[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Virtual users in sendmail (and vacation/.forward support?)
On Thu, 21 Aug 2003, Paul Dlug wrote:
> I'm using sendmail with OpenLDAP integration to handle mail aliases and
> would like to support virtual user accounts (accounts are looked up in
> the LDAP server and mapped to a single local user with delivery via
> procmail). I'm not clear on how this is supposed to work, virtusertable
> seems to be designed to forward mail for a virtual host on to another
> system not deliver it locally. If anyone could provide some explanation
> or examples I would appreciate it.
>
> Also, is anyone aware of a mechanism for supporting vacation messages
> and basic forwarding from LDAP? I'd like to provide an interface for my
> users to set an away message or forward their mail. It would be easy to
> write a quick web app to do this but I need the support in the MTA for
> it.
>
>
> Thanks,
> Paul
>
I can help with the first part, I have this working now. Not in
production yet, but on a test machine.
My ldap is setup like this (I changed some of it to make it generic).
dn: uid=dusty,ou=users,dc=mydomain,dc=com
objectClass: inetorgperson
objectClass: posixaccount
cn: Dustin Doris
sn: Doris
labeledURI: http://www.mydomain.com/~dusty
telephoneNumber: 333-333-3333
uid: dusty
loginShell: /usr/local/bin/bash
uidNumber: 1001
gidNumber: 1001
homeDirectory: /home/dusty
gecos: Dustin Doris
userPassword:: e2NyeXB0fSQxJFBmNXNCNS5KJERhN25aLnIyWVpjWFFUNFE1VUNHNzA=
mail: dusty@mydomain.com
mail: monkey@mydomain.com
mail: test@myotherdomain.com
In my sendmail.mc I have added the following: Comments w/ *.
define(confLDAP_DEFAULT_SPEC, '-h localhost')dnl
*that defines what ldap server to use
FEATURE(`ldap_routing')dnl
*enable ldap routing
FEATURE(virtusertable, `ldap: -k (&(objectclass=posixaccount)(mail=%0)) -v
uid -b "ou=users,dc=mydomain,dc=com"')dnl
*the virtuser table
FEATURE(genericstable, `ldap: -k (&(objectclass=posixaccount)(uid=%0)) -v
mail -b "ou=users,dc=mydomain,dc=com"')dnl
*the genericstable
So here is what happens.
When an email comes in, sendmail will lookup the user it is to: in the
ldap virtusertable. So say it comes in to monkey@mydomain.com, that
correspons to %0 in the virtusertable part. So it will do an ldapsearch
for (&(objectclass=posixaccount)(mail=monkey@mydomain.com)), looking for
the uid, which is the -v part, in the base of ou=users,dc=mydomain,dc=com.
Ldap will return the uid of dusty and that is where the mail will be
delivered, to the local user dusty.
Then when a message is going out, it will use genericstable. Say dusty
sends an email out. Then dusty is the %0 part and it will look to ldap
for (&(objectclass=posixaccount)(uid=dusty)), looking for the mail entry
(-v mail) in the base of ou=users,dc=mydomain,dc=com. I have three mail
entries in there, but (in my experience) sendmail will take just the first
entry. So in this case it will rewrite to say it is from
dusty@mydomain.com. If I would rather have it rewrite to something else,
then I change the order of those entries. No idea if that is correct, but
its working for me in my tests.
Now, I have the rest in files, but you can put those in ldap as well. The
links at the end show you how.
define(`ALIAS_FILE', `/etc/mail/aliases')dnl
FEATURE(access_db, `hash -o -T<TMPF> /etc/mail/access')dnl
FEATURE(masquerade_envelope)dnl
GENERICS_DOMAIN_FILE(`/etc/mail/genericsdomain')dnl
FEATURE(use_cw_file)dnl
FEATURE(use_ct_file)dnl
That is not the total mc file, but a good start for you. Here are some
handy links that explain how to put it in ldap.
http://www.sendmail.org/m4/ldap_routing.html
http://www.sendmail.org/m4/ldap.html
Hope that helps!
-Dustin Doris