[Dovecot] LMTP: Rejecting unknown users

4 Aug 2010 · *all*


      Hi!
I'm using static results in LDAP-lookups:
uris = ldap://127.0.0.1
dn = xxxxxxxxxxxxx
dnpass = xxxxxxxxxxxx
tls = no
ldap_version = 3
base = xxxxxxxxxxxxxxxxx
user_attrs =
=home=/mail/%d/%n,=uid=10000,=gid=10000,jpberlinMailQuota=quota_rule=*:storage=%$B
user_filter = (email=%u)
pass_attrs = userPassword=password
pass_filter = (email=%u)
default_pass_scheme = PLAIN
Unfortunately, LMTP accepts mail for *all* users, even for those users,
that doesn't exist in LDAP at all:
010-08-04 12:27:58 auth: Debug: Loading modules from
directory: /usr/lib/dovecot/modules/auth
2010-08-04 12:27:58 auth: Debug: auth client connected (pid=10049)
2010-08-04 12:27:58 lmtp(10054): Debug: none: root=, index=, control=,
inbox=
2010-08-04 12:27:58 auth: Debug: master in: USER        1

tessdfdfgdsft@example.org       service=lmtp    lip=(null)      r
ip=(null)
2010-08-04 12:27:58 auth: Debug:
ldap(tessdfdfgdsft@example.org,0.0.0.0): user search:
base=xxxxxxxxxxxxxxxxxxx
2010-08-04 12:27:58 auth: Debug:
ldap(tessdfdfgdsft@example.org,0.0.0.0): no fields returned by the
server
2010-08-04 12:27:58 auth: Debug: master out: USER       1

tessdfdfgdsft@example.org       home=/mail/example.org/tessdfdfgd
sft    uid=10000       gid=10000
2010-08-04 12:27:58 lmtp(10054): Debug: auth input:
tessdfdfgdsft@example.org home=/mail/example.org/tessdfdfgdsft
uid=10000 gid=
10000
2010-08-04 12:27:58 lmtp(10054, tessdfdfgdsft@example.org): Debug:
Effective uid=10000, gid=10000, home=/mail/example.org/tessdfd
fgdsft
2010-08-04 12:27:58 lmtp(10054, tessdfdfgdsft@example.org): Debug:
Namespace : type=private, prefix=, sep=/, inbox=yes, hidden=no
, list=yes, subscriptions=yes
2010-08-04 12:27:58 lmtp(10054, tessdfdfgdsft@example.org): Debug:
maildir++: root=/mail/example.org/tessdfdfgdsft/Maildir, index
=, control=, inbox=/mail/example.org/tessdfdfgdsft/Maildir
2010-08-04 12:27:58 lmtp(10054, tessdfdfgdsft@example.org): Debug:
Namespace : type=shared, prefix=shared/%u/, sep=/, inbox=no, h
idden=no, list=children, subscriptions=no
2010-08-04 12:27:58 lmtp(10054, tessdfdfgdsft@example.org): Debug:
shared: root=/var/run/dovecot, index=, control=, inbox=
Looks like the "allow_all_users"-Problem from the static database. :-)
How can I tell LMTP do reject Mails to users, that doesn't exist in the
database/LDAP?
It's much better to do this in Dovecot/LMTP then in Postfix-Relay (which
can then use LMTP for dynamic address verification).
Peer
--
Heinlein Professional Linux Support GmbH
Linux: Akademie - Support - Hosting
http://www.heinlein-support.de
Tel: 030-405051-42
Fax: 030-405051-19
Zwangsangaben lt. §35a GmbHG:
HRB 93818 B / Amtsgericht Berlin-Charlottenburg,
Geschäftsführer: Peer Heinlein  -- Sitz: Berlin