On Mon, 2015-12-14 at 09:10 -0600, Manuel Delgado wrote:
This is more a postfix question but I have done this configs before in a BETA-Lab and it's a real pain. I'll be glad to help if I can.
I my environment I had postfix directly authenticating SASL with the IPA server (FreeIPA) using Cyrus SASL libs. In IPA the service most be registered with principal smtp/HOSTNAME.
I managed to get past the SASL GSSAPI errors in postfix and now I'm seeing this in dovecot whenever postfix tries to deliver a message via lmtp:
Dec 14 17:24:49 mailman02 dovecot: auth: Debug: password( ranbir@theinside.rnr,DESKTOP): passdb doesn't support credential lookups Dec 14 17:24:49 mailman02 dovecot: auth: Debug: password( ranbir@theinside.rnr,DESKTOP): Credentials: Dec 14 17:24:49 mailman02 dovecot: auth: Debug: client passdb out: OK 1 user=ranbir@theinside.rnr Dec 14 17:24:49 mailman02 dovecot: imap(ranbir@theinside.rnr): Debug: acl vfile: file /var/spool/mail/thesandhufamily.ca/ranbir/Maildir/.Sent/dovecot-acl not found Dec 14 17:24:49 mailman02 dovecot: lmtp(15525): Debug: none: root=, index=, indexpvt=, control=, inbox=, alt= Dec 14 17:24:49 mailman02 dovecot: lmtp(15525): Connect from POSTFIX Dec 14 17:24:49 mailman02 dovecot: auth: Debug: master in: USER 2 ranbir@thesandhufamily.ca service=lmtp lip=DOVEC OT lport=24 rip=POSTFIX rport=56214 Dec 14 17:24:49 mailman02 dovecot: auth-worker(15521): Debug: passwd( ranbir@thesandhufamily.ca,POSTFIX): lookup Dec 14 17:24:50 mailman02 dovecot: auth-worker(15521): passwd( ranbir@thesandhufamily.ca,POSTFIX): unknown user Dec 14 17:24:50 mailman02 dovecot: auth: Debug: userdb out: NOTFOUND 2
Obviously postfix replies the with a "user doesn't exist" message.
I've tried creating a ldap_aliases file (and I added the config in main.cf) which should allow postfix to do a bind to my freeipa box, but postfix appears to never even try the ldap lookup. A manual testworks OK, so I know the ldap_alises file was done correctly.
Is it possible in Dovecot to translate the mail address lookup from postfix into just a "uid" search? If I could do that, Dovecot would find "ranbir" and report back to postfix the user exists.
-- Ranbir