dirmaker.log
id >> /usr/home/qmail/dirmaker.log
mkdir -m 700 -p $1
/var/qmail/bin/maildirmake $1/Maildir
mkdir -p $1/.tmda $1/.tmda/lists $1/.tmda/pending $1/.tmda/responses
/usr/local/bin/tmda-keygen -b > $1/.tmda/crypt_key
touch $1/.tmda/lists/whitelist $1/.tmda/lists/confirmed $1/.tmda/ 
lists/blacklist



later i used this global "/etc/tmdarc" file
---

# TMDARD

CONFIRM_ACCEPT_NOTIFY = 0
SENDMAIL_PROGRAM = "/usr/sbin/sendmail"
FULLNAME = ""
FILTER_INCOMING = "/var/qmail/control/tmda_incoming"
FILTER_OUTGOING = "/var/qmail/control/tmda_outgoing"
MAIL_TRANSFER_AGENT = "qmail"
RECIPIENT_DELIMITER = "-"
DELIVERY = "| /usr/local/bin/deliverquota -w 90 ./Maildir/  
$MAILDIRQUOTA"

BARE_APPEND = "~/.tmda/lists/whitelist"
CONFIRM_APPEND = "~/.tmda/lists/confirmed"
LOGFILE_INCOMING = "/var/qmail/log/tmda/incoming.log"
LOGFILE_OUTGOING = "/var/qmail/log/tmda/outgoing.log"
LOGFILE_DEBUG = "/var/qmail/log/tmda/debug.log"
---

tmda_incoming:
---
# allow whitelisted email
from-file ~/.tmda/lists/whitelist ok
from-file ~/.tmda/lists/confirmed ok
# drop blacklisted email
from-file ~/.tmda/lists/blacklist drop
# spam
headers "X-Spam-Status: YES.*" confirm
# 4 *'s or more
headers "X-Spam-Level: \*\*\*\*.*" confirm
# pass everything else
from * ok
---


and tmda_outgoing:
---
to-file ~/.tmda/lists/whitelist tag
  envelope dated=8d
  from bare

to-file ~/.tmda/lists/confirmed tag
  envelope dated=8d
  from bare

to * tag
   envelope dated=8d
   reply-to dated
   from bare=append
---


for the outgoing mail i use tmda-ofmipd
i created a this daemontools run script:

#!/bin/sh
exec 2>&1
setuidgid vmail /usr/local/bin/tmda-ofmipd -p 0.0.0.0:8025 -d -f -S / 
var/qmail/bin/gethomedir.sh -R pop3://localhost -t /var/qmail/bin/ 
throttle-script.sh


gethomedir.sh is :

#!/bin/sh
MAIL="[EMAIL PROTECTED]"
HOME=`ldapsearch -x -b 'dc=toronja,dc=net' "(&(objectclass=qmailuser) 
(uid=$MAIL))" | grep mailMessageStore | awk '{print $2}'`

echo $HOME

throttle-scrit.sh for now it only have something like this when the  
script exist  0 email can be sent otherwise email is rejected


#!/bin/sh
exit 1 < do not send mail
#exit 0 <--- allow mail

I plan to create something that counts how many message the users  
send per day, currently i have created the followiing: smtpThrottle  
attributetype for ldap  the one  i put in the inetorgperson.schema :


attributetype ( 2.16.840.1.113730.3.1.221
DESC 'The number of message the user is allowed to send'
EQUALITY integerMatch
NAME 'smtpThrottle'
SYNTAX 1.3.6.1.4.1.1466.115.121.1.27
SINGLE-VALUE )

the idea is that the trhottle-script.sh read the smtpTrhottle value  
per user and if the count of sent message is over that number per  
day, start to reject messages.



hope this info can help or give ideas to someone and also if some one  
has a better way of solving this, please share it.



regards.

On Oct 24, 2006, at 11:31 AM, Nicolas de Bari Embriz Garcia Rojas wrote:

For a quick fix  I installed spamguard ( http://www.enderunix.org/ 
spamguard) and is starting to give some results, currently It has  
helpme to identifiy the spamers and the program it self based on  
threshold values moves does users to the /var/qmail/control/ 
badmailfrom.


regards.

On Oct 24, 2006, at 8:27 AM, Felipe Augusto van de Wiel wrote:


On 10/23/2006 03:41 PM, Nicolas de Bari Embriz Garcia Rojas escreveu:
Hi, currently I am using simscan/spamassasin/tarpit/auth/SSL,  
also  have integrated spamassasin to ldap and set  max recipients  
on 2 but   there is always an smart and patience user that start  
sending spam,  they use the webmail or an even a client like  
outlook/kmal/mail and  start to send email one by one.
So i was thinking  on a solution like some other sites do, to  
limit  the outgoing msg per day but is just that I would like to  
know how do  they do it so i can implement it.


I found [1]this on qmail.org.

1. http://spamthrottle.qmail.ca/


There is even a qmail-ldap patch. If it solve your problem,
maybe you can make some comments so w

Re: Spam problems smtp proxy or patch

[Nicolas de Bari Embriz Garcia Rojas]

For a quick fix  I installed spamguard ( http://www.enderunix.org/ 
spamguard) and is starting to give some results, currently It has  
helpme to identifiy the spamers and the program it self based on  
threshold values moves does users to the /var/qmail/control/badmailfrom.


regards.

On Oct 24, 2006, at 8:27 AM, Felipe Augusto van de Wiel wrote:


On 10/23/2006 03:41 PM, Nicolas de Bari Embriz Garcia Rojas escreveu:
Hi, currently I am using simscan/spamassasin/tarpit/auth/SSL,  
also  have integrated spamassasin to ldap and set  max recipients  
on 2 but   there is always an smart and patience user that start  
sending spam,  they use the webmail or an even a client like  
outlook/kmal/mail and  start to send email one by one.
So i was thinking  on a solution like some other sites do, to  
limit  the outgoing msg per day but is just that I would like to  
know how do  they do it so i can implement it.


I found [1]this on qmail.org.

1. http://spamthrottle.qmail.ca/


There is even a qmail-ldap patch. If it solve your problem,
maybe you can make some comments so we can request the nice qmail-ldap
guys to integrate it in the qmail-ldap patch. :-)



regards.


Kind regards,

--
Felipe Augusto van de Wiel <[EMAIL PROTECTED]>
Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE
http://www.paranacidade.org.br/   Phone: (+55 41 3350 3300)





PGP.sig
Description: This is a digitally signed message part

Re: Spam problems smtp proxy or patch

[Nicolas de Bari Embriz Garcia Rojas]

Thanks, I will try both, currently I am also testing qconfirm/ask/ 
tdma to see with one works better with qmail-ldap.


regards.

On Oct 24, 2006, at 8:39 AM, Felipe Augusto van de Wiel wrote:


Hey!

On 10/23/2006 03:41 PM, Nicolas de Bari Embriz Garcia Rojas escreveu:
Hi, currently I am using simscan/spamassasin/tarpit/auth/SSL,  
also  have integrated spamassasin to ldap and set  max recipients  
on 2 but   there is always an smart and patience user that start  
sending spam,  they use the webmail or an even a client like  
outlook/kmal/mail and  start to send email one by one.
So i was thinking  on a solution like some other sites do, to  
limit  the outgoing msg per day but is just that I would like to  
know how do  they do it so i can implement it.


I just remember that eMPF is worth to take a look:

http://www.inter7.com/?page=empf



regards.


Kind regards,

--
Felipe Augusto van de Wiel <[EMAIL PROTECTED]>
Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE
http://www.paranacidade.org.br/   Phone: (+55 41 3350 3300)





PGP.sig
Description: This is a digitally signed message part

Re: Spam problems smtp proxy or patch

[Nicolas de Bari Embriz Garcia Rojas]

Hi, currently I am using simscan/spamassasin/tarpit/auth/SSL, also  
have integrated spamassasin to ldap and set  max recipients on 2 but   
there is always an smart and patience user that start sending spam,  
they use the webmail or an even a client like outlook/kmal/mail and  
start to send email one by one.


So i was thinking  on a solution like some other sites do, to limit  
the outgoing msg per day but is just that I would like to know how do  
they do it so i can implement it.


regards.


On Oct 23, 2006, at 12:01 PM, Felipe Augusto van de Wiel wrote:


On 10/23/2006 02:16 AM, Nicolas de Bari Embriz Garcia Rojas escreveu:
I still can not found a  good solution for preventing outgoing  
SPAM,  I am stock in a server where local users start to send  
spam,  and the  only  bad solution that currently I have found is  
to cancel the  account, but this after hundreds of email have been  
send.
I would like to know if there is an  smtp proxy or an alternate   
software to qmail-ldap/patch  that can help to prevent this kind  
of  SPAM, I have seen that some sites have a protection based on  
messages  sent per day, but would like to know how to implement  
something  similar. I would like to avoid canceling accounts and  
just relay on a  SMTP limit per users so thatI I do not have to  
worry ir a users tries  to send 1 or emails.

any ideas to solve this will be appreciated.


Maybe you can use tarpit? Or implement AUTH? Limit the
number of recipients? Those are ideas to make spammer life a little
bit hard, but if the spamming software is smart (and patience),
even on that condition it can send lots and lots of SPAMs.

What about add SpamAssassin checks on the outgoing
messages? You can even integrate it with LDAP, razor and pyzor.

Kind regards,

--
Felipe Augusto van de Wiel <[EMAIL PROTECTED]>
Coordenadoria de Tecnologia da Informação (CTI) - SEDU/PARANACIDADE
http://www.paranacidade.org.br/   Phone: (+55 41 3350 3300)





PGP.sig
Description: This is a digitally signed message part

Spam problems smtp proxy or patch

[Nicolas de Bari Embriz Garcia Rojas]

I still can not found a  good solution for preventing outgoing SPAM,  
I am stock in a server where local users start to send spam,  and the  
only  bad solution that currently I have found is to cancel the  
account, but this after hundreds of email have been send.


I would like to know if there is an  smtp proxy or an alternate  
software to qmail-ldap/patch  that can help to prevent this kind of  
SPAM, I have seen that some sites have a protection based on messages  
sent per day, but would like to know how to implement something  
similar. I would like to avoid canceling accounts and just relay on a  
SMTP limit per users so thatI I do not have to worry ir a users tries  
to send 1 or emails.



any ideas to solve this will be appreciated.

Limit messages/smtp per users

[Nicolas de Bari Embriz Garcia Rojas]

Is there a way for limiting the number of messages sent per user?

for example, to allow 20 msg/hour for some users or to allow 1000 msg  
every day etc .



regards.


PGP.sig
Description: This is a digitally signed message part

password recovery

[Nicolas de Bari Embriz Garcia Rojas]

Hello, I have been using qmail-ldap and everything just work perfect,  
but frequently I am starting to have problems with some users that  
forget their passwords, so I would like to know if someone has  
implemented or know a way of making easy for recovering the password  
to all does users.


Maybe storing an alternate email on the ldif, or store some  secret  
question/answer , any ideas will be appreciated.



regards.




PGP.sig
Description: This is a digitally signed message part

Re: qmail-ldap error - Check if ~control/ldapserver exists.

[Nicolas de Bari Embriz Garcia Rojas]

For adding virtual domain only create a new OU  on your ldap, using  
virtual hosts on qmail-ldap is very simple and you do not need any  
extra software.


for example:

for username nbari on ejemplo.org the dn would be:

dn: [EMAIL PROTECTED],ou=ejemplo.org,ou=vusers,dc=ejemplo,dc=org

for username nbari on unixmexico.com the dn would be:

dn:  
[EMAIL PROTECTED],ou=unixmexico.com,ou=vusers,dc=ejemplo,dc=org


Also change the mailMessageStore:

for example:

user nbari on ejemplo.org would be:

mailMessageStore: /usr/home/qmail/maildirs/ejemplo.org/nbari

and for nbari on unixmexico.com would be:

mailMessageStore: usr/home/qmail/maildirs/unixmexico.com/nbari



As you can notice that I use the full email for the UID, doing that I  
can have the same username on multiple domains.


Hope this can give you a little idea on how to create virtual domains  
on qmail-ldap.


Regards.


On Jul 18, 2006, at 1:57 PM, FlashWebHost.com wrote:

Try increasing log level and start it on command line to see what  
error

it is giving. Post output here after you issue the command.
Refer this doc to increase log level
http://www.proscrutiny.com/howtos/errata-qmail-ldap.html


# cd /var/qmail/boot/qmail-smtpd
# env LOGLEVEL=255 ./run

It show the problem. "me" was missing in control folder. Fixed with

echo `hostname` > /var/qmail/control/me

qmail-ldaplookup for user root give following result

freebsd# /var/qmail/bin/qmail-ldaplookup -d 255 -u root
init_ldap: control/ldaplogin: cn=Manager,dc=isp,dc=net
init_ldap: control/ldappassword: secret
init_ldap: control/ldapserver: '127.0.0.1'
init_ldap: control/ldapbasedn: ou=users,dc=isp,dc=net
init_ldap: control/ldapobjectclass: qmailUser
init_ldap: control/ldaptimeout: 30
init_ldap: control/ldaprebind: 0
init_ldap: control/ldapuid: 11184
init_ldap: control/ldapgid: 2110
init_ldap: control/ldapmessagestore: /home/vmail/
init_ldap: control/ldapdefaultdotmode: ldaponly
init_ldap: control/defaultquotasize: 1000
init_ldap: control/defaultquotacount: 1
init: control/ldaplocaldelivery: 0
init: control/ldapcluster: 0
init: control/dirmaker:
qldap_open: init successful
qldap_set_option: set referrals successful
qldap_open: init successful
qldap_set_option: set referrals successful
qldap_bind: successful
Searching ldap for: (&(objectClass=qmailUser)(uid=root))
under dn: ou=users,dc=isp,dc=net
qldap_filter: search for (&(objectClass=qmailUser)(uid=root)) failed
(No such object)
qmail-ldaplookup: fatal: qldap_filter: no such object
freebsd#

This is my first qmail-ldap installation, so can you please tell me
how i add a virtual domain to LDAP ?

Reagrds,
- Hide quoted text -

Yujin


http://www.bizhat.com





PGP.sig
Description: This is a digitally signed message part

Re: Error con pop3-ssl

[Nicolas de Bari Embriz Garcia Rojas]

Que tal, como alternativa puedes usar stunnel, lo cual te ayuda a  
usar SSL, tal vez responde a tu pregunta directamente pero funciona  
bastante bien.


...

[pop3s]
accept  = 995
connect = 110
...

Saludos.


On Jul 13, 2006, at 11:02 AM, Estrella wrote:


Hola!
Instalé qmail-1.03 con el patch qmail-ldap-1.03-20060201.patch y  
ucspi-tcp-0.88.

Quiero utilizar pop3-ssl y me da el siguiente error en el log:

@400044b3cc2817c0d55c tcpserver: illegal option -- s
@400044b3cc2817c1525c tcpserver: usage: tcpserver  
[ -1UXpPhHrRoOdDqQv ] [ -c limit ] [ -x rules.cdb ] [ -B banner ]  
[ -g gid ] [ -u uid ] [ -b backlog ] [ -l localname ] [ -t  
timeout ] host port program


y el scripts que hace correr pop3d-ssl es el siguiente:

#!/bin/sh
exec 2>&1
#
# POP3 service
#
QMAIL="/misProgramas/programas/qmail"
ME="`head -1 $QMAIL/control/me`"
if [ -e $QMAIL/control/defaultdelivery ]; then
ALIASEMPTY=`head -1 $QMAIL/control/defaultdelivery 2> /dev/ 
null`

else
ALIASEMPTY=`head -1 $QMAIL/control/aliasempty 2> /dev/null`
fi
ALIASEMPTY=${ALIASEMPTY:="./Maildir/"}

PATH="$QMAIL/bin:$PATH"

# source the environemt in ./env
eval `env - PATH=$PATH envdir ./env awk '\
BEGIN { for (i in ENVIRON) \
if (i != "PATH") { \
printf "export %s=\"%s\"\\n", i, ENVIRON[i] \
} \
}'`

# enforce some sane defaults
TLSCERT=${TLSCERT:="$QMAIL/control/cert.pem"}
PBSTOOL=${PBSTOOL:="$QMAIL/bin/pbsadd"}

if [ X${NOPBS+"true"} = X"true" ]; then
unset PBSTOOL
fi

exec \
tcpserver -v -HRl $ME -x$QMAIL/control/qmail-pop3d.cdb \
${CONCURRENCY:+"-c$CONCURRENCY"} ${BACKLOG:+"-b$BACKLOG"} \
-s ${TLSCERT:+"-n$TLSCERT"} 0 pop3s \
$QMAIL/bin/qmail-popup $ME \
$QMAIL/bin/auth_pop ${PBSTOOL:+"-d$PBSTOOL"}\
$QMAIL/bin/qmail-pop3d "$ALIASEMPTY"

que es el que genera el patch de qmail-ldap. Entiendo que es porque  
la opción -s no es aceptada por tcpserver. Mi consulta es si  
alguien sabe que opción es la que debe ir en su lugar o si necesito  
algún patch extra que no instalé.


Para compilar qmail el Makefile que utilicé es el siguiente:

# Perhaps you have different ldap libraries, change them here
LDAPLIBS=-L/usr/local/lib -lldap -llber
# and change the location of the include files here
LDAPINCLUDES=-I/usr/local/include
# on Slowaris you need -lresolv and probably a LD_RUN_PATH added  
like this:
#LDAPLIBS=-L/opt/OpenLDAP/lib -lldap -llber -lresolv -R/opt/ 
OpenLDAP/lib

# for example on my Linux box I use:
#LDAPLIBS=-L/opt/OpenLDAP/lib -lldap -llber
# if you need a special include-directory for ldap headers enable this
#LDAPINCLUDES=-I/opt/OpenLDAP/include

# ZLIB needed for -DDATA_COMPRESS and -DQMQP_COMPRESS
#ZLIB=-lz
# or you installed zlib in a different path you can use something  
like this

#ZLIB=-L/opt/zlib/lib -lz
#ZINCLUDES=-I/opt/zlib/include

# TLS (SMTP encryption) in qmail-smtpd and qmail-remote, see  
TLS.readme

# You need OpenSSL for this
# use -DTLS_REMOTE to enable tls support in qmail-remote
# use -DTLS_SMTPD to enable tls support in qmail-smtpd
# use -DTLSDEBUG to enable additional tls debug information in  
qmail-remote

TLS=-DTLS_REMOTE -DTLS_SMTPD
# Path to OpenSSL includes
TLSINCLUDES=-I/usr/include/openssl
# Path to OpenSSL libraries
TLSLIBS=-L/usr/local/lib -lssl -lcrypto
# Path to OpenSSL binary
OPENSSLBIN=/usr/bin/openssl
OPENSSLBIN=openssl

# to make the Netscape download progress bar work with qmail-pop3d
# uncomment the next line (allready done)
MNW=-DMAKE_NETSCAPE_WORK

# to enable the auto-maildir-make feature uncomment the next line
MDIRMAKE=-DAUTOMAILDIRMAKE

# to enable the auto-homedir-make feature uncomment the next line
HDIRMAKE=-DAUTOHOMEDIRMAKE

# on most systems we need this to make auth_pop and auth_imap
SHADOWLIBS=-lcrypt
# OpenBSD and other Systems do not have libcrypt, so comment the  
line out

# if you get linking problems.
# To use shadow passwords under some Linux OS, uncomment the next  
two lines.

#SHADOWLIBS=-lcrypt -lshadow
#SHADOWOPTS=-DPW_SHADOW
# To use shadow passwords under Solaris, uncomment the SHADOWOPTS  
line.


# to enable the possibility to log and debug imap and pop uncoment the
# next line
DEBUG=-DDEBUG
# WARNING: you need a NONE DEBUG auth_* to run with inetd

# for profiling ...
#INCTAI=../libtai-0.60
#LIBTAI=../libtai-0.60

# Just for me, make from time to time a backup
BACKUPPATH=/backup/qmail-backup/qmail-ldap.`date "+%Y%m%d-%H%M"`.tar
# STOP editing HERE !!!

--
Saludos,
Estrella




PGP.sig
Description: This is a digitally signed message part

Re: DSPAM

[Nicolas de Bari Embriz Garcia Rojas]

Hello, I am not using .qmail files, just a global procmail (called  
using the deliveryprogram) conf and simscan calling spamassasin, but  
would like to replace spamassasin and test dspam so for now i am  
interested on a global conf that can be used.


regards.

On Jun 30, 2006, at 1:42 AM, David Hawke wrote:


Nicolas de Bari Embriz Garcia Rojas wrote:

Hello, some one has installed and configured DSPAM with qmail-ldap?
I'd suspect that it is the same with qmail-ldap as it is with qmail  
- you configure it downstream of qmail via the  .qmail file - link  
it with maildrop to handle saving spam separately or use the dspam  
web interface to handle the quarantined files.


It was quite quick and easy to implement - set up dspam and the  
spam and notspam  mail addresses, then configure the .qmail  
and .mailfilter files and away it goes.


After much hunting for how to do it, I was very pleased with
- how straightforward it is to implement
- how reliable it is - running 20% spam with 99%+ classification  
accuracy.


You can also use it upstream of qmail by setting it as the default  
mx host, then deliver the mail on to your qmail installation.


It doesn't seem to integrate with qmail-scanner.

David H


I would like to know how to install it and to get out the best of it.


Regards.


!DSPAM:501,44a4c2b7244766491211187!






PGP.sig
Description: This is a digitally signed message part

DSPAM

[Nicolas de Bari Embriz Garcia Rojas]

Hello, some one has installed and configured DSPAM with qmail-ldap?

I would like to know how to install it and to get out the best of it.


Regards.



PGP.sig
Description: This is a digitally signed message part

reject spam asking for verification

[Nicolas de Bari Embriz Garcia Rojas]

Hello, is there a filter or plugging maybe to spammassassin or  
simscan that can work in conjunction with qmail-ldap so when an email  
is flagged has spam (hits over 10) instead of rejecting the email,  
send an email to the sender asking for a verification (Your email  
requires verification). so if the email/sender is verified pass the  
email.



Regards.



PGP.sig
Description: This is a digitally signed message part

Re: Restricting pop3 / imap access

[Nicolas De Bari Embriz Garcia Rojas]

Hi, you can try to use the accountStatus  on the ldiff of the user  
and  LDAP_FILTER (if you use courier-imap)  in conjunction that could  
help


On May 31, 2006, at 10:53 AM, Diego Zuaneti Arruda wrote:


 Hi all,

  Somebody knows some way to restrict the access of some user only  
to POP3 but not IMAP. I thought about something in the attribute it  
schema as noimap would not have access to the IMAP.


  Suggestions?



Thanks.

Diego.

Sending Limit

[Nicolas De Bari Embriz Garcia Rojas]

Hi all, is there a way to limit the sending messages per user?  the  
problem that i have is that my users with a webmail account are  
starting to send spam so I was thinking on limiting the number of  
emails per day so in that way avoid the spam.


For now i have close the webmail and users must use a pop/imap client  
and their ISP SMTP host  but I do not  like that solution, i would  
like to know if some one can share some best practices of avoiding  
spam from their own users that have SMTP access.


Regards.

Re: Howto install on FreeBSD

[Nicolas De Bari Embriz Garcia Rojas]

For qmail-ldap on FreeBSD I recommend to install it from the source  
do not use the ports.


simple follow the INSTALL.* and README files

Regards.


On Apr 4, 2006, at 9:04 PM, Gustavo Fukao wrote:


I' m looking for an article / howto install by FreeBSD's port,
I found someones, but nothing using ports or detailled.



Thanx


--
-- 
--

Gustavo FukaoEngenharia da Computacao
CEL: 14 9163 5798
FreeBSD user: 51175
ICQ: 51266435 MSN: gustavofukao[at]hotmail.com
-- 

Re: noaccess not working with courier-imap SOLUTION

[Nicolas de Bari Embriz Garcia Rojas]

Hi, thanks a lot for your answer, what i did for solving this was to  
modify the LDAP_FILTER on the authldaprc file to this:


LDAP_FILTER (&(objectClass=qmailUser)(accountStatus=active))

now using noaccess works for both pop3 and imap4.

Regards.


On Mar 29, 2006, at 7:31 AM, Brian T Glenn wrote:

On Tue, Mar 28, 2006 at 06:40:32PM -0600, Nicolas de Bari Embriz  
Garcia Rojas may have written:

Hi all, I needed to block the access to an account  and to forward
all the incoming email of the account to another 2 accounts, what I
did was to only add the emails to the mailForwardingAddress and to
change the activeStatus to noaccess.

POP is blocked and the mail is been forwarded,  but imap still
working, so the user can check his email via webmail(squirrelmail),

Any idea on how to block pop and imap accounts but still receiving
email?


I don't know about Courier, but dovecot has a filter that you can
specify to it to define active users. I set that to include
(accountStatus=active), and when I set it to nopop, the user gets
authentication failed errors.

Perhaps Courier has something similar?

--
Brian T Glenn
delink.net Internet Services

we all block port 79/tcp (finger); what port is 'tentacle' ?? --Tanuki

noaccess not working with courier-imap

[Nicolas de Bari Embriz Garcia Rojas]

Hi all, I needed to block the access to an account  and to forward  
all the incoming email of the account to another 2 accounts, what I  
did was to only add the emails to the mailForwardingAddress and to  
change the activeStatus to noaccess.


POP is blocked and the mail is been forwarded,  but imap still  
working, so the user can check his email via webmail(squirrelmail),


Any idea on how to block pop and imap accounts but still receiving  
email?



Regards.

catchall for all postmaster accounts

[Nicolas de Bari Embriz Garcia Rojas]

Is there a way for having one single postmaster account for all the  
domains ?


maybe a catchall but for the domains?


regards.

mailmessagestore in procmail

[Nicolas de Bari Embriz Garcia Rojas]

Hi all, is there a way to pass the full path stored on the  
mailMessagestore atribut of the ldap to procmail when using  
deliveryProgramPath ?


my mailMessagestore looks something like this: /usr/home/qmail/ 
maildirs/ejemplo.org/nbari
and my deliveryProgramPath like this: /usr/local/bin/procmail -p  
[EMAIL PROTECTED] /usr/local/etc/procmailrc


with that procmail imports the $HOME just like /usr/home/qmail/ 
maildirs but i have to complement it using the LOGNAME. I would like  
to avoid doing that and to maybe just use a $MAILDIR having the full  
path of the mailMessagestore.



any ideas ?


regards
 

Re: qmail-ldap and pureftpd

[Nicolas de Bari Embriz Garcia Rojas]

Hi, after editing the qmail-ldap.h

from:

#define LDAP_HOMEDIR"homeDirectory"

to

#define LDAP_HOMEDIR"nohomeDirectory"


Everything just start to working perfect. my final ldiff looks like  
this:


dn: [EMAIL PROTECTED],ou=ejemplo.org,ou=vusers,dc=toronja,dc=net
objectClass: top
objectClass: qmailUser
objectClass: posixAccount
objectClass: PureFTPdUser
uid: [EMAIL PROTECTED]
cn: nbari
mail: [EMAIL PROTECTED]
mailMessageStore: /ejemplo.org/nbari
accountStatus: active
deliveryMode: nolocal
deliveryProgramPath:  /usr/local/bin/procmail -p  
[EMAIL PROTECTED] /usr/local/etc/procmailrc

userPassword: {SSHA}GMI1U7S5iQw9xjCP7mwXi08mJ2qYu/mm
uidNumber: 80
gidNumber: 80
homeDirectory: /data/vftp/nbari
FTPStatus: enabled
FTPQuotaFiles: 50
FTPQuotaMBytes: 10


I added the posixAccount and the PureFTPdUser classes also I edited  
the mailMessageStore what I did specially on here was to add the  
slash at the beginning / (like it it where an absolute path)  what it  
is strange (possible bug)  is that  in normal use (no changes on  
qmail-ldap.h) I do not have the leading slash and also on the control  
files on the ldapmessagestore I have only this : /usr/home/qmail/ 
maildirs (prefix) so the  mailMessageStore looks like this /usr/home/ 
qmail/maildirs(no slash)ejemplo.org/nbari for some reasons that work,  
but after editing the qmail-ldap.h thhe behavior of the  
mailmessagestore changed. puting the full absolute path of the  
messageSatore also worked and the ldapmsessagestore was ignored.  
seems that the condition after editing the qmail-ldap.h looks like :


if mailMessageStore path exists then use it if not then try to see if  
using the ldapmessagestore plus the value on mailMessageStore are a  
valid path.


Also I had to remove the objectClass: person and the objectClass:  
inetOrgPerson for some know reasons they do not work with the  
PureFTPdUser class, so I would like to know if  there is a problem if  
i do not put does classes.


Beside that every thing seems to work perfect, if some one has a  
recommendation of a better practice of doing this i will appreciate  
the info, for now with this ldif and with the change made to the  
qmail-ldap.h file I am available to manage email and ftp, also the  
users now can control both of  the services with just one single  
login and password.


if any one is interested on doing something similar hope this info  
can help.


Regards.




On Mar 10, 2006, at 3:03 AM, Claudio Jeker wrote:

On Thu, Mar 09, 2006 at 08:19:18PM -0600, Nicolas de Bari Embriz  
Garcia Rojas wrote:

Hi all, I would like to use the same user and password for both email
and ftp using qmail-ldap and pure-ftpd has some one done this before
or has any idea of how to merge both ldifs and maybe have just one,
so a users can use their email has the user to login via ftp and also
when the users changes his password from the webmail, the user has
changed the password for the ftp to.



There is no problem in doing that. Just add an additional  
objectclass (if

necessary for pureftpd).

pureftpd uses IIRC uid, userPassword and homeDirectory (plus  
uidNumber and
gidNumber if not set by default). Now qmail-ldap uses uid for pop3/ 
imap
login, userPassword for password verification. The only porblem  
could be
homeDirectory because qmail will use this plus mailMessageStore to  
find
out where to deliver the messages. So you may need to modify  
LDAP_HOMEDIR

in qmail-ldap.h to point to something like noHomeDirectory.

As userPassword is used by both daemons changing it will change it for
both.

--
:wq Claudio

qmail-ldap and pureftpd

[Nicolas de Bari Embriz Garcia Rojas]

Hi all, I would like to use the same user and password for both email  
and ftp using qmail-ldap and pure-ftpd has some one done this before  
or has any idea of how to merge both ldifs and maybe have just one,  
so a users can use their email has the user to login via ftp and also  
when the users changes his password from the webmail, the user has  
changed the password for the ftp to.


regards.

Re: deliveryProgramPath and Maildrop

[Nicolas de Bari Embriz Garcia Rojas]

Hi, I use procmail and on deliveryPgrogramPath have something like this:

/usr/local/bin/procmail -p [EMAIL PROTECTED] /usr/local/etc/ 
procmailrc



maybe you just have to add to all your users the [EMAIL PROTECTED]

by the way are you using spam rules per users? if you do how are you  
doing it.


regards.


On Feb 17, 2006, at 11:32 AM, Eduardo Martinho wrote:


Andreas,
I tried with $LOGNAME and appeared VMAIL instead of email recipient  
(To). I need of recipient to execute spamc with "-u" parameter.





Andreas Stollar wrote:

Try $LOGNAME


On Fri, 17 Feb 2006, Eduardo Martinho wrote:


Date: Fri, 17 Feb 2006 13:30:25 -0300
From: Eduardo Martinho <[EMAIL PROTECTED]>
To: qmail-ldap@qmail-ldap.org
Subject: deliveryProgramPath and Maildrop

Hi,

I have a problem. I'm trying to use attribute deliveryProgramPath  
"/usr/bin/maildrop", but inside of file /etc/maildroprc the  
variable $USER is empty.

Any idea ?

Thanks,

Eduardo Martinho

sample of /etc/maildroprc:

 
###

#
# Use SpamAssassin to filter SPAM
#
 
###

if( $SIZE < $SCANSPAMSIZE ) {
xfilter "/usr/bin/spamc -u $USER -s $SCANSPAMSIZE"
}

if (/^X-Spam-Status: *Yes/:h)
{
#Create SPAM IMAP folder if they don't have one
`test -d $DEFAULT/.Spam`
if( $RETURNCODE == 1 )
{
  `/usr/bin/maildirmake -f Spam $DEFAULT`
  `echo INBOX.Spam >> $DEFAULT/courierimapsubscribed`
}
exception {
  to "$DEFAULT/.Spam/"
}
}






--

Re: problem using default@our.domain entry for ezmlm + qmail-ldap

[Nicolas de Bari Embriz Garcia Rojas]

When using ezmlm, no Maildir should be created, there is no need for it. maybe that is your problem you are not correctly installing / configuring the ezmlm listbased on your on configuration, the dot filese are on:/var/ezmlm/and the lists are on lists and the ezmlm files are on opsI think that is wrong or at least I have never configured ezmlm in tha way, i use to treat mailing lists  has if they were normal users just with out a Maildir folderwhy not just try to create a normal user, verify that the account works, then just via sell enter to the dir where the maildir is located and to this:---ezmlm-make -udigt -5 [EMAIL PROTECTED] /var/ezmlm/testuser /var/ezmlm/testuser/.qmail list yourdomain.org---after doing that, modify your ldif remember it is not going to be a normal user, it will be a mailint list, verify this:accountStatus: nopopqmailDotMode: dotonlythen only check the perms regardsOn Jan 27, 2006, at 12:25 AM, jay alvarez wrote:Nicolas de Bari Embriz Garcia Rojas <[EMAIL PROTECTED]> wrote: From a previous post:---Hi, you just need to add the attribute mailAlternetAddress to the user that you want to catch all the emailmailAlternateAddress: [EMAIL PROTECTED]After doing that all the email that goes to [EMAIL PROTECTED] will be catched by the [EMAIL PROTECTED] that has the catchall attribute.also you can use it in this way: [EMAIL PROTECTED] and all the email that goes to user-* will  be catched to the email account that has that attribute, this is useful for using a mailing list just like ezmlmhope this can give you an idea on the catchall feature, there maybe other ways to use it but this are the ones that I use more frequentlyTry to put a catchall to an account that works on your server and it if works then try with your mailing list, also check that /var/ezmlm/lists exists and under that directory it is the name of the list, what i mean is that if /var/ezmlm/lists is the maildir of your list you should have there the .dot files for the mailing list Ok, here is one account that works well. I even tried sending an email to [EMAIL PROTECTED] and a folder named "/var/ezmlm/lists" was created and inside it is its Maildir folder containing the email..   dn: uid=ezmlmboy,ou=people,o=our,dc=domain --- objectClass: top objectClass: qmailUser objectClass: person mail: [EMAIL PROTECTED] mailAlternateAddress: [EMAIL PROTECTED] uid: ezmlmboy accountStatus: active mailHost: mail2.our.domain homeDirectory: /var/ezmlm/lists aliasEmpty: using default qmailDotMode: dotonly qmailUID: 1012 qmailGID: 1012 mailQuotaSize: 5000 mailQuotaCount: 0 (unlimited) mailSizeMax: 0 (unlimited) mailReplyText: undefined   Now, on ezmlm-web, I will create a mailing list   List Name: ops List Address: [EMAIL PROTECTED]  # ls /var/ezmlm/ .qmail-default  .qmail-default-owner    lists .qmail-default-default  .qmail-default-return-default  # ls /var/ezmlm/lists/ Maildir ops  # ls /var/ezmlm/lists/ops/ allow   config  inhost  mailinglist owner archive editor  inlocal manager public archived    headeradd   key mod subscribers bounce  headerremove    lock    outhost text bouncer indexed lockbounce  outlocal    webnamesTry sending an email to [EMAIL PROTECTED], and as you've said, a user with [EMAIL PROTECTED] attribute should catch this email...  starting delivery 2: msg 9703434 to local [EMAIL PROTECTED] @400043d9bd1b0884c74c status: local 1/10 remote 0/20 @400043d9bd1b0998796c delivery 2: failure: Sorry,_no_mailbox_here_by_that_name._(#5.1.1)/  		  What are the most popular cars? Find out at Yahoo! Autos

Re: problem using default@our.domain entry for ezmlm + qmail-ldap

[Nicolas de Bari Embriz Garcia Rojas]

From a previous post:---Hi, you just need to add the attribute mailAlternetAddress to the user that you want to catch all the emailmailAlternateAddress: [EMAIL PROTECTED]After doing that all the email that goes to [EMAIL PROTECTED] will be catched by the [EMAIL PROTECTED] that has the catchall attribute.also you can use it in this way: [EMAIL PROTECTED] and all the email that goes to user-* will  be catched to the email account that has that attribute, this is useful for using a mailing list just like ezmlmhope this can give you an idea on the catchall feature, there maybe other ways to use it but this are the ones that I use more frequentlyTry to put a catchall to an account that works on your server and it if works then try with your mailing list, also check that /var/ezmlm/lists exists and under that directory it is the name of the list, what i mean is that if /var/ezmlm/lists is the maildir of your list you should have there the .dot files for the mailing listregardsOn Jan 26, 2006, at 11:53 PM, jay alvarez wrote:Nicolas de Bari Embriz Garcia Rojas <[EMAIL PROTECTED]> wrote: try doing this:/var/qmail/bin/qmail-ldaplookup -m [EMAIL PROTECTED]if you get an: No entries found. maybe there is a problem with your ldiff Found 1 entry:  dn: uid=ezmlmboy,ou=people,o=our,dc=domain --- objectClass: top objectClass: qmailUser objectClass: person mail: [EMAIL PROTECTED] mailAlternateAddress: [EMAIL PROTECTED] uid: ezmlmboy accountStatus: active mailHost: mail2.our.domain homeDirectory: /var/ezmlm/lists aliasEmpty: using default qmailDotMode: dotonly qmailUID: 1012 qmailGID: 1012 mailQuotaSize: 5000 mailQuotaCount: 0 (unlimited) mailSizeMax: 0 (unlimited) mailReplyText: undefined   Could it be that -DASH_EXT is not working for me??? But I have this in my Makefile before building:  -DDASH_EXT  Is there a way to check this??  Thanks...   	 		 Yahoo! Autos. Looking for a sweet ride? Get pricing, reviews, & more on new and used cars.

Re: problem using default@our.domain entry for ezmlm + qmail-ldap

[Nicolas de Bari Embriz Garcia Rojas]

try doing this:/var/qmail/bin/qmail-ldaplookup -m [EMAIL PROTECTED]if you get an: No entries found. maybe there is a problem with your ldiffregards.On Jan 26, 2006, at 11:23 PM, jay alvarez wrote:Russell Simpkins <[EMAIL PROTECTED]> wrote: jay alvarez wrote:> Hi,You have to add mailAlternateAddress: [EMAIL PROTECTED] Ok, already added but still got "Sorry,_no_mailbox_here_by_that_name" when trying to send an email to a mailing list address.  Here's the complete ldif:  dn: uid=ezmlmboy,ou=people,o=our,dc=domain objectClass: top objectClass: qmailUser objectClass: person qmailUID: 1012 qmailGID: 1012 uid: ezmlmboy sn: ezmlm cn: ezmlmboy mailHost: mail2.our.domain mail: [EMAIL PROTECTED] mailAlternateAddress: [EMAIL PROTECTED] mailMessageStore: /var/ezmlm/lists qmailDotMode: dotonly accountStatus: nopop      However, the normal email account works fine:   dn: uid=jayson,ou=people,o=our,dc=domain objectClass: top objectClass: inetOrgPerson objectClass: posixAccount objectClass: qmailUser uid: jayson uidNumber: 2000 gidNumber: 2000 homeDirectory: /home/jayson loginShell: /bin/csh userPassword: mail: [EMAIL PROTECTED] mailHost: mail2.our.domain mailMessageStore: /var/vmail/jayson accountStatus: active mailSizeMax: 1000 qmailUID: 1010 qmailGID: 1010 mailQuotaSize: 5000  The mailing list I created is "ops" via ezmlm-web... I can see that these files have been successfully created:  # ls /var/ezmlm/ .qmail-ops  .qmail-ops-owner    lists .qmail-ops-default  .qmail-ops-return-default     # cat lists/ops/config F:-aBCDEFGHIJKLMNOpQRSTUVWXYZ X: D:/var/ezmlm/lists/ops T:/var/ezmlm/.qmail-ops L:ops H:lists.our.domain C: 0: 3: 4: 5: 6: 7: 8: 9:   Any idea why the "default" email address doesn't seem to catch the emails sent to "[EMAIL PROTECTED]"   Thanks..  		Bring words and photos together (easily) with PhotoMail  - it's free and works with Yahoo! Mail.

Re: problem using default@our.domain entry for ezmlm + qmail-ldap

[Nicolas de Bari Embriz Garcia Rojas]

Hi, hope this can help and clear things a little more

after successfully  installing qmail-ldap with (-DDASH_EXT) and ezmlm  
you are ready for creating  a mailing list.


The ldif that i use for the mailing list is:


dn: [EMAIL PROTECTED],ou=ejemplo.org,ou=qmail,dc=ejemplo,dc=org
objectClass: top
objectClass: person
objectClass: inetOrgPerson
objectClass: qmailUser
uid: [EMAIL PROTECTED]
cn: list
sn: list
mail: [EMAIL PROTECTED]
mailAlternateAddress: [EMAIL PROTECTED]
mailMessageStore: ejemplo.org/list
accountStatus: nopop
qmailDotMode: dotonly


for creating the mailing list using ezmlm-idx use this:

ezmlm-make -udigt -5 [EMAIL PROTECTED] /usr/home/qmail/maildirs/ 
ejemplo.org/list/list /usr/home/qmail/maildirs/ejemplo.org/ 
list/.qmail list ejemplo.org


then i only check the perms on the mailbox for the list so that  
everything on it belongs to vmail:vmail I do this doing a simple  
chown -hR vmail:vmail ~vmail/ejemplo.org/list/



regards




On Jan 26, 2006, at 6:34 PM, jay alvarez wrote:


Hi,
You need to create a special catchall account for the lists.  
Specifically,

[EMAIL PROTECTED]
So, does this means that I need to create an ldap entry for "each"  
mailing lists?..(treat a mailing list address as if it is a real  
email account?) How about that, [EMAIL PROTECTED] entry??


I have a script that gets things set up for ezmlm lists on my qmail- 
ldap

install. It sets qmailDotMode: dotonly, and a mailAlternateAddress:
[EMAIL PROTECTED] Happy to give you the cgi if you  
like.


Andreas
Sure, I'd be more than thankful if you could share this to me
Thank you very much.
-Jayson





What are the most popular cars? Find out at Yahoo! Autos

Re: catch-all

[Nicolas de Bari Embriz Garcia Rojas]

Hi, you just need to add the attribute mailAlternetAddress to the  
user that you want to catch all the email


mailAlternateAddress: [EMAIL PROTECTED]

After doing that all the email that goes to [EMAIL PROTECTED] will be  
catched by the [EMAIL PROTECTED] that has the catchall attribute.


also you can use it in this way: [EMAIL PROTECTED] and all  
the email that goes to user-* will  be catched to the email account  
that has that attribute, this is useful for using a mailing list just  
like ezmlm



hope this can give you an idea on the catchall feature, there maybe  
other ways to use it but this are the ones that I use more frequently


regards

On Jan 7, 2006, at 5:11 AM, pinoyskull wrote:


hi,

im fairly new to qmail-ldap and i wanted to know how to use  
catchall feature.


thank you.

Re: QMAIL LDAP with IMAP

[Nicolas de Bari Embriz Garcia Rojas]

Courier IMAP is ok, you can also use it with imapproxy:  http:// 
www.imapproxy.org,


cat pkg-descr :

"The IMAP Proxy server is a caching IMAP proxy that was written to  
reduce the load that web mail clients put on an IMAP server be  
keeping server connections alive for reuse, thus avoiding a new  
server connection for each Webmail transaction. "


On Dec 20, 2005, at 8:57 PM, Rony wrote:


I want Qmail LDAP with Courier IMAP

And Internal mail  with 300 person  use IMAP and Extenal users with  
pop3


I question

IMAP  with 300 concurrent connecton  will  Slow Performance  ??


Thanks

Auto subscribe to imap folders

[Nicolas de Bari Embriz Garcia Rojas]

Hi all, sorry if this is of topic, but anyone knows how to auto  
subscribe users to imap folders on courier-imap?


I use procmail to send spam to a folder named SPAM but when people  
login is to check their mail via webmail (squirrelmail) they just see  
the folders INBOX. SENT DRAFTS TRASH, if i use bincimap i can use  
this line on the conf file:


 auto subscribe mailboxes = "INBOX,SPAM",

and then users when login they can see the SPAM folder but how can I  
get the same results using courier-imap.



regards.

Re: Binc-imap VS Courier-imap

[Nicolas de Bari Embriz Garcia Rojas]

I would like to start using also binc, courier-imap has become a  
nightmare,  have you all ready installed and tested with qmail-ldap?


regards.



On Nov 21, 2005, at 12:31 PM, Matt Pruett wrote:


I am currently running courierimap, but was thinking of trying binc
because courier seems a bit big and over complicated for just using  
the
imap part. I mostly just want to know what you all think of it,  
does it

work well with outlook? any problems i should know about? etc etc

--
Matt Pruett <[EMAIL PROTECTED]>

Re: Automaildir.

[Nicolas de Bari Embriz Garcia Rojas]

On mailMessageStore: just put the domain name and the user do not put  
the full path, something like this:


mailMessageStore:  kare2

do not put /var/qmail/maildirs/kare2

ldap will use the info that is on ldapmessagestore for going to the  
users home.


regards.


On Oct 1, 2005, at 5:38 PM, Layn wrote:


   Nothing, its the same:

   deferral: Unable_to_open_/var/qmail/maildirs/ 
kare2:_is_a_directory._(#4.2.1)/


   This is the ldap's kare2 users:

shuhi:/var/qmail# /var/qmail/bin/qmail-ldaplookup -d 255 -m  
[EMAIL PROTECTED]
Searching ldap for: (&(objectClass=qmailUser)(| 
([EMAIL PROTECTED])([EMAIL PROTECTED])))

under dn: dc=example,dc=com
Found 1 entry:

dn: [EMAIL PROTECTED],dc=example,dc=com
---
objectClass: person
objectClass: top
objectClass: inetOrgPerson
objectClass: qmailUser
mail: [EMAIL PROTECTED]
uid: [EMAIL PROTECTED]
accountStatus: active
mailHost: smtp.example.com
homeDirectory: /var/qmail/maildirs/kare2
aliasEmpty: /var/qmail/maildirs/kare2
qmailDotMode: ldaponly
qmailUID: 11184
qmailGID: 2110
mailQuotaSize: 100
mailQuotaCount: 1000
mailSizeMax: 0 (unlimited)
deliveryMode: noprogram
mailReplyText: undefined


And it was create with the next attributes:

shuhi:/var/qmail# cat /tmp/user.ldif
dn: [EMAIL PROTECTED],dc=example,dc=com
cn: kare2
sn: kare2
objectClass: person
objectClass: top
objectClass: inetOrgPerson
objectClass: qmailUser
o: example
uid: [EMAIL PROTECTED]
mail: [EMAIL PROTECTED]
mailHost: smtp.example.com
homeDirectory: /var/qmail/maildirs/kare2
mailMessageStore: /var/qmail/maildirs/kare2
userPassword: 123456
deliveryMode: noprogram
accountStatus: Active

ldapadd -x -H ldap://localhost/ -D "cn=admin,dc=example,dc=com" -W - 
f /tmp/user.ldif


And now, send a  mail to kare2:

#echo To: [EMAIL PROTECTED] | /var/qmail/bin/qmail-inject

And the log:

@4000433f09da0e33a49c info msg 811919: bytes 206 from  
<[EMAIL PROTECTED]> qp 6269 uid 0
@4000433f09da0f1e6a2c starting delivery 193: msg 811919 to  
local [EMAIL PROTECTED]

@4000433f09da0f2090f4 status: local 1/10 remote 0/20
@4000433f09da115bee7c delivery 193: deferral: Unable_to_open_/ 
var/qmail/maildirs/kare2:_is_a_directory._(#4.2.1)/



I have used the normal /var/qmail/bin/dirmaker and this:
#!/bin/sh
mkdir -m 700 -p $1
/var/qmail/bin/maildirmake $1/Maildir
chown -R vmail:vmail $1
chmod -R 700 $1

But the dir is ok:

   # ls -l /var/qmail/maildirs/
total 24
drwx--  3 vmail vmail 4096 2005-10-01 18:20 anata
drwx--  3 vmail vmail 4096 2005-10-01 18:20 anata2
drwx--  3 vmail vmail 4096 2005-10-01 18:23 anata3
drwx--  3 vmail vmail 4096 2005-10-02 00:08 kare
drwx--  3 vmail vmail 4096 2005-10-02 00:12 kare2
drwx--  3 vmail vmail 4096 2005-10-01 18:20 watashi3

# ls -l /var/qmail/maildirs/kare2/
total 4
drwx--  5 vmail vmail 4096 2005-10-01 18:20 Maildir

# ls -l /var/qmail/maildirs/kare2/Maildir/
total 12
drwx--  2 vmail vmail 4096 2005-10-01 18:20 cur
drwx--  2 vmail vmail 4096 2005-10-01 18:20 new
drwx--  2 vmail vmail 4096 2005-10-01 18:20 tmp

   Where can the problem be ?
 This is my /etc/ldap/slapd.conf:

# cat /etc/ldap/slapd.conf
# This is the main slapd configuration file. See slapd.conf(5) for  
more

# info on the configuration options.

## 
#

# Global Directives:

# Features to permit
#allow bind_v2

# Schema and objectClass definitions
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/inetorgperson.schema
include /etc/ldap/schema/qmail.schema

# Schema check allows for forcing entries to
# match schemas for their objectClasses's
schemacheck on

# Where the pid file is put. The init.d script
# will not stop the server if you change this.
pidfile /var/run/slapd/slapd.pid

# List of arguments that were passed to the server
argsfile/var/run/slapd.args

# Read slapd.conf(5) for possible values
loglevel0

# Where the dynamically loaded modules are stored
modulepath  /usr/lib/ldap
moduleload  back_ldbm

## 
#

# Specific Backend Directives for ldbm:
# Backend specific directives apply to this backend until another
# 'backend' directive occurs
backend ldbm

## 
#

# Specific Directives for database #1, of type ldbm:
# Database specific directives apply to this databasse until another
# 'database' directive occurs
databaseldbm
suffix  "dc=example,dc=com"
#suffix "o=example"
directory   "/var/lib/ldap"
index   objectClass eq
rootdn  "cn=admin,dc=example,dc=com"
rootbinddn  "cn=admin,dc=example,dc=com"
#rootpw {SSHA}4162+KLfc6cKgOg7g6Os0lnfVKk6bHa8
rootpw  1234



   If a co

Re: Automaildir.

[Nicolas de Bari Embriz Garcia Rojas]

Hope this can help you:1. be sure that your Makefile on qmail after applying the patch has the following:# to enable the auto-maildir-make feature uncomment the next lineMDIRMAKE=-DAUTOMAILDIRMAKE# to enable the auto-homedir-make feature uncomment the next lineHDIRMAKE=-DAUTOHOMEDIRMAKE2. After installing qmail-ldap go to you control files normally located at /var/qmail/controlthen add this to that filecat  > /var/qmail/control/dirmaker/var/qmail/bin/dirmakercreate the file /var/qmail/bin/dirmaker and put this on it: ( it may change according to your installation)#!/bin/shecho '-' >> /usr/home/qmail/dirmaker.logdate >> /usr/home/qmail/dirmaker.logecho $1 >> /usr/home/qmail/dirmaker.logid >> /usr/home/qmail/dirmaker.logmkdir -m 700 -p $1/var/qmail/bin/maildirmake $1/Maildirthat file is owned by root:qmail:% ll /var/qmail/bin/dirmaker -rwxr-xr-x  1 root  qmail  264 Jun 16 11:53 dirmaker*also check the ldapmessagestore, on my case is : /usr/home/qmail/maildirs  (directory owned by vmail:vmail)% ll /usr/home/qmail/-rw-r--r--  1 vmail  vmail  3562 Sep 12 23:13 dirmaker.logdrwxr-xr-x  4 vmail  vmail   512 Sep 12 22:48 maildirs/3. verify the permson my case /usr/home/qmail/* is owned by vmail:vmail4. here is an example of ldif:dn: uid=[EMAIL PROTECTED],ou=ejemplo.org,ou=qmail,o=EJEMPLO,c=CAobjectClass: topobjectClass: personobjectClass: inetOrgPersonobjectClass: qmailUseruid: [EMAIL PROTECTED]cn: nbarisn: nbariaccountStatus: activemail: [EMAIL PROTECTED]mailHost: ejemplo.orgmailMessageStore: ejemplo.org/nbarideliveryMode: noprogrammailAlternateAddress: [EMAIL PROTECTED]from: http://www.glaven.org/qmail-ldap.htmldirmakerDirmaker (which we altered our makefile for) allows us to declare a script that will autocreate home directories for us upon receipt of first email on a new account. So, create an LDAP account for [EMAIL PROTECTED], with a mailbox of /mail/glaven.org/users/j/jasonpanopolous and dirmaker will automagically create the directory (and tree), set permissions, and deliver the mail there. I created /var/qmail/bin/dirmaker, and put that path in my dirmaker control file. Here is the contents of my dirmaker scriptHope this can help you.Regards.On Oct 1, 2005, at 11:24 AM, Layn wrote:   Thansk for your faster reply, now the directory is created:   drwx--  3 vmail vmail 4096 2005-10-01 18:20 anata   This directory is empty, no Maildir, no cur, no new, no tmp...   And the log say:   deferral: Unable_to_open_/var/qmail/maildirs/anata2:_is_a_directory._(#4.2.1)   If manually i do the Maildir directory the answer is the same:   deferral: Unable_to_open_/var/qmail/maildirs/anata2:_is_a_directory._(#4.2.1) The anata user:dn: uid=anata2,dc=example,dc=comcn: anata2sn: anata2objectClass: personobjectClass: topobjectClass: inetOrgPersonobjectClass: qmailUsero: exampleuid: anata2mail: [EMAIL PROTECTED]mailHost: smtp.example.comhomeDirectory: /var/qmail/maildirs/anata2mailMessageStore: /var/qmail/maildirs/anata2userPassword: 123456   Regards,   Layn. Hi Layn,Solution is quite simple - I'll just point it out one by one1. In your qmail-1.03 source directory, locate the file 'qmail-ldap.h'.2. In this file, locate the parameter 'LDAP_HOMEDIR' and change its value to'mailMessageStore'3. Now go to the qmail source directory and recompile qmail-ldap with thecommand -make setup check4. In the directory /var/qmail/control, make sure u have the followingcontrol files with the contents given along with this...(I) ldapserver  - localhost(II) ldaplogin - 'cn=Manager,dc=yourdomain,dc=com'(III) ldappassword - 'yoursecretpassword'(IV) ldapbasedn - 'dc=yourdomain,dc=com'(V) ldaplocaldelivery - 1(VI) make sure localdomains and rcpthosts contain the name of ur domain5. chown root:qmail /var/qmail/control/ldap*Also make sure that your /etc/ldap.conf has enabled authentication for thedomain manager i.e cn=Manager,dc=yourdomain,dc=com...Locate related entriesin this file and make changes accordingly...rootbinddn cn=Manager,dc=yourdomain,dc=comAlso uncomment the entry for passwordNow, when you create a new user, qmail will automatically create the user'shome directory, which is also the maildir of user 'watashi' (/var/qmail/maildirs/watashi.  ). So the directory 'watashi' will be createdas a maildir and not a mailbox directory.In case the maildir is not created, just send a mail to this newly createduser 'watashi' with any demo text. qmail will then automatically create thedesired maildir.Hope that helps. Good luck with your qmail-ldap installation.Regards,Amit- Original Message - From: "Layn" <[EMAIL PROTECTED]>To: Sent: Saturday, October 01, 2005 8:49 PMSubject: Automaildir.     I know this is a comun problem, i have read similar post in thislist and anothers, but, i cant fix this error. So please if you have anyidea about its, please tell me.   My problem is the next:   When i send a mail to a local users (no sistem local, local of mydomains, defined in my