/var/mail/<имя_домена>/<имя_пользователя>
(формат maildir);
Предупреждение
/etc/samba/smb.conf
в секции [global]:
ldap server require strong auth = no
#samba-tool user create -W Users vmail
#samba-tool user setexpiry vmail --noexpiry
# apt-get install postfix-ldap
/etc/postfix
изменить файлы для домена test.alt:
main.cf
:
# Global Postfix configuration file. This file lists only a small subset # of all parameters. For the syntax, and for a complete parameter list, # see the postconf(5) manual page. For a commented and more complete # version of this file see /etc/postfix/main.cf.dist mailbox_command = /usr/libexec/dovecot/dovecot-lda -f "$SENDER" -a "$RECIPIENT" inet_protocols = ipv4 # Mappings virtual_mailbox_base = /var/mail virtual_mailbox_domains = test.alt virtual_mailbox_maps = ldap:/etc/postfix/ad_local_recipients.cf virtual_alias_maps = ldap:/etc/postfix/ad_mail_groups.cf virtual_transport = dovecot local_transport = virtual local_recipient_maps = $virtual_mailbox_maps # SSL/TLS smtpd_use_tls = yes smtpd_tls_security_level = encrypt #smtpd_tls_security_level = may smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = test.alt smtpd_sasl_path = private/auth smtpd_sasl_type = dovecot smtpd_sender_login_maps = ldap:/etc/postfix/ad_sender_login.cf smtpd_tls_auth_only = yes smtpd_tls_cert_file = /var/lib/ssl/certs/dovecot.cert smtpd_tls_key_file = /var/lib/ssl/private/dovecot.key smtpd_tls_CAfile = /var/lib/ssl/certs/dovecot.pem smtpd_recipient_restrictions = permit_mynetworks, reject_unauth_destination, per-mit_sasl_authenticated, reject smtpd_sender_restrictions = reject_authenticated_sender_login_mismatch
/etc/postfix/mydestination
должен быть пустым;
master.cf
необходимо добавить строки:
dovecot unix - n n - - pipe flags=DRhu user=mail:mail argv=/usr/libexec/dovecot/deliver -d ${recipient} smtps inet n - n - - smtpd -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes -o smtpd_client_restrictions=permit_sasl_authenticated,reject
ad_local_recipients.cf
:
version = 3 server_host = test.alt:389 search_base = dc=test,dc=alt scope = sub query_filter = (&(|(mail=%s)(otherMailbox=%u@%d))(sAMAccountType=805306368)) result_filter = %s result_attribute = mail special_result_attribute = member bind = yes bind_dn = cn=vmail,cn=users,dc=test,dc=alt bind_pw = Pa$$word
ad_mail_groups.cf
:
version = 3 server_host = test.alt:389 search_base = dc=test,dc=alt timeout = 3 scope = sub query_filter = (&(mail=%s)(sAMAccountType=268435456)) result_filter = %s result_attribute = mail special_result_attribute = member bind = yes bind_dn = cn=vmail,cn=users,dc=test,dc=alt bind_pw = Pa$$word
ad_sender_login.cf
:
version = 3 server_host = test.alt:389 search_base = dc=test,dc=alt scope = sub query_filter = (&(objectClass=user)(|(sAMAccountName=%s)(mail=%s))) result_attribute = mail bind = yes bind_dn = cn=vmail,cn=users,dc=test,dc=alt bind_pw = Pa$$word
# service postfix restart
# postconf >/dev/null
# postmap -q petrov@test.alt ldap:/etc/postfix/ad_local_recipients.cf
petrov@test.alt
Проверка входа:
# postmap -q petrov@test.alt ldap:/etc/postfix/ad_sender_login.cf
petrov@test.alt
Проверка общего адреса e-mail:
#samba-tool group add --mail-address=sales@test.alt Sales
Added group Sales #samba-tool group addmembers Sales ivanov,petrov
Added members to group Sales #postmap -q sales@test.alt ldap:/etc/postfix/ad_mail_groups.cf
sales@test.alt,ivanov@test.alt,petrov@test.alt