Anonymous_User Absent Member.
Absent Member.
2907 views

setting up LDAP objects for mail server

Hi,

What should I do to setup LDAP objects on oes to setup a mail server?

Thanks


Labels (2)
0 Likes
8 Replies
Anonymous_User Absent Member.
Absent Member.

Re: setting up LDAP objects for mail server

Erol wrote:
> Hi,
>
> What should I do to setup LDAP objects on oes to setup a mail server?
>
> Thanks


Need some more information please:

OpenLDAP or eDirectory?
What kind of access do you want? (POP3, IMAP, Webmail)


For most mailservers, you don't need to do any fancy LDAP setup. I
usually recommend Postfix for the MTA (which comes by default on OES).
An MTA is the part that accepts the messages via SMTP and delivers the
mail locally (or reroutes it/rewrites it, postfix is very powerful). You
can also later integrate spamassassin and clamav (or your favorites) for
spam and antivirus filtering via amavis-new.

For mail retrieval, I usually go with Dovecot for POP3/IMAP access, and
IMP from the horde package (horde.org) for webmail.

Postfix can generally handle the local delivery for you (I recommend
Maildir format to home dirs if small scale, otherwise a dedicated
directory on a SAN-mounted disk or database storage to
MySQL/PostGre/Oracle).

On OES, assuming you're using eDirectory and not OpenLDAP, you really
don't need to touch the LDAP objects unless you have more than 65,000
individual users on a single machine. Just set up the users for Linux
User Management (LUM) and they'll show up as local users in PAM, and you
just set up the package as if you had created them all locally.

Let me know if you have a more specific reason why you need to use LDAP.

--
Justin Grote
Network Architect
JWG Networks
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: setting up LDAP objects for mail server

Hi,

First of all thanks for the answer.. I have 2 sles based oes servers, I
have edirectory on one and I am trying to install a mail server to the other
one which will use the edirectory users. I have installed the
yast2-mail-server module to configure and when I try to use it, it says that
I need to run LDAP client module and enable the 'create default
configuration objects' option and Enable "LDAP Support Active" in the DNS
Server module. As far as I understand from your reply I don't need to
install yast2-mail-server module but how will I configure postfix with yast
then?

Thanks

Erol



"Justin Grote" <rastan@junkmail.com> wrote in message
news:OzJef.123$Pe3.87@prv-forum2.provo.novell.com...
> Erol wrote:
>> Hi,
>>
>> What should I do to setup LDAP objects on oes to setup a mail server?
>>
>> Thanks

>
> Need some more information please:
>
> OpenLDAP or eDirectory?
> What kind of access do you want? (POP3, IMAP, Webmail)
>
>
> For most mailservers, you don't need to do any fancy LDAP setup. I usually
> recommend Postfix for the MTA (which comes by default on OES). An MTA is
> the part that accepts the messages via SMTP and delivers the mail locally
> (or reroutes it/rewrites it, postfix is very powerful). You can also later
> integrate spamassassin and clamav (or your favorites) for spam and
> antivirus filtering via amavis-new.
>
> For mail retrieval, I usually go with Dovecot for POP3/IMAP access, and
> IMP from the horde package (horde.org) for webmail.
>
> Postfix can generally handle the local delivery for you (I recommend
> Maildir format to home dirs if small scale, otherwise a dedicated
> directory on a SAN-mounted disk or database storage to
> MySQL/PostGre/Oracle).
>
> On OES, assuming you're using eDirectory and not OpenLDAP, you really
> don't need to touch the LDAP objects unless you have more than 65,000
> individual users on a single machine. Just set up the users for Linux User
> Management (LUM) and they'll show up as local users in PAM, and you just
> set up the package as if you had created them all locally.
>
> Let me know if you have a more specific reason why you need to use LDAP.
>
> --
> Justin Grote
> Network Architect
> JWG Networks



0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: setting up LDAP objects for mail server

Erol wrote:
> As far as I understand from your reply I don't need to
> install yast2-mail-server module but how will I configure postfix with yast
> then?


I honestly never use Yast for anything except for package management, so
I couldn't tell you. I just edit the configuration files in /etc/postfix
with my favorite editor (Kate on Linux GUI, nano for command line,
notepad2 via WinSCP on Windows). But you probably will need it to
install a postfix MTA with YaST. Can't help you there though, I find
it's much easier to just work with the config files than try to do it
through YaST. That's just me though.



--
Justin Grote
Network Architect
JWG Networks
0 Likes
Highlighted
Anonymous_User Absent Member.
Absent Member.

Re: setting up LDAP objects for mail server

Have you tried to run cyrus? I couldnt hande the authentication for cyrus..
Any experience about it?

thanks..

"Justin Grote" <rastan@junkmail.com> wrote in message
news:TiNef.407$Pe3.336@prv-forum2.provo.novell.com...
> Erol wrote:
>> As far as I understand from your reply I don't need to install
>> yast2-mail-server module but how will I configure postfix with yast then?

>
> I honestly never use Yast for anything except for package management, so I
> couldn't tell you. I just edit the configuration files in /etc/postfix
> with my favorite editor (Kate on Linux GUI, nano for command line,
> notepad2 via WinSCP on Windows). But you probably will need it to install
> a postfix MTA with YaST. Can't help you there though, I find it's much
> easier to just work with the config files than try to do it through YaST.
> That's just me though.
>
>
>
> --
> Justin Grote
> Network Architect
> JWG Networks



0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: setting up LDAP objects for mail server

Erol wrote:
> Have you tried to run cyrus? I couldnt hande the authentication for cyrus..
> Any experience about it?


Yes, Cyrus is basically a black-box system that uses its own messaging
format, and the cyrus implementation of SASL, which is like GSSAPI or
PAM in that it is supposed to be an authentication framework. Cyrus also
uses Sieve, a server side filtering language that you can get a frontend
for called Ingo from the Horde project.

Cyrus scales pretty well, and has a solid IMAP implementation, but I've
since moved to Dovecot for the following reasons:

- Designed for security from the start
- Uses Maildir standard format (a standard so it's not hard to migrate
to another program or use Maildir-compatible tools)
- Much more lightweight with the same scalability
- Uses SASL authentication (so it can be tied to many systems)

Unfortunately Dovecot doesn't come with SLES9, I had to build RPMs
separately. Cyrus should work fine for you, though I'll admit the SASL
authentication setup can be a bitch at first.

--
Justin Grote
Network Architect
JWG Networks
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: setting up LDAP objects for mail server

I did the pam authentication quiet easily. Now my problem is, how can I
create alieses for the users. All of my users have their email addresses as
<firstname>.<lastname> and user names in sles based oes have problems with
'.' How do you create your alieses? Use ldap mapping to the 'email' in
edirectory?


"Justin Grote" <rastan@junkmail.com> wrote in message
news:9cKgf.6813$Pe3.5905@prv-forum2.provo.novell.com...
> Erol wrote:
>> Have you tried to run cyrus? I couldnt hande the authentication for
>> cyrus.. Any experience about it?

>
> Yes, Cyrus is basically a black-box system that uses its own messaging
> format, and the cyrus implementation of SASL, which is like GSSAPI or PAM
> in that it is supposed to be an authentication framework. Cyrus also uses
> Sieve, a server side filtering language that you can get a frontend for
> called Ingo from the Horde project.
>
> Cyrus scales pretty well, and has a solid IMAP implementation, but I've
> since moved to Dovecot for the following reasons:
>
> - Designed for security from the start
> - Uses Maildir standard format (a standard so it's not hard to migrate to
> another program or use Maildir-compatible tools)
> - Much more lightweight with the same scalability
> - Uses SASL authentication (so it can be tied to many systems)
>
> Unfortunately Dovecot doesn't come with SLES9, I had to build RPMs
> separately. Cyrus should work fine for you, though I'll admit the SASL
> authentication setup can be a bitch at first.
>
> --
> Justin Grote
> Network Architect
> JWG Networks



0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: setting up LDAP objects for mail server

Erol wrote:
> I did the pam authentication quiet easily. Now my problem is, how can I
> create alieses for the users. All of my users have their email addresses as
> <firstname>.<lastname> and user names in sles based oes have problems with
> '.' How do you create your alieses? Use ldap mapping to the 'email' in
> edirectory?


Postfix is very powerful for setting up any sort of aliases you need.
See the /etc/aliases and the associated manpage for details, but you can
do pretty much anything you need to do, including email addresses with
periods in them with a few regular expressions.

http://www.postfix.org/aliases.5.html

--
Justin Grote
Network Architect
JWG Networks
0 Likes
radompowiat
New Member.

Re: setting up LDAP objects for mail server

We have a problem with Dovecot server cooperation with the LUM service (pam_nam.so). We have tried different configurations in the /etc/pam.d/dovecot file without success - the user login to the server ends with the error: "AUTHENTICATION FAILED".
If your Dovecot server works with the LUM service, I would like to know the correct entries in the file /etc/pam.d/dovecot and dovecot.conf.
Greetings,
 
Tags (3)
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.