paul@951 | 1 | = LDAP Mail Integration = |
paul@951 | 2 | |
paul@951 | 3 | LDAP can be used to identify mail recipients by configuring the mail transport |
paul@951 | 4 | agent (MTA) to issue queries to a suitable service. Where necessary, the |
paul@951 | 5 | following definitions need to be incorporated into the example configuration |
paul@951 | 6 | files given below: |
paul@951 | 7 | |
paul@951 | 8 | || '''Definition''' || '''Purpose''' || |
paul@951 | 9 | || `LDAP_SERVICE_BIND_DN` || LDAP user identity to connect to the service || |
paul@951 | 10 | || `LDAP_SERVICE_PASSWORD` || LDAP user password for connection || |
paul@951 | 11 | || `LDAP_HOST` || The host providing the LDAP service || |
paul@951 | 12 | || `LDAP_PORT` || The port number of the LDAP service || |
paul@951 | 13 | || `LDAP_BASE_DN` || The section of the database to search || |
paul@951 | 14 | |
paul@951 | 15 | == Using LDAP with Exim == |
paul@951 | 16 | |
paul@951 | 17 | Example configuration files for Exim are distributed in `conf/exim/ldap`: |
paul@951 | 18 | |
paul@951 | 19 | {{{#!table |
paul@951 | 20 | '''File''' || '''Purpose''' |
paul@951 | 21 | == |
paul@951 | 22 | `010_exim4-config_ldap_people_outgoing` |
paul@951 | 23 | ||<rowspan="4"> Defines recipients and outgoing mail routing |
paul@951 | 24 | == |
paul@951 | 25 | `020_exim4-config_ldap_people` |
paul@951 | 26 | == |
paul@951 | 27 | `020_exim4-config_ldap_resources` |
paul@951 | 28 | == |
paul@951 | 29 | `020_exim4-config_ldap_people_outgoing_recipients` |
paul@969 | 30 | == |
paul@969 | 31 | `020_exim4-config_ldap_people_local` |
paul@969 | 32 | || Defines routing for local recipients for delivery to local mailboxes |
paul@951 | 33 | }}} |
paul@951 | 34 | |
paul@951 | 35 | These files can be incorporated into the Exim configuration. On Debian |
paul@951 | 36 | systems, they can be copied into `/etc/exim4/conf.d/router`. |
paul@951 | 37 | |
paul@951 | 38 | == Using LDAP with Postfix == |
paul@951 | 39 | |
paul@951 | 40 | Example configuration files for Postfix are distributed in `conf/postfix/ldap`: |
paul@951 | 41 | |
paul@951 | 42 | {{{#!table |
paul@951 | 43 | '''File''' || '''Purpose''' |
paul@951 | 44 | == |
paul@951 | 45 | `main.cf.example` |
paul@951 | 46 | || Defines recipients and outgoing mail routing (for inclusion in `main.cf`) |
paul@951 | 47 | == |
paul@951 | 48 | `virtual_alias_maps_people.cf` |
paul@951 | 49 | ||<rowspan="3"> Defines recipients and outgoing mail routing |
paul@951 | 50 | == |
paul@951 | 51 | `virtual_alias_maps_people_outgoing.cf` |
paul@951 | 52 | == |
paul@951 | 53 | `virtual_alias_maps_resources.cf` |
paul@951 | 54 | }}} |
paul@951 | 55 | |
paul@951 | 56 | These files can be incorporated into the Postfix configuration. On Debian |
paul@951 | 57 | systems, `main.cf.example` can be merged into `/etc/postfix/main.cf`, |
paul@951 | 58 | whereas the remaining files would be installed into `/etc/postfix/ldap`. |
paul@951 | 59 | |
paul@951 | 60 | == LDAP Representations for Mail Recipients == |
paul@951 | 61 | |
paul@951 | 62 | Relevant LDAP resources for structuring recipient information include the |
paul@951 | 63 | following: |
paul@951 | 64 | |
paul@951 | 65 | {{{#!table |
paul@951 | 66 | '''RFC''' || '''Relevance''' |
paul@951 | 67 | == |
paul@969 | 68 | [[http://tools.ietf.org/html/rfc2307|RFC 2307]] |
paul@969 | 69 | || Defines the `posixAccount` object class |
paul@969 | 70 | == |
paul@969 | 71 | [[https://tools.ietf.org/html/rfc2739|RFC 2739]] |
paul@969 | 72 | || Defines the `calEntry` object class supporting `calFBURL` |
paul@951 | 73 | == |
paul@951 | 74 | [[http://tools.ietf.org/html/rfc2798|RFC 2798]] |
paul@951 | 75 | || Defines the `inetOrgPerson` object class |
paul@951 | 76 | == |
paul@969 | 77 | [[http://tools.ietf.org/html/rfc4524|RFC 4524]] |
paul@969 | 78 | || Defines the `mail` attribute |
paul@951 | 79 | }}} |
paul@951 | 80 | |
paul@951 | 81 | An additional draft RFC describes the `mailRecipient` object class: |
paul@951 | 82 | |
paul@951 | 83 | * https://tools.ietf.org/html/draft-lachman-ldap-mail-routing-03 |
paul@951 | 84 | |
paul@951 | 85 | Resource schemas for LDAP are not effectively standardised for the purposes of |
paul@951 | 86 | this software. A useful object class, `inetResource`, was defined for the |
paul@951 | 87 | iPlanet Calendar Server: |
paul@951 | 88 | |
paul@951 | 89 | * http://docs.oracle.com/cd/E19566-01/819-4437/6n6jckqrf/index.html#anocg |
paul@951 | 90 | * http://docs.oracle.com/cd/E19566-01/819-4437/6n6jckqr8/index.html |
paul@951 | 91 | |
paul@951 | 92 | Although Kolab maintains notions of resources, they are tied up with the |
paul@951 | 93 | notion of a shared folder and the `kolabSharedFolder` object class, although the |
paul@951 | 94 | `mailRecipient` object class is employed by resources in Kolab. |