Postfix, LDAP, Kerberos, Courier-Authlib, and Courier-IMAP Build
By Grant Carmichael
This build uses ldap aliases in postfix...
Openssl
shell> ./config shared
shell> make
shell> make test
shell> make install
shell> echo "/usr/local/ssl/lib" >> /etc/ld.so.conf
shell> ldconfig
OpenLDAP
shell> ./configure --without-kerberos --without-cyrus-sasl --without-tls --without-threads --disable-slapd --disable-slurpd --disable-debug --disable-shared
shell> make depend
shell> make
shell> make install
shell> echo "/usr/local/lib" >> /etc/ld.so.conf
shell> ldconfig
Postfix
make makefiles CCARGS="-I/usr/local/include -DHAS_LDAP" AUXLIBS="-L/usr/local/lib -lldap -L/usr/local/lib -llber"
Do:
shell> /etc/init.d/sendmail stop
shell> chkconfig sendmail off
shell> mv /usr/sbin/sendmail /usr/sbin/sendmail.OFF
shell> mv /usr/bin/newaliases /usr/bin/newaliases.OFF
shell> mv /usr/bin/mailq /usr/bin/mailq.OFF
shell> chmod 755 /usr/sbin/sendmail.OFF /usr/bin/newaliases.OFF /usr/bin/mailq.OFF
Open: /etc/passwd
At the end add:
postfix:*:12345:12345:postfix:/no/where:/no/shell
Open: /etc/group
At the end add:
postfix:*:12345:
postdrop:*:54321:
Install postfix with:
shell> make install
The Postfix install will ask you some questions. I just accepted the default.
Open: /etc/postfix/main.cf
Change/Configure the following variables:
myhostname = example.example.com
mydomain = example.example.com
myorigin = $myhostname
inet_interfaces = all
mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
mynetworks_style = host
mynetworks = 127.0.0.1
home_mailbox = Maildir/
Start Postfix and send a test message to a user on your system
shell> postfix start
Create LDAP aliases:
Open: /etc/postfix/main.cf
Configure/Set:
alias_maps = ldap:/etc/postfix/ldap-aliases.cf
local_recipient_maps = ldap:/etc/postfix/ldap-users.cf
canonical_maps = ldap:/etc/postfix/ldap-canonical.cf
Create: /etc/postfix/ldap-aliases.cf
Add:
server_host = ldap-1.example.com
search_base = ou=People,dc=example,dc=com
query_filter = (mailAlternateAddress=%s@example.example.com)
result_attribute = mail
bind_dn = cn=Manager,dc=shorter,dc=edu
bind_pw = somepass
version = 3
size_limit = 1
expansion_limit = 0
Create: /etc/postfix/ldap-users.cf
Add:
server_host = ldap-1.example.com
search_base = ou=People,dc=example,dc=com
query_filter = (mailAlternateAddress=%s)
result_attribute = uid
bind_dn = cn=Manager,dc=shorter,dc=edu
bind_pw = somepass
version = 3
size_limit = 1
expansion_limit = 0
Create: /etc/postfix/ldap-canonical.cf
Add:
server_host = ldap-1.example.com
search_base = ou=People,dc=example,dc=com
query_filter = (uid=%s)
result_attribute = studentEmail
bind_dn = cn=Manager,dc=shorter,dc=edu
bind_pw = somepass
version = 3
size_limit = 1
expansion_limit = 0
In an LDAP entry, make sure the "mail" attribute is the actual deliverable address, and "mailAlternateAddress" is some.alias@example.example.com and uid@example.example.com
Courier Authlib
As regular user do:
./configure --with-redhat;make
As root do:
make install
make install-configure
Open:
/usr/local/etc/authlib/authdaemonrc
Add:
authmodulelist="authpam"
Start:
/usr/local/sbin/authdaemond start
Setup the system for Kerberos authentication:
shell> authconfig
Test:
/usr/local/sbin/authtest user password
Courier IMAP
As regular user do:
./configure --with-redhat;make;make check
As root do:
make install
make install-configure
Add the following folders to the system for the script that adds users:
/etc/skel/Maildir
/etc/skel/maildir/cur
/etc/skel/maildir/new
/etc/skel/maildir/tmp
No comments:
Post a Comment