paul@951 | 1 | = LDAP Mail Integration = |
paul@951 | 2 | |
paul@951 | 3 | LDAP can be used to identify mail recipients by configuring the mail transport |
paul@951 | 4 | agent (MTA) to issue queries to a suitable service. Where necessary, the |
paul@951 | 5 | following definitions need to be incorporated into the example configuration |
paul@951 | 6 | files given below: |
paul@951 | 7 | |
paul@951 | 8 | || '''Definition''' || '''Purpose''' || |
paul@951 | 9 | || `LDAP_SERVICE_BIND_DN` || LDAP user identity to connect to the service || |
paul@951 | 10 | || `LDAP_SERVICE_PASSWORD` || LDAP user password for connection || |
paul@951 | 11 | || `LDAP_HOST` || The host providing the LDAP service || |
paul@951 | 12 | || `LDAP_PORT` || The port number of the LDAP service || |
paul@951 | 13 | || `LDAP_BASE_DN` || The section of the database to search || |
paul@951 | 14 | |
paul@951 | 15 | == Using LDAP with Exim == |
paul@951 | 16 | |
paul@951 | 17 | Example configuration files for Exim are distributed in `conf/exim/ldap`: |
paul@951 | 18 | |
paul@951 | 19 | {{{#!table |
paul@951 | 20 | '''File''' || '''Purpose''' |
paul@951 | 21 | == |
paul@951 | 22 | `010_exim4-config_ldap_people_outgoing` |
paul@951 | 23 | ||<rowspan="4"> Defines recipients and outgoing mail routing |
paul@951 | 24 | == |
paul@951 | 25 | `020_exim4-config_ldap_people` |
paul@951 | 26 | == |
paul@951 | 27 | `020_exim4-config_ldap_resources` |
paul@951 | 28 | == |
paul@951 | 29 | `020_exim4-config_ldap_people_outgoing_recipients` |
paul@971 | 30 | }}} |
paul@971 | 31 | |
paul@971 | 32 | Where [[../LocalSMTP|local SMTP routing]] is being performed, the following |
paul@971 | 33 | file is also useful: |
paul@971 | 34 | |
paul@971 | 35 | {{{#!table |
paul@971 | 36 | '''File''' || '''Purpose''' |
paul@969 | 37 | == |
paul@969 | 38 | `020_exim4-config_ldap_people_local` |
paul@971 | 39 | || Defines routing for local recipients for delivery to local system |
paul@971 | 40 | .. mailboxes |
paul@951 | 41 | }}} |
paul@951 | 42 | |
paul@951 | 43 | These files can be incorporated into the Exim configuration. On Debian |
paul@951 | 44 | systems, they can be copied into `/etc/exim4/conf.d/router`. |
paul@951 | 45 | |
paul@951 | 46 | == Using LDAP with Postfix == |
paul@951 | 47 | |
paul@951 | 48 | Example configuration files for Postfix are distributed in `conf/postfix/ldap`: |
paul@951 | 49 | |
paul@951 | 50 | {{{#!table |
paul@951 | 51 | '''File''' || '''Purpose''' |
paul@951 | 52 | == |
paul@951 | 53 | `main.cf.example` |
paul@951 | 54 | || Defines recipients and outgoing mail routing (for inclusion in `main.cf`) |
paul@951 | 55 | == |
paul@951 | 56 | `virtual_alias_maps_people.cf` |
paul@951 | 57 | ||<rowspan="3"> Defines recipients and outgoing mail routing |
paul@951 | 58 | == |
paul@951 | 59 | `virtual_alias_maps_people_outgoing.cf` |
paul@951 | 60 | == |
paul@951 | 61 | `virtual_alias_maps_resources.cf` |
paul@951 | 62 | }}} |
paul@951 | 63 | |
paul@951 | 64 | These files can be incorporated into the Postfix configuration. On Debian |
paul@951 | 65 | systems, `main.cf.example` can be merged into `/etc/postfix/main.cf`, |
paul@951 | 66 | whereas the remaining files would be installed into `/etc/postfix/ldap`. |
paul@951 | 67 | |
paul@971 | 68 | Where [[../LocalSMTP|local SMTP routing]] is being performed, the local |
paul@971 | 69 | recipient entry in the `conf/postfix/transport` file is used. |
paul@971 | 70 | |
paul@951 | 71 | == LDAP Representations for Mail Recipients == |
paul@951 | 72 | |
paul@951 | 73 | Relevant LDAP resources for structuring recipient information include the |
paul@951 | 74 | following: |
paul@951 | 75 | |
paul@951 | 76 | {{{#!table |
paul@951 | 77 | '''RFC''' || '''Relevance''' |
paul@951 | 78 | == |
paul@969 | 79 | [[http://tools.ietf.org/html/rfc2307|RFC 2307]] |
paul@969 | 80 | || Defines the `posixAccount` object class |
paul@969 | 81 | == |
paul@969 | 82 | [[https://tools.ietf.org/html/rfc2739|RFC 2739]] |
paul@969 | 83 | || Defines the `calEntry` object class supporting `calFBURL` |
paul@951 | 84 | == |
paul@951 | 85 | [[http://tools.ietf.org/html/rfc2798|RFC 2798]] |
paul@951 | 86 | || Defines the `inetOrgPerson` object class |
paul@951 | 87 | == |
paul@969 | 88 | [[http://tools.ietf.org/html/rfc4524|RFC 4524]] |
paul@969 | 89 | || Defines the `mail` attribute |
paul@951 | 90 | }}} |
paul@951 | 91 | |
paul@951 | 92 | An additional draft RFC describes the `mailRecipient` object class: |
paul@951 | 93 | |
paul@951 | 94 | * https://tools.ietf.org/html/draft-lachman-ldap-mail-routing-03 |
paul@951 | 95 | |
paul@951 | 96 | Resource schemas for LDAP are not effectively standardised for the purposes of |
paul@951 | 97 | this software. A useful object class, `inetResource`, was defined for the |
paul@951 | 98 | iPlanet Calendar Server: |
paul@951 | 99 | |
paul@951 | 100 | * http://docs.oracle.com/cd/E19566-01/819-4437/6n6jckqrf/index.html#anocg |
paul@951 | 101 | * http://docs.oracle.com/cd/E19566-01/819-4437/6n6jckqr8/index.html |
paul@951 | 102 | |
paul@951 | 103 | Although Kolab maintains notions of resources, they are tied up with the |
paul@951 | 104 | notion of a shared folder and the `kolabSharedFolder` object class, although the |
paul@951 | 105 | `mailRecipient` object class is employed by resources in Kolab. |