Serveur Mail postfix/dovecot ldap

Tags: #<Tag:0x00007f32d34fca60> #<Tag:0x00007f32d34fc628>

Bonjour à tous,

je suis actuellement en stage et ma mission est de mettre à jour un serveur mail (datant de 2014-2015) tournant sous debian 5 avec un serveur ldap distant.

Ma solution a été de repartir d’un debian plus récent et de tout réinstallé. Cependant les paramètres ayant parfois changé voir disparu la configuration obtenu ne fonctionne pas notamment la partie sur dovecot.

Vous trouverez ci joint la configuration dovecot et postfix de mon nouveau serveur mail, l’ensemble des paramètres sont définis en fonction de l’ancien serveur mail.

postconf -n :

alias_database = ldap:/etc/postfix/ldap/ldap-aliases.cf
alias_maps = ldap:/etc/postfix/ldap/ldap-accounts.cf
append_at_myorigin = yes
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
compatibility_level = 2
delay_warning_time = 4h
dovecot_destination_recipient_limit = 1
inet_interfaces = all
inet_protocols = all
mailbox_size_limit = 0
message_size_limit = 15728640
mydestination = smtp.domain .fr,smtp,localhost.localdomain,localhost
myhostname = machinetest.domain fr
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
readme_directory = no
recipient_delimiter = +
relayhost =
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_rbl_client bl.spamcop net, reject_rbl_client cbl.abuseat org, reject_rbl_client sbl-xbl spamhaus org, reject_rbl_client list dsbl org, permit
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_hostname, reject_invalid_hostname, permit
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_recipient, reject_unknown_recipient_domain, reject_unauth_destination, permit
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_tls_auth_only = no
smtpd_tls_cert_file = /etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file = /etc/ssl/private/ssl-cert-snakeoil.key
smtpd_tls_loglevel = 1
smtpd_tls_security_level = may
smtpd_use_tls = yes
strict_rfc821_envelopes = yes
virtual_alias_maps = ldap:/etc/postfix/ldap/ldap-aliases.cf, ldap:/etc/postfix/ldap/ldap-maildrop.cf
virtual_mailbox_domains = ldap:/etc/postfix/ldap/ldap-domains.cf
virtual_mailbox_maps = ldap:/etc/postfix/ldap/ldap-accounts.cf, ldap:/etc/postfix/ldap/ldap-maildrop.cf
virtual_transport = dovecot

doveconf -n :

# 2.3.4.1 (f79e8e7e4): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.4 ()
# OS: Linux 4.19.0-8-amd64 x86_64 Debian 10.3 ext4
# Hostname: machinetest x fr
first_valid_gid = 11111
first_valid_uid = 11111
last_valid_gid = 11111
last_valid_uid = 11111
log_timestamp = "%Y-%m-%d %H:%M:%S "
mail_fsync = never
mail_gid = 11111
mail_location = mbox:/var/mail/%n
mail_plugins = " quota"
mail_privileged_group = vmail
mail_uid = 11111
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext
namespace inbox {
  inbox = yes
  location = 
  mailbox Drafts {
    special_use = \Drafts
  }
  mailbox Junk {
    special_use = \Junk
  }
  mailbox Sent {
    special_use = \Sent
  }
  mailbox "Sent Messages" {
    special_use = \Sent
  }
  mailbox Trash {
    special_use = \Trash
  }
  prefix = 
  separator = /
}
passdb {
  args = /etc/dovecot/dovecot-ldap.conf.ext
  driver = ldap
}
plugin {
  quota = maildir:User quota
  quota_rule = *:storage=1G
  quota_rule2 = Trash:storage=10%%
  quota_rule3 = Junk:storage=20%%
  quota_warning = storage=90%% quota-warning 90 %u
  recipient_delimiter = +
  sieve = file:~/sieve;active=~/.dovecot.sieve
  sieve_before = /etc/dpvecpt-sieve-global
  sieve_quota_max_storage = 0
}
protocols = imap lmtp sieve
service auth-worker {
  user = vmail
}
service auth {
  unix_listener /var/spool/postfix/private/auth {
    group = postfix
    mode = 0660
    user = postfix
  }
}
service imap-login {
  inet_listener imap {
    port = 143
  }
}
service imap {
  process_min_avail = 1
  service_count = 64
}
service lmtp {
  unix_listener /var/spool/postfix/private/dovecot-lmtp {
    group = postfix
    mode = 0600
    user = postfix
  }
}
service managesieve-login {
  inet_listener sieve {
    port = 4190
  }
  service_count = 1
}
service quota-warning {
  executable = script /etc/dovecot/quota.sh
  unix_listener quota-warning {
    user = vmail
  }
  user = vmail
}
service stats {
  unix_listener stats-reader {
    group = vmail
    mode = 0660
    user = vmail
  }
  unix_listener stats-writer {
    group = vmail
    mode = 0660
    user = vmail
  }
}
ssl_cert = </etc/dovecot/private/dovecot.pem
ssl_client_ca_dir = /etc/ssl/certs
ssl_dh = # hidden, use -P to show it
ssl_key = # hidden, use -P to show it
userdb {
  driver = prefetch
}
userdb {
  args = /etc/dovecot/dovecot-ldap.conf.ext
  driver = ldap
}
protocol lda {
  info_log_path = 
  log_path = 
  mail_plugins = sieve quota
  postmaster_address = postmaster x fr
  quota_full_tempfail = yes
}
protocol imap {
  mail_plugin_dir = /usr/lib/dovecot/modules/imap
  mail_plugins = " quota imap_sieve imap_quota"
}
protocol lmtp {
  auth_socket_path = /var/run/dovecot/auth-master
  hostname = smtp x fr
  mail_plugin_dir = /usr/lib/dovecot/modules/lda
  mail_plugins = " quota sieve quota"
  postmaster_address = postmaster x fr
}

j’obtiens les erreurs suivantes lors de l’envoi d’un mail avec la commande suivante :

Apr 27 16:03:16 machinetest postfix/qmgr[5122]: 339AC1C06A7: from=<root machinetest x fr>, size=376, nrcpt=1 (queue active)
Apr 27 16:03:17 machinetest postfix/qmgr[5122]: 5540E1C06A0: from=<root machinetest x fr>, size=376, nrcpt=1 (queue active)
Apr 27 16:03:17 machinetest dovecot: auth: Fatal: ldap /etc/dovecot/dovecot-ldap.conf.ext: Error in configuration file /etc/dovecot/dovecot-ldap.conf.ext line 16: Unknown setting: user_global_uid
Apr 27 16:03:17 machinetest dovecot: master: Error: service(auth): command startup failed, throttling for 60 secs
Apr 27 16:03:17 machinetest dovecot: lda(b.dietrich x fr)<5400><>: Error: userdb lookup(b.dietrich x fr): Disconnected unexpectedly
Apr 27 16:03:17 machinetest dovecot: lda(b.dietrich x fr)<5399><>: Error: userdb lookup(b.dietrich x fr): Disconnected unexpectedly
Apr 27 16:03:17 machinetest dovecot: lda: Fatal: Internal error occurred. Refer to server log for more information.
Apr 27 16:03:17 machinetest dovecot: lda: Fatal: Internal error occurred. Refer to server log for more information.
Apr 27 16:03:17 machinetest postfix/pipe[5397]: 339AC1C06A7: to=<b.dietrich x fr>, relay=dovecot, delay=1117, delays=1117/0.25/0/0.03, dsn=4.3.0, status=deferred (temporary failure)
Apr 27 16:03:17 machinetest postfix/pipe[5398]: 5540E1C06A0: to=<b.dietrich x fr>, relay=dovecot, delay=2180, delays=2180/0.01/0/0.03, dsn=4.3.0, status=deferred (temporary failure)

Edit de la modération : Que fait ce post dans le forum « Programmation » ??? :frowning:
Conformément à la FAQ, merci de veiller à faire attention à publier dans le forum adéquate !!!

Faites l’effort de mettre les choses au bon endroit, afin que nous puissions passer plus de temps à discuter et moins à ranger. Ainsi :

Ne commencez pas un sujet dans la mauvaise catégorie.

Déplacement dans « Support » !

Bonjour,

Il y a une erreur très explicite :

Il faut s’assurer que l’authentification des utilisateurs via LDAP est bien configurée.

https://doc.dovecot.org/configuration_manual/authentication/ldap/