Sendmail + LDAP

M

mr_brightside

Hi,

I have Sendmail on FreeBSD 8.1:

Code: 
[root@test2 /etc/mail]# sendmail -bt -d0.1 root
Version 8.14.4
 Compiled with: DNSMAP LDAPMAP LOG MAP_REGEX MATCHGECOS MILTER MIME7TO8
                MIME8TO7 NAMED_BIND NETINET NETINET6 NETUNIX NEWDB NIS
                PIPELINING SASLv2 SCANF STARTTLS TCPWRAPPERS USERDB
                USE_LDAP_INIT XDEBUG

Then, I've installed an OpenLDAP because I want to put my OS accounts in the LDAP directory as virtual mail accounts:

Code: 
[root@test2 /etc/mail]# pkg_version -v | grep ldap
openldap-sasl-server-2.4.23         =   up-to-date with port

According to:

link 1
link 2

...I've made a domainname.mc file:

Code: 
divert(-1)

divert(0)
VERSIONID(`$FreeBSD: src/etc/sendmail/freebsd.mc,v 1.37.2.2.4.1 2010/12/21 17:09:25 kensmith Exp $')
OSTYPE(freebsd6)
DOMAIN(generic)

FEATURE(access_db, `hash -o -T<TMPF> /etc/mail/access')
FEATURE(blacklist_recipients)
FEATURE(local_lmtp)

FEATURE(mailertable, `hash -o /etc/mail/mailertable')
FEATURE(virtusertable, `hash -o /etc/mail/virtusertable')

define(`confLDAP_DEFAULT_SPEC', `-H test2.domain.ru -b dc=domain,dc=ru')dnl
LDAPROUTE_DOMAIN_FILE(`@LDAP')dnl
FEATURE(`ldap_routing', `ldap -1 -T<TMPF> -v mailHost -k (&(objectClass=inetLocalMailRecipient)(mailLocalAddress=%0))', `ldap -1 -T<TMPF> -v mailRoutingAddres

define(`confCW_FILE', `-o /etc/mail/local-host-names')

TRUST_AUTH_MECH(`LOGIN')dnl
define(`confAUTH_MECHANISMS', `LOGIN')dnl

DAEMON_OPTIONS(`Name=IPv4, Family=inet')
DAEMON_OPTIONS(`Name=IPv6, Family=inet6, Modifiers=O')

define(`confBIND_OPTS', `WorkAroundBrokenAAAA')
define(`confNO_RCPT_ACTION', `add-to-undisclosed')
define(`confPRIVACY_FLAGS', `authwarnings,noexpn,novrfy')

MAILER(local)dnl
MAILER(smtp)

Schemas, included in slapd.conf:

Code: 
include         /usr/local/etc/openldap/schema/core.schema
include         /usr/local/etc/openldap/schema/cosine.schema
include         /usr/local/etc/openldap/schema/inetorgperson.schema
include         /usr/local/etc/openldap/schema/nis.schema
include         /usr/local/etc/openldap/schema/misc.schema
include         /usr/local/etc/openldap/schema/sendmail.schema

My LDAP tree:

Code: 
# domain.ru
dn: dc=domain,dc=ru
objectClass: top
objectClass: dcObject
objectClass: organization
o: domain GmbH
dc: domain
description: domain GmbH

# accounts, domain.ru
dn: ou=accounts,dc=domain,dc=ru
objectClass: top
objectClass: organizationalUnit
ou: accounts

# LDAPRoute, domain.ru
dn: sendmailMTAClassName=LDAPRoute,dc=domain,dc=ru
objectClass: sendmailMTA
objectClass: sendmailMTAClass
sendmailMTAHost: test2.domain.ru
sendmailMTAClassName: LDAPRoute
sendmailMTAClassValue: domain.ru

# testuser, accounts, domain.ru
dn: uid=testuser,ou=accounts,dc=domain,dc=ru
objectClass: person
objectClass: posixAccount
objectClass: inetOrgPerson
objectClass: inetLocalMailRecipient
uid: testuser
cn: testuser
sn: testuser
uidNumber: 1003
gidNumber: 1001
mailLocalAddress: testuser@domain.ru
mailHost: test2.domain.ru
mailRoutingAddress: testuser@domain.ru
homeDirectory: /usr/home/virtualmail/testuser/
loginShell: /sbin/nologin
mail: testuser@domain.ru

Now testing:

Code: 
[root@test2 /etc/mail]# sendmail -bv -d60.1 testuser@domain.ru
map_lookup(dequote, test) => NOT FOUND (0)
map_lookup(host, domain.ru) => domain.ru. (0)
map_lookup(dequote, testuser) => NOT FOUND (0)
map_lookup(ldapmra, testuser@domain.ru) => testuser@domain.ru(0)
map_lookup(ldapmh, testuser@domain.ru) => test2.domain.ru (0)
map_lookup(host, domain.ru) => domain.ru. (0)
map_lookup(dequote, testuser) => NOT FOUND (0)
map_lookup(virtuser, testuser@domain.ru) => NOT FOUND (0)
map_lookup(virtuser, @domain.ru) => NOT FOUND (0)
testuser@domain.ru... User unknown

So, it finds the correct record in LDAP, but doesn't want to deliver the mail locally, because the "user is unknown":

maillog:

Code: 
Jul 5 16:21:00 test2 sendmail[15523]: p65CL0xf015523: testuser@domain.ru... User unknown

openldap.log:

Code: 
Jul 5 16:18:16 test2 slapd[789]: <= bdb_equality_candidates: (sendmailMTAClassName) not indexed
Jul 5 16:18:16 test2 slapd[789]: <= bdb_equality_candidates: (sendmailMTACluster) not indexed
Jul 5 16:18:16 test2 slapd[789]: <= bdb_equality_candidates: (sendmailMTAHost) not indexed
Jul 5 16:18:51 test2 slapd[789]: <= bdb_equality_candidates: (mailLocalAddress) not indexed
Jul 5 16:21:00 test2 slapd[789]: <= bdb_equality_candidates: (sendmailMTAClassName) not indexed
Jul 5 16:21:00 test2 slapd[789]: <= bdb_equality_candidates: (sendmailMTACluster) not indexed
Jul 5 16:21:00 test2 slapd[789]: <= bdb_equality_candidates: (sendmailMTAHost) not indexed
Jul 5 16:21:00 test2 slapd[789]: <= bdb_equality_candidates: (mailLocalAddress) not indexed
Jul 5 16:21:00 test2 slapd[789]: <= bdb_equality_candidates: (mailLocalAddress) not indexed

So, I believe that it is the problem of the local mailer, that looks to the passwd database, not in the LDAP database. It does NOT find the correct user and the delivery fails.

So, finally my question is - what am I doing wrong? Maybe I should make some settings in other configurations?

My purpose is to make Sendmail work with a database of virtual users, that are put in the LDAP. No OS accounts, only virtual.

I am looking forward to receiving some replies, I appreciate any help!

Best regards, VY
 
I am trying to do the same thing, just with a little different set:

FreeBSD 9.1
Sendmail 8.14.7
Dovecot 1.2.17
openldap-server-2.4.35

I have read a lot of pages about this (including the two @mr_brightside is referring) and they all refer to the special openldap/schema/sendmail.schema but no references to what is in this schema.

Can anyone point me to where i can read what is/should be in this schema - Perhaps with an example?

Any help is appreciated.

/Mads
 
Last edited by a moderator:
Thank you very much for the documentation. I do not know why I have not seen this page before (It's even the original doc).

That was exactly what I needed.

/Mads
 
You must log in or register to reply here.
Back
Top