gmane.mail.qmail.ldap

Issues with plain authentication mode with qmail-ldap 20120221

André Alexandre Gaio — 2013-05-19T01:51:07

Hello Guys,

I'm having a problem since I started using the patch 20120221, about 1 
year ago, I had not noticed yet.

The problem is as follows:

If I use the LOGIN authentication mode, everything happens normally. 
This is how I configure my email clients by default.

If I set any email client PLAIN authentication mode, the login process 
usually happens when the user enters the correct password, and send 
email normally follows too.

But when the user misses the password at login, the qmail-smtpd process 
falls with a segfault, but he usually responds well:

535 authentication failure
or
501 failed authentication exchange

It ends the session normally.

I noticed this strange behavior when a user configured mode PLAIN by 
mistake in your email client instead of LOGIN so that is what standardized.

Appears in the log with LOGLEVEL=255 and DEBUGLEVEL=3:

< at >400000005197d6e333ee9034 tcpserver: pid 27959 from XXX.XXX.45.10
< at >400000005197d6e333f575d4 tcpserver: ok 27959 
correio.domaindst.com.br:172.16.1.2:587 
correio01.domainorig.com.br:XXX.XXX.45.10::60720
< at >400000005197d6e3341050d4 qmail-smtpd 27959: connection from 
XXX.XXX.45.10 (correio01.domainorig.com.br) to correio.domaindst.com.br
< at >400000005197d6e33410c9ec qmail-smtpd 27959: enabled options: max msg 
size: 55000000 starttls sanitycheck blockrelayprobe rcptcheck ldapsoftok 
smtp-auth authrequired smtp550disconnect qmailqueue 
/var/qmail/bin/simscan-msa
< at >400000005197d6ea2407f9e4 qmail-smtpd 27959: remote ehlo: domainorig.com.br
< at >400000005197d6f235249f34 qmail-smtpd 27959: auth plain
< at >400000005197d6f2353df77c init_ldap: control/ldapserver: '127.0.0.1'
< at >400000005197d6f2353e64dc init_ldap: control/ldapbasedn: 
dc=domaindst,dc=com,dc=br
< at >400000005197d6f2353e68c4 init_ldap: control/ldapobjectclass: qmailUser
< at >400000005197d6f2353e68c4 init_ldap: control/ldaptimeout: 30
< at >400000005197d6f2353e6cac init_ldap: control/ldaprebind: 1
< at >400000005197d6f2353e6cac init_ldap: control/ldapuid: 777
< at >400000005197d6f2353e6cac init_ldap: control/ldapgid: 777
< at >400000005197d6f2353e7094 init_ldap: control/ldapmessagestore: /vmail/
< at >400000005197d6f2353e8bec init_ldap: control/ldapdefaultdotmode: both
< at >400000005197d6f2353ea35c init_ldap: control/defaultquotasize: 1024000000
< at >400000005197d6f2353ea35c init_ldap: control/defaultquotacount: 5000
< at >400000005197d6f23544d164 qldap_open: init successful
< at >400000005197d6f23544ecbc qldap_set_option: set referrals successful
< at >400000005197d6f2354d31ec qldap_bind: successful
< at >400000005197d6f23552044c qldap_lookup: search for 
(&(objectClass=qmailUser)(uid=suporte)) succeeded
< at >400000005197d6f235526dc4 qldap_get_attr(accountStatus): active
< at >400000005197d6f23553f07c qldap_open: init successful
< at >400000005197d6f2355413a4 qldap_set_option: set referrals successful
< at >400000005197d6f2355ad61c qldap_bind: failed (Invalid credentials)
< at >400000005197d6f2355ada04 check_ldap: password compare was not successful
< at >400000005197d6f2355b919c warning: auth_fail: user suporte failed
< at >400000005197d6f33636c2e4 tcpserver: end 27959 status 139

This behavior does not happen with the previous patch 20060201.

Has anyone had noticed this? Or just happen to me?

My server is a Dell with Xeon E5430 2.66GHz processor with 16GB RAM and 
SAS disks, the distro is a linux CentOS 6.4 with kernel default 
2.6.32-358.6.1.el6.x86_64 #1 SMP.
This happens too in a small Atom D525 with 4GB RAM and Ubuntu 12.04.2 
LTS with 3.2.0-32-generic x86_64 SMP kernel.

Thanks in advice and sorry by the long mail and by my bad english. :-)

ezmlm

Friedrich Locke — 2013-04-02T19:37:12

Does qmail-ldap works with ezmlm ?

Thanks.

Fried

Qmail-LDAP/Dovecot Cluster

Jeff Hardy — 2013-03-13T17:19:12

Hello,

I have worked with qmail-ldap and Dovecot for a number of years, and 
recently wrote up a piece going into great detail about all aspects of 
our environment.  It currently supports a rather small installation of 
~10K active users.  If it should be of interest:

http://fritz.potsdam.edu/projects/email

It is intended primarily for system administrators or mail 
administrators interested in building mail infrastructure on top of 
open-source technologies, and is inspired by the likes of Life with qmail.

Topics include storage, backup, directory integration, local and remote 
mail exchange, checkpassword SMTP-Auth and Dovecot login, RBLs, 
content-scanning and anti-spam, quarantine, webmail, etc.  Full 
installation directions and configuration stanzas are provided for 
nearly every piece of the infrastructure.

Comments/criticism welcome.  Cheers.

-Jeff

--
Jeffrey M Hardy
Network / Systems Administrator
hardyjm< at >potsdam.edu

Want to blacklist a sender and drop mails silently

Raja T Nair — 2013-02-04T13:09:08

Hello All,

Is there a way in qmail-ldap, where I can blacklist one sender and drop all
mails from this id silently?
I don't want to send a 'mail rejected' message to her.

Regards,
Raja.

YNT: changing user mailhost on working environment

Ismail Yenigul — 2013-01-15T18:15:54

Just move the user mailbox like a regular directory. If the messagestore path is different on the new host. You must update this attr. Or use a Shared storage on all machines. Nfs might be easy solution.




-Sent from Galaxy NoteFriedrich Locke <friedrich.locke< at >gmail.com> yazdı:Hi,

suppose i have a cluster with 5 machine. For a given user, let me say: xyz, the mailhost is z, i want to change his mailhost to b. The ldap part is pretty easy, but what about the email the user already have in mailhost z. How do i move them from mailhost z to mailhost b.
How do you do that ?

Thanks in advance.

changing user mailhost on working environment

Friedrich Locke — 2013-01-15T16:18:17

Hi,

suppose i have a cluster with 5 machine. For a given user, let me say: xyz,
the mailhost is z, i want to change his mailhost to b. The ldap part is
pretty easy, but what about the email the user already have in mailhost z.
How do i move them from mailhost z to mailhost b.
How do you do that ?

Thanks in advance.

patches for qmail-ldap

Friedrich Locke — 2013-01-14T18:41:26

Sorry folks,

but in my journey to get obsd+oldap+qmail working i am in need for a patch
(AFAIK, by Mr. Jeker) , more precisely:

http://www.mail-archive.com/qmail-ldap< at >qmail-ldap.org/msg07407.html

I cannot cut and paste it right now, that's why i am asking!

Does anybody have it and would like to send me ?

Thanks in advance.

openbsd+ldap+qmail: a nightmare

Friedrich Locke — 2013-01-14T16:15:26

Hi folks,

i have been walking around and now i need to get qmail+ldap+openbsd working.
I could configure  everything, as usual openbsd runs rock solid. But i
believe openldap does not like openbsd somehow. That's what i want to
figure it out.

The point is: i have just setted up obsd+oldap+qmail. I am trying to send a
message for the only user i have in the tree: somehow, i don't know why is
"eating" all my system memory. I am really curious why it happens on OBSD.
I am running amd64 5.2, but i remenber to have given up some time ago when
the obsd version was not 5.2. When i issue ldapsearch not memory increase
is realized.

The problem remains even with the 5.2 version.
Some information is provided below :

sioux< at >gustav$ uname -a
OpenBSD gustav.cpd.ufv.br 5.2 GENERIC.MP#368 amd64
sioux< at >gustav$ pkg_info | grep openldap
openldap-client-2.4.31 Open source LDAP software (client)
openldap-server-2.4.31p0 Open source LDAP software (server)
sioux< at >gustav$

For the /etc/openldap/slapd.conf, here you have it:

#
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
#
include         /etc/openldap/schema/core.schema
include         /etc/openldap/schema/cosine.schema
include         /etc/openldap/schema/nis.schema
include         /etc/openldap/schema/qmail.schema

# Define global ACLs to disable default read access.

# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral       ldap://root.openldap.org

pidfile         /var/run/openldap/slapd.pid
argsfile        /var/run/openldap/slapd.args

# Load dynamic backend modules:
# modulepath    /usr/local/libexec/openldap
# moduleload    back_bdb.la
# moduleload    back_hdb.la
# moduleload    back_ldap.la

# Sample security restrictions
#       Require integrity protection (prevent hijacking)
#       Require 112-bit (3DES or better) encryption for updates
#       Require 63-bit encryption for simple bind
# security ssf=1 update_ssf=112 simple_bind=64

# Sample access control policy:
#       Root DSE: allow anyone to read it
#       Subschema (sub)entry DSE: allow anyone to read it
#       Other DSEs:
#               Allow self write access
#               Allow authenticated users read access
#               Allow anonymous users to authenticate
#       Directives needed to implement policy:
# access to dn.base="" by * read
# access to dn.base="cn=Subschema" by * read
# access to *
#       by self write
#       by users read
#       by anonymous auth
#
# if no access controls are present, the default policy
# allows anyone and everyone to read anything but restricts
# updates to rootdn.  (e.g., "access to * by * read")
#
# rootdn can always read and write EVERYTHING!

#######################################################################
# BDB database definitions
#######################################################################

database        bdb
#suffix         "dc=my-domain,dc=com"
suffix          "dc=ufv,dc=br"
#rootdn         "cn=Manager,dc=my-domain,dc=com"
rootdn          "cn=oldap,dc=ufv,dc=br"
# Cleartext passwords, especially for the rootdn, should
# be avoid.  See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
#rootpw         secret
rootpw          {SSHA}HBjSmSCbiE8J26EuDg3ULnSj2SmN1x5g
# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
directory       /var/openldap-data
# Indices to maintain
index   cn                                      eq
index   objectClass                             eq
index   mail,mailalternateaddress,uid           eq,sub
index   accountstatus,mailhost,deliverymode     eq
index   default                                 eq

cachesize       4096
checkpoint      128 15
dbnosync
dirtyread

sasl-host       gustav.cpd.ufv.br
sasl-realm      UFV.BR
sasl-regexp     uid=([^,]+),cn=UFV.BR,cn=gssapi,cn=auth
                uid=$1,ou=people,dc=ufv,dc=br

limits dn.base="cn=ypldap,ou=appsrv,dc=ufv,dc=br" time=2048 size=16384
limits dn.base="cn=mail,ou=appsrv,dc=ufv,dc=br" time=2048 size=16384
limits dn.onelevel="ou=people,dc=ufv,dc=br" time=4 size=16384

################################################################################
# access definition on ou=appsrv,dc=ufv,dc=br
################################################################################

access to dn.one="ou=appsrv,dc=ufv,dc=br" attrs=userPassword
        by self read
        by anonymous auth
#       by * none

access to dn.one="ou=appsrv,dc=ufv,dc=br"
        by dn.one="ou=appsrv,dc=ufv,dc=br" read

access to dn.base="ou=appsrv,dc=ufv,dc=br" attrs=entry
        by dn.one="ou=appsrv,dc=ufv,dc=br" read

################################################################################
# access definition on ou=group,dc=ufv,dc=br
################################################################################

access to dn.one="ou=group,dc=ufv,dc=br"
        by dn.base="cn=ypldap,ou=appsrv,dc=ufv,dc=br" read
        by dn.one="ou=people,dc=ufv,dc=br" read

access to dn.base="ou=group,dc=ufv,dc=br" attrs=entry
        by dn.base="cn=ypldap,ou=appsrv,dc=ufv,dc=br" read
        by dn.one="ou=people,dc=ufv,dc=br" read

################################################################################
# access definition on ou=people,dc=ufv,dc=br
################################################################################

access to dn.one="ou=people,dc=ufv,dc=br" attrs=userPassword
        by self read
        by dn.base="cn=mail,ou=appsrv,dc=ufv,dc=br" read
        by anonymous auth
        by * none

access to dn.one="ou=people,dc=ufv,dc=br" attrs=uid,homeDirectory
        by self read
        by dn.base="cn=mail,ou=appsrv,dc=ufv,dc=br" read
        by dn.base="cn=ypldap,ou=appsrv,dc=ufv,dc=br" read

access to dn.one="ou=people,dc=ufv,dc=br"
attrs=cn,uidNumber,gidNumber,loginShell,gecos,description
        by self read
        by dn.base="cn=ypldap,ou=appsrv,dc=ufv,dc=br" read

access to dn.one="ou=people,dc=ufv,dc=br"
attrs=mail,mailMessageStore,mailAlternateAddress,qmailUID,qmailGID,mailHost,mailForwardingAddress,deliveryProgramPath,qmailDotMode,deliveryMode,mailReplyText,accountStatus,qmailAccountPurge,mailQuotaSize,mailQuotaCount,mailSizeMax
        by self read
        by dn.base="cn=mail,ou=appsrv,dc=ufv,dc=br" read

access to dn.one="ou=people,dc=ufv,dc=br"
        by self read
        by dn.base="cn=ypldap,ou=appsrv,dc=ufv,dc=br" read
        by dn.base="cn=mail,ou=appsrv,dc=ufv,dc=br" read

access to dn.base="ou=people,dc=ufv,dc=br" attrs=entry
        by dn.base="cn=ypldap,ou=appsrv,dc=ufv,dc=br" read
        by dn.base="cn=mail,ou=appsrv,dc=ufv,dc=br" read

################################################################################
# access definition for the root (ufv.br)
################################################################################

access to dn.base="dc=ufv,dc=br" attrs=entry
        by dn.base="cn=ypldap,ou=appsrv,dc=ufv,dc=br" read
        by dn.base="cn=mail,ou=appsrv,dc=ufv,dc=br" read

#######################################################################
# Monitor database definitions
#######################################################################

database monitor

access to dn.subtree="cn=monitor"
        by dn.base="cn=oldap,dc=ufv,dc=br" read
#       by * none

Just installed qmail+ldap: i am loosing my hairs

Friedrich Locke — 2013-01-14T15:17:35

Hi folks,

I have just finnished installing my qmail-ldap system. I am trying to send
me a local message, but no success so far.

Here is what i am trying:

sioux< at >gustav$ echo to: vlobo |
/var/qmail/bin/qmail-inject
sioux< at >gustav$


Here is what i got from qmail-ldap logs:

< at >4000000050f4201a17a0e594 new msg 1039956
< at >4000000050f4201a17a0e97c info msg 1039956: bytes 220 from <
sioux< at >gustav.cpd.ufv.br> qp 4069 uid 1000
< at >4000000050f4201a17a1761c starting delivery 21: msg 1039956 to local
vlobo< at >gustav.cpd.ufv.br
< at >4000000050f4201a17a1df94 status: local 1/100 remote 0/400
< at >4000000050f4201a17d130dc delivery 21: deferral:
Temporary_failure_in_LDAP_lookup._(#4.4.3)./
< at >4000000050f4201a17d1f814 status: local 0/100 remote 0/400


Here is what i get from qmail-ldaplookup:

gustav# ../bin/qmail-ldaplookup -d 255 -m vlobo< at >gustav.cpd.ufv.br
Searching ldap for: (|(mail=vlobo< at >gustav.cpd.ufv.br)(mailAlternateAddress=
vlobo< at >gustav.cpd.ufv.br)))
under dn: ou=people,dc=ufv,dc=br
qmail-ldaplookup: fatal: qldap_filter: unspecified error
gustav#


And here is what i got from slapd log:

50f42010 ber_get_next on fd 14 failed errno=0 (Undefined error: 0)
50f42010 connection_read(14): input error=-2 id=1047, closing.
50f42010 connection_closing: readying conn=1047 sd=14 for close
50f42010 daemon: activity on 1 descriptor
50f42010 daemon: waked
50f42010 daemon: select: listen=5 active_threads=0 tvp=zero
50f42010 daemon: select: listen=6 active_threads=0 tvp=zero
50f42010 daemon: select: listen=7 active_threads=0 tvp=zero
50f42010 daemon: select: listen=8 active_threads=0 tvp=zero
50f42010 daemon: select: listen=9 active_threads=0 tvp=zero
50f42010 connection_close: deferring conn=1047 sd=14
50f42010 conn=1047 op=1 do_unbind
50f42010 conn=1047 op=1 UNBIND
50f42010 connection_resched: attempting closing conn=1047 sd=14
50f42010 connection_close: conn=1047 sd=14
50f42010 daemon: removing 14
50f42010 conn=1047 fd=14 closed

But when i try by hand:

sioux< at >gustav$ ldapsearch -D cn=mail,ou=appsrv,dc=ufv,dc=br -b
ou=people,dc=ufv,dc=br -h localhost -W \(\|\(mail=vlobo< at >gustav.cpd.ufv.br
\)\(mailAlternateAddress=vlobo< at >gustav.cpd.ufv.br\)\)
Enter LDAP Password:
# extended LDIF
#
# LDAPv3
# base <ou=people,dc=ufv,dc=br> with scope subtree
# filter: (|(mail=vlobo< at >gustav.cpd.ufv.br)(mailAlternateAddress=
vlobo< at >gustav.cpd.ufv.br))
# requesting: ALL
#

# vlobo, people, ufv.br
dn: uid=vlobo,ou=people,dc=ufv,dc=br
uid: vlobo
objectClass: organizationalRole
objectClass: posixAccount
objectClass: qmailUser
homeDirectory: /home/vlobo
userPassword:: e1NBU0x9dmxvYm9AVUZWLkJS
mail: valter.lobo< at >gustav.cpd.ufv.br
mailAlternateAddress: vlobo< at >gustav.cpd.ufv.br
mailHost: gustav.cpd.ufv.br
mailMessageStore: vlobo

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1
sioux< at >gustav$


Everything works. What am i doing wrong ?

qmail-ldap failed to compile

Friedrich Locke — 2013-01-14T12:42:18

Hi!

I am trying to install qmail-ldap in my server, but i am getting problems
related to compilation. Here you have it:

...
...
nroff -man forgeries.7 > forgeries.0
./load auth_dovecot auth_mod.o checkpassword.o passwd.o digest_md4.o
digest_md5.o digest_rmd160.o digest_sha1.o base64.o read-ctrl.o  getopt.a
control.o qldap.a dirmaker.o mailmaker.o localdelivery.o  locallookup.o
pbsexec.o constmap.o getln.a strerr.a substdio.a  stralloc.a env.a wait.a
dns.o ip.o ipalloc.o ipme.o alloc.a str.a  case.a fs.a error.a
timeoutconn.o timeoutread.o ndelay.a open.a  prot.o auto_uids.o
auto_qmail.o -L/usr/local/lib -lldap -llber   `cat dns.lib` `cat socket.lib`
/usr/local/lib/libldap.so.12.0: warning: strcpy() is almost always misused,
please use strlcpy()
/usr/local/lib/libldap.so.12.0: warning: strcat() is almost always misused,
please use strlcat()
/usr/local/lib/libldap.so.12.0: warning: sprintf() is often misused, please
use snprintf()
auth_dovecot.o(.text+0x26f): In function `auth_init':: undefined reference
to `loglevel'
auth_dovecot.o(.text+0x27b): In function `auth_init':: undefined reference
to `loglevel'
collect2: ld returned 1 exit status
*** Error code 1

Stop in /tmp/qmail-1.03 (line 132 of Makefile).
gustav#

I am using qmail 1.03 and qmail-ldap-1.03-20120221.patch.gz

Any ideia about my mistake ?

studing qmail-ldap

Friedrich Locke — 2013-01-13T17:46:58

Hi!

i am studing qmail-ldap solution and some doubts arose.

I would like to integrate qmail-ldap with my current unix user base.

My base tree for posix accounts is: dc=people,ou=abc,ou=de. So for instance
if a have a user called vlobo, its dn is: uid=vlobo,ou=people,dc=abc,dc=de.
Since it is a unix user, its entry object class is posixAccount.
Since, i want this same unix user as a qmail user, I added an object class
qmailUser to the same posixAccount entry.

First doubt: is it wrong ?

For the qmailUser, the only mandatory attribute is "mail". So, when i
should add the objectClass qmailUser, I must, at least, define this
attribute, right?

So, what would it be procedures in order to remove the user vlobo as qmail
user ? Should I "take" out the qmailUser attributes for the given entry ?
How should I do it ?

Thanks in advance.

YNT: Re: qmail cluster

Ismail Yenigul — 2013-01-13T08:09:42

Hi Friedrich

Yes correct.




-Sent from Galaxy NoteFriedrich Locke <friedrich.locke< at >gmail.com> yazdı:Thanks Ismail,

let me see if i understood correctly!

For each domain, i set one single MX pointing to my domain.
Then add the mx record in my domain context for each of the mail server.

It will be one mx record pointing to my domain's mx record and n ( the number of mail server) in my domain dns for each mail server, i.e. :

1k domain records + 5 mail servers record.

Right ?


On Sat, Jan 12, 2013 at 6:06 PM, Ismail YENIGUL <ismail.yenigul< at >surgate.com> wrote:
Hi Friedrich,

You do not have to setup 5 mx.  If you distribute users on qmail backends via mailhost entry on LDAP.
Just create a A DNS record for each mailhost.  and define a MX record has 5 IP address.

example dns settings for all domains:
IN  MX mx.mymasterdomain.com


mx IN A 192.168.1.1
mx IN A 192.168.1.2
mx IN A 192.168.1.3
mx IN A 192.168.1.4
mx IN A 192.168.1.5

mail1 IN A 192.168.1.1
mail2 IN A 192.168.1.2
mail3 IN A 192.168.1.3
mail4 IN A 192.168.1.4
mail5 IN A 192.168.1.5

Do you have any antispam gateway in front of the mail servers? If you have,some antispam gateway solutions have a feature to lookup
mailhost entry on LDAP and directly forward email to correct mailhost.

If you define all domain names in control/locals control/rcphosts, hosts will forward the mail to correct mailhost via QMQP protocol.
This is the same for POP3/IMAP sessions.

Thanks


On 12.01.2013 17:31, Friedrich Locke wrote:
Hi.

I am willing to try qmail+ldap. Some doubts arose!
The scenario would be:

1 ldap server,
5 qmail servers,
1K domain
30K users.

My doubt is the following:

These 1k domain may be served by any of the 5 qmail server, ok? Will i have to include 5 mx recorder for each of the 1k domain?
That will make 5k entries in my dns server, is that right ?

thanks in advance.

qmail cluster

Friedrich Locke — 2013-01-12T15:31:07

Hi.

I am willing to try qmail+ldap. Some doubts arose!
The scenario would be:

1 ldap server,
5 qmail servers,
1K domain
30K users.

My doubt is the following:

These 1k domain may be served by any of the 5 qmail server, ok? Will i have
to include 5 mx recorder for each of the 1k domain?
That will make 5k entries in my dns server, is that right ?

thanks in advance.

fetching email via pop3

Friedrich Locke — 2012-12-22T12:19:26

Hi list members,

in a qmail-ldap cluster implementation i can set the box where the email
for a given pop3 account will be stored.

What happens if my client (the owner of that pop3 account in particular)
connect to a different box in order to fetch his/her emails ?
I ask because in a cluster system, the user should be able to abstract
things like box hostnames, right ?

Thanks for your time and cooperation.

Fried.

qmail-ldap pop3 auth problem

gpl4all — 2012-10-29T16:13:44

hi all,

i'm having an issue to use latest qmail-ldap patch on debian squeeze

ldap configured correctly
qmail-smtpd working find, all incoming emails accepted
qmail-pop3d is not working so i try to test with qmail-ldaplookup
qmail-ldaplookup able to search for stored emails with -m but not with -u

when i do:
/var/qmail/bin/qmail-ldaplookup -u info (or -u info< at >mydomain.com), the
response are:
==================================================
Searching ldap for: (mail=info)
under dn: ou=accounts, dc=mydomain, dc=com
No entries found.

qmail-ldaplookup: fatal: qldap_first: no such object
==================================================
and slapd logs shows:
==================================================
Oct 29 23:03:36 mydomain slapd[3298]: conn=1004 fd=13 ACCEPT from
IP=[::1]:55750 (IP=[::]:389)
Oct 29 23:03:36 mydomain slapd[3298]: conn=1004 op=0 BIND
dn="cn=admin,dc=mydomain,dc=com" method=128
Oct 29 23:03:36 mydomain slapd[3298]: conn=1004 op=0 BIND
dn="cn=admin,dc=mydomain,dc=com" mech=SIMPLE ssf=0
Oct 29 23:03:36 mydomain slapd[3298]: conn=1004 op=0 RESULT tag=97 err=0 text=
Oct 29 23:03:36 mydomain slapd[3298]: conn=1004 op=1 SRCH
base="ou=accounts,dc=mydomain,dc=com" scope=2 deref=0
filter="(mail=info)"
Oct 29 23:03:36 mydomain slapd[3298]: conn=1004 op=1 SRCH attr=mail
mailAlternateAddress mail qmailUID qmailGID accountStatus mailHost
mailMessageStore homeDirectory mailQuotaSize mailQuotaCount
mailForwardingAddress deliveryProgramPath deliveryMode mailReplyText
qmailDotMode mailSizeMax objectClass
Oct 29 23:03:36 mydomain slapd[3298]: conn=1004 op=1 SEARCH RESULT
tag=101 err=0 nentries=0 text=
Oct 29 23:03:36 mydomain slapd[3298]: conn=1004 op=2 UNBIND
Oct 29 23:03:36 mydomain slapd[3298]: conn=1004 fd=13 closed
==================================================


but it works with -m, when i run:
/var/qmail/bin/qmail-ldaplookup -m info< at >mydomain.com the response are:
==================================================
Searching ldap for:
(|(mail=info< at >mydomain.com)(mailAlternateAddress=info< at >mydomain.com))
under dn: ou=accounts, dc=mydomain, dc=com
Found 1 entry:

dn: uid=info,ou=accounts,dc=mydomain,dc=com
-------------------------------------------------------
objectClass: top
objectClass: person
objectClass: inetOrgPerson
objectClass: qmailUser
mail: info< at >mydomain.com
mail: info< at >mydomain.com
accountStatus: undefined -> active
mailHost: mx.mydomain.com
homeDirectory: /var/qmail/maildirs/info
aliasEmpty: using default
qmailDotMode: ldaponly
qmailUID: 11184
qmailGID: 2110
mailQuotaSize: 0 (unlimited)
mailQuotaCount: 0 (unlimited)
mailSizeMax: 0 (unlimited)
mailReplyText: undefined
==================================================
and slapd log shows:
==================================================
Oct 29 23:06:26 mydomain slapd[3298]: conn=1005 fd=13 ACCEPT from
IP=[::1]:55847 (IP=[::]:389)
Oct 29 23:06:26 mydomain slapd[3298]: conn=1005 op=0 BIND
dn="cn=admin,dc=mydomain,dc=com" method=128
Oct 29 23:06:26 mydomain slapd[3298]: conn=1005 op=0 BIND
dn="cn=admin,dc=mydomain,dc=com" mech=SIMPLE ssf=0
Oct 29 23:06:26 mydomain slapd[3298]: conn=1005 op=0 RESULT tag=97 err=0 text=
Oct 29 23:06:26 mydomain slapd[3298]: conn=1005 op=1 SRCH
base="ou=accounts,dc=mydomain,dc=com" scope=2 deref=0
filter="(|(mail=info< at >mydomain.com)(mailAlternateAddress=info< at >mydomain.com))"
Oct 29 23:06:26 mydomain slapd[3298]: conn=1005 op=1 SRCH attr=mail
mailAlternateAddress mail qmailUID qmailGID accountStatus mailHost
mailMessageStore homeDirectory mailQuotaSize mailQuotaCount
mailForwardingAddress deliveryProgramPath deliveryMode mailReplyText
qmailDotMode mailSizeMax objectClass
Oct 29 23:06:26 mydomain slapd[3298]: <= bdb_equality_candidates:
(mailAlternateAddress) not indexed
Oct 29 23:06:26 mydomain slapd[3298]: conn=1005 op=1 SEARCH RESULT
tag=101 err=0 nentries=1 text=
Oct 29 23:06:26 mydomain slapd[3298]: conn=1005 op=2 UNBIND
Oct 29 23:06:26 mydomain slapd[3298]: conn=1005 fd=13 closed
==================================================

is there something i missed so qmail-pop3d unable to authenticate? TIA.

Best regard,
Ferri Andy Ch.

SRS patch for qmail-ldap-1.03-20120221

Berger Stefan — 2012-10-24T14:13:03

Hi all,

i would like to know if anyone has an SRS patch for
qmail-ldap-1.03-20120221 ?
There is a patch for qmail-ldap-1.03-20060201 but it doesn't apply to
the new version
You can find the patch at
http://qmail-ldap-smtpauthuser.googlecode.com/svn-history/r26/trunk/qmai
l-ldap-1.03-20060201-SRS.patch 
Maybe there is another solution but I haven't found one

Regards
Stefan Berger

qmail-ldap

Sipringo Inc — 2012-10-15T17:32:21

Hi,

I'm a newbie of qmail-ldap and I'd like to learn what other patches are
already available via
*qmail-ldap-1.03-20120221*<http://www.nrg4u.com/qmail/qmail-ldap-1.03-20120221.patch.gz>
patch <http://www.nrg4u.com/qmail/qmail-ldap-1.03-20120221.patch.gz>

Thx
** <http://www.nrg4u.com/qmail/qmail-ldap-1.03-20120221.patch.gz>

Earn extra from Part-time Ad Campaign !

RED BULL INT — 2012-09-20T16:38:07

Hello,




We have a part time job vacancy for individual that would like to take part in
the RED BULL global advertisement campaign. How would you like to make extra
money by simply driving your car advertising for RED BULL?





How it works?


Here’s the basic premise of the "paid to drive" Ad concept.  RED BULL Ad
managers are searching for people, regular citizens,professional and
professional drivers to go about their normal routine as they usually do, only
with an advert for "RED BULL" plastered on your car. The ads are typically vinyl
decals, also known as "auto wraps, that seem to be painted on the vehicle and
which could cover any portion of your car's exterior surface.


What does the company get out of this type of ad strategy? Lots of exposure and
awareness. The auto wraps tend to be colorful, eye-catching and attract lots of
attention. Plus, it's a form of advertising with a captive audience, meaning
people get to notice them and for those in big cities, people who are stuck in
traffic can't avoid seeing the wrapped car alongside them.




This program will last for 3 months and the minimum you can participate is1
month. You will be compensated with $300 per week which is essentially a
"rental"payment for letting our company use the space on your car. No fee is
required from you. RED BULL shall provide experts that would handle the advert
placing on your car. You will receive an up front payment of $300 inform of
check via courier service for accepting to carry this advert on your car.




It is very easy and simple, no application fees required. If you are interested
in this offer please reply to this email along with the requested info below.


Full Name:
Home Address:
City:
State:
Zip code:
Make of car/ year:
Telephone numbers:
Other email address




Kindly send the requested information

It's important to have your Agent No available always in order to access your
application in our database.  We shall be contacting you as soon as we receive
the required information.





Sincerely,
Sarah Jackson
Hiring Manager,
Red Bull(TM

block attachments on per user basis

Mario Remy Almeida — 2012-09-17T12:03:01

Hi All,

Dose anyone has a patch for qmail-ldap to block attachments on per user 
basis?

For example:
user1< at >example.com is allowed to send emails but user2< at >example.com is not 
allowed to send emails with attachments.

gmail-greylist on CentOS 6.3

Mario Remy Almeida — 2012-08-30T12:59:24

Hi All,

Has anyone successed in compiling "gmail-greylist" from 
http://sourceforge.net/projects/qgreylist-pgsql/files/qmail-greylist-pgsql/v1.2.3%20release/ 
on CentOS 6.3 x86_64?

It seems default postgres-devel in CentOS 6 and above do not include 
/usr/lib64/libpq.a.

Using a certificate with private key encrypted

Fran Márquez — 2012-08-14T11:47:52

Hello friends,

I hope somebody can resolve my doubt. Can I use a certificate with
encrypted private key in qmail-ldap?

I have bought a SSL certificate for my organization. This SSL
certificate was implemented on my apache web server without problem (I
only need insert the private key's password when I start apache
service), but in the case of qmail, when I use this private key, the
service doesn't work.

Can I configure qmail in any manner for it ask me the password of
private key at first start?

I think that is not very sure store the private key without password
protection in a server exposed to Internet... If somebody break my
server, can take the private key easily.

Regards,
Fran M.