imip-agent

Annotated docs/wiki/MailIntegration--LDAP

1334:f490ac87ee22
2017-10-17 Paul Boddie Fixed debugging output. client-editing-simplification
paul@951 1
= LDAP Mail Integration =
paul@951 2
paul@951 3
LDAP can be used to identify mail recipients by configuring the mail transport
paul@951 4
agent (MTA) to issue queries to a suitable service. Where necessary, the
paul@951 5
following definitions need to be incorporated into the example configuration
paul@951 6
files given below:
paul@951 7
paul@951 8
|| '''Definition'''        || '''Purpose''' ||
paul@951 9
|| `LDAP_SERVICE_BIND_DN`  || LDAP user identity to connect to the service ||
paul@951 10
|| `LDAP_SERVICE_PASSWORD` || LDAP user password for connection ||
paul@951 11
|| `LDAP_HOST`             || The host providing the LDAP service ||
paul@951 12
|| `LDAP_PORT`             || The port number of the LDAP service ||
paul@951 13
|| `LDAP_BASE_DN`          || The section of the database to search ||
paul@951 14
paul@951 15
== Using LDAP with Exim ==
paul@951 16
paul@951 17
Example configuration files for Exim are distributed in `conf/exim/ldap`:
paul@951 18
paul@951 19
{{{#!table
paul@951 20
'''File''' || '''Purpose'''
paul@951 21
==
paul@951 22
`010_exim4-config_ldap_people_outgoing`
paul@951 23
||<rowspan="4"> Defines recipients and outgoing mail routing
paul@951 24
==
paul@951 25
`020_exim4-config_ldap_people`
paul@951 26
==
paul@951 27
`020_exim4-config_ldap_resources`
paul@951 28
==
paul@951 29
`020_exim4-config_ldap_people_outgoing_recipients`
paul@971 30
}}}
paul@971 31
paul@976 32
Where [[../LocalSMTP|local SMTP routing]] is being performed ''and'' the
paul@976 33
recipients are local system users, the following file is also useful:
paul@971 34
paul@971 35
{{{#!table
paul@971 36
'''File''' || '''Purpose'''
paul@969 37
==
paul@976 38
`020_exim4-config_ldap_people_local_system`
paul@971 39
|| Defines routing for local recipients for delivery to local system
paul@971 40
.. mailboxes
paul@951 41
}}}
paul@951 42
paul@951 43
These files can be incorporated into the Exim configuration. On Debian
paul@951 44
systems, they can be copied into `/etc/exim4/conf.d/router`.
paul@951 45
paul@951 46
== Using LDAP with Postfix ==
paul@951 47
paul@951 48
Example configuration files for Postfix are distributed in `conf/postfix/ldap`:
paul@951 49
paul@951 50
{{{#!table
paul@951 51
'''File''' || '''Purpose'''
paul@951 52
==
paul@951 53
`main.cf.example`
paul@951 54
|| Defines recipients and outgoing mail routing (for inclusion in `main.cf`)
paul@951 55
==
paul@951 56
`virtual_alias_maps_people.cf`
paul@951 57
||<rowspan="3"> Defines recipients and outgoing mail routing
paul@951 58
==
paul@951 59
`virtual_alias_maps_people_outgoing.cf`
paul@951 60
==
paul@951 61
`virtual_alias_maps_resources.cf`
paul@951 62
}}}
paul@951 63
paul@978 64
The following files are common to LDAP and [[../Simple|simple]] integration
paul@978 65
and are found in `conf/postfix`:
paul@978 66
paul@978 67
{{{#!table
paul@978 68
'''File''' || '''Purpose'''
paul@978 69
==
paul@978 70
`master.cf.items`
paul@978 71
|| Mail handler definitions for the imip-agent transports
paul@978 72
==
paul@978 73
`transport`
paul@978 74
|| Transport definitions for `/etc/postfix/transport`
paul@978 75
==
paul@978 76
`virtual`
paul@978 77
|| Outgoing message routing for `/etc/postfix/virtual`
paul@978 78
}}}
paul@978 79
paul@978 80
These files can be incorporated into the Postfix configuration. On Debian
paul@978 81
systems, `master.cf.items` can be merged into `/etc/postfix/master.cf`,
paul@978 82
whereas the other files can be merged into any existing files of the same
paul@978 83
names in `/etc/postfix`.
paul@971 84
paul@951 85
== LDAP Representations for Mail Recipients ==
paul@951 86
paul@951 87
Relevant LDAP resources for structuring recipient information include the
paul@951 88
following:
paul@951 89
paul@951 90
{{{#!table
paul@951 91
'''RFC''' || '''Relevance'''
paul@951 92
==
paul@969 93
[[http://tools.ietf.org/html/rfc2307|RFC 2307]]
paul@969 94
|| Defines the `posixAccount` object class
paul@969 95
==
paul@969 96
[[https://tools.ietf.org/html/rfc2739|RFC 2739]]
paul@969 97
|| Defines the `calEntry` object class supporting `calFBURL`
paul@951 98
==
paul@951 99
[[http://tools.ietf.org/html/rfc2798|RFC 2798]]
paul@951 100
|| Defines the `inetOrgPerson` object class
paul@951 101
==
paul@969 102
[[http://tools.ietf.org/html/rfc4524|RFC 4524]]
paul@969 103
|| Defines the `mail` attribute
paul@951 104
}}}
paul@951 105
paul@951 106
An additional draft RFC describes the `mailRecipient` object class:
paul@951 107
paul@951 108
 * https://tools.ietf.org/html/draft-lachman-ldap-mail-routing-03
paul@951 109
paul@951 110
Resource schemas for LDAP are not effectively standardised for the purposes of
paul@951 111
this software. A useful object class, `inetResource`, was defined for the
paul@951 112
iPlanet Calendar Server:
paul@951 113
paul@951 114
 * http://docs.oracle.com/cd/E19566-01/819-4437/6n6jckqrf/index.html#anocg
paul@951 115
 * http://docs.oracle.com/cd/E19566-01/819-4437/6n6jckqr8/index.html
paul@951 116
paul@951 117
Although Kolab maintains notions of resources, they are tied up with the
paul@951 118
notion of a shared folder and the `kolabSharedFolder` object class, although the
paul@951 119
`mailRecipient` object class is employed by resources in Kolab.