1 Topic by mpaska (edited by mpaska 2011-01-23 14:26:21)

  • mpaska
  • Member
  • Offline
  • Registered: 2010-08-05
  • Posts: 6

Topic: LDAP + Catch-all + address tags

Has anyone had any success with allowing catch-all addresses, and address tags to function?

For example, given the domain example.com that has a catch-all forward, and e-mail account for sarah@example.com.

The catch-all:

mail: @example.com
mailForwardingAddress: user@example.com

Sarah's e-mail:

mail: sarah@example.com

This works fine with an ldap backend with catch-all modifications (per: http://www.iredmail.org/wiki/index.php? … atch-all), however how can I allow address tags to function correctly? E.g. An e-mail sent to sarah+addresstagtest@example.com will get caught via the @example.com catch-all and forwarded to user@example.com.

Any ideas how I can make it correctly be delivered to sarah@example.com e-mail account?

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,082

Re: LDAP + Catch-all + address tags

iRedMail use dovecot lda as default MDA (mail deliver agent), here are some references:

- http://wiki.dovecot.org/LDA
- http://wiki.dovecot.org/LDA/Postfix

3 Reply by mpaska (edited by mpaska 2011-01-23 15:13:18)

  • mpaska
  • Member
  • Offline
  • Registered: 2010-08-05
  • Posts: 6

Re: LDAP + Catch-all + address tags

Already tried that, my /etc/dovecot/dovecot.conf contains:

plugins {
...
recipient_delimiter = +

From what I can tell from reading virtual(5), the recipient_delimiter setting in postfix/main.cf should ensure lookups are preformed with the delimiter part stripped. But I am not seeing that:

/var/log/syslog:

Jan 23 17:28:35 can-vps-1 slapd[1058]: conn=5650 op=42 SRCH base="ou=Users,domainName=example.com,o=domains,dc=development,dc=private" scope=1 deref=0 filter="(&(objectClass=mailUser)(mail=sarah+test@example.com)(accountStatus=active)(enabledService=mail))"

I'm starting to run out of ideas, and from what I understand the LDAP lookups are coming from Postfix and before Dovecot are even in the scene.

4 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,082

Re: LDAP + Catch-all + address tags

"recipient_delimiter = +" is a postfix setting, not dovecot.
Did you have this in postfix for your testing?

5 Reply by mpaska (edited by mpaska 2011-01-23 15:59:29)

  • mpaska
  • Member
  • Offline
  • Registered: 2010-08-05
  • Posts: 6

Re: LDAP + Catch-all + address tags

ZhangHuangbin wrote:

"recipient_delimiter = +" is a postfix setting, not dovecot.
Did you have this in postfix for your testing?

Yes, here's my postconf -n:

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
inet_interfaces = all
mailbox_command = /usr/lib/dovecot/deliver
mailbox_size_limit = 0
mydestination = $myhostname, localhost.localdomain, localhost
mydomain = example.com
myhostname = mail.example.com
mynetworks = 127.0.0.0/8 192.168.1.0/24 111.118.169.56 [::ffff:127.0.0.0]/104 [::1]/128
myorigin = /etc/mailname
proxy_read_maps = $canonical_maps $lmtp_generic_maps $local_recipient_maps $mydestination $mynetworks $recipient_bcc_maps $recipient_canonical_maps $relay_domains $relay_recipient_maps $relocated_maps $sender_bcc_maps $sender_canonical_maps $smtp_generic_maps $smtpd_sender_login_maps $transport_maps $virtual_alias_domains $virtual_alias_maps $virtual_mailbox_domains $virtual_mailbox_maps
readme_directory = no
recipient_delimiter = +
relay_domains = $mydestination, proxy:ldap:/etc/postfix/ldap/relay_domains.cf
relay_recipient_maps = proxy:ldap:/etc/postfix/ldap/virtual_mailbox_maps.cf
relayhost = 
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP Wish I was surfing!
smtpd_helo_restrictions = permit_mynetworks,permit_sasl_authenticated, check_helo_access pcre:/etc/postfix/check_helo_access.pcre
smtpd_recipient_restrictions = reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unlisted_recipient, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_non_fqdn_helo_hostname, reject_invalid_helo_hostname
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = no
smtpd_sasl_local_domain = 
smtpd_sasl_path = dovecot-auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_login_maps = proxy:ldap:/etc/postfix/ldap/sender_login_maps.cf
smtpd_sender_restrictions = permit_mynetworks, reject_sender_login_mismatch, permit_sasl_authenticated
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
transport_maps = proxy:ldap:/etc/postfix/ldap/transport_maps_user.cf, proxy:ldap:/etc/postfix/ldap/transport_maps_domain.cf
virtual_alias_maps = hash:/etc/postfix/aliases, proxy:ldap:/etc/postfix/ldap/virtual_alias_maps.cf, proxy:ldap:/etc/postfix/ldap/virtual_group_maps.cf, proxy:ldap:/etc/postfix/ldap/sender_login_maps.cf, proxy:ldap:/etc/postfix/ldap/catch_all_maps.cf
virtual_gid_maps = static:1001
virtual_mailbox_base = /home/maildir
virtual_mailbox_domains = proxy:ldap:/etc/postfix/ldap/virtual_mailbox_domains.cf
virtual_mailbox_maps = proxy:ldap:/etc/postfix/ldap/virtual_mailbox_maps.cf
virtual_minimum_uid = 1001
virtual_transport = dovecot
virtual_uid_maps = static:1001

Reading the http://wiki.dovecot.org/LDA/Postfix page, I've also changed master.cf to:

dovecot   unix  -       n       n       -       -       pipe
  flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${user}@${nexthop}

.. which as the link suggests, should "ignores address extensions (ie user+extension@domain.com delivers just like user@domain.com)".

Any idea what I am doing wrong?

Update:

If I set the accountStatus = disable for the catch-all, address tags work correctly and as expected. Does this suggest there is something fishy with the LDAP queries?