[Dovecot] LMTP: Rejecting unknown users

Peer Heinlein p.heinlein at heinlein-support.de
Wed Aug 4 16:37:09 EEST 2010


Hi!

I'm using static results in LDAP-lookups:

uris = ldap://127.0.0.1
dn = xxxxxxxxxxxxx
dnpass = xxxxxxxxxxxx
tls = no
ldap_version = 3
base = xxxxxxxxxxxxxxxxx
user_attrs = 
=home=/mail/%d/%n,=uid=10000,=gid=10000,jpberlinMailQuota=quota_rule=*:storage=%$B
user_filter = (email=%u)
pass_attrs = userPassword=password
pass_filter = (email=%u)
default_pass_scheme = PLAIN

Unfortunately, LMTP accepts mail for *all* users, even for those users, 
that doesn't exist in LDAP at all:

010-08-04 12:27:58 auth: Debug: Loading modules from 
directory: /usr/lib/dovecot/modules/auth
2010-08-04 12:27:58 auth: Debug: auth client connected (pid=10049)
2010-08-04 12:27:58 lmtp(10054): Debug: none: root=, index=, control=, 
inbox=
2010-08-04 12:27:58 auth: Debug: master in: USER        1       
tessdfdfgdsft at example.org       service=lmtp    lip=(null)      r
ip=(null)
2010-08-04 12:27:58 auth: Debug: 
ldap(tessdfdfgdsft at example.org,0.0.0.0): user search: 
base=xxxxxxxxxxxxxxxxxxx
2010-08-04 12:27:58 auth: Debug: 
ldap(tessdfdfgdsft at example.org,0.0.0.0): no fields returned by the 
server
2010-08-04 12:27:58 auth: Debug: master out: USER       1       
tessdfdfgdsft at example.org       home=/mail/example.org/tessdfdfgd
sft    uid=10000       gid=10000
2010-08-04 12:27:58 lmtp(10054): Debug: auth input: 
tessdfdfgdsft at example.org home=/mail/example.org/tessdfdfgdsft 
uid=10000 gid=
10000
2010-08-04 12:27:58 lmtp(10054, tessdfdfgdsft at example.org): Debug: 
Effective uid=10000, gid=10000, home=/mail/example.org/tessdfd
fgdsft
2010-08-04 12:27:58 lmtp(10054, tessdfdfgdsft at example.org): Debug: 
Namespace : type=private, prefix=, sep=/, inbox=yes, hidden=no
, list=yes, subscriptions=yes
2010-08-04 12:27:58 lmtp(10054, tessdfdfgdsft at example.org): Debug: 
maildir++: root=/mail/example.org/tessdfdfgdsft/Maildir, index
=, control=, inbox=/mail/example.org/tessdfdfgdsft/Maildir
2010-08-04 12:27:58 lmtp(10054, tessdfdfgdsft at example.org): Debug: 
Namespace : type=shared, prefix=shared/%u/, sep=/, inbox=no, h
idden=no, list=children, subscriptions=no
2010-08-04 12:27:58 lmtp(10054, tessdfdfgdsft at example.org): Debug: 
shared: root=/var/run/dovecot, index=, control=, inbox=


Looks like the "allow_all_users"-Problem from the static database. :-) 
How can I tell LMTP do reject Mails to users, that doesn't exist in the 
database/LDAP?

It's much better to do this in Dovecot/LMTP then in Postfix-Relay (which 
can then use LMTP for dynamic address verification).

Peer


-- 

Heinlein Professional Linux Support GmbH
Linux: Akademie - Support - Hosting
http://www.heinlein-support.de

Tel: 030-405051-42
Fax: 030-405051-19

Zwangsangaben lt. §35a GmbHG:
HRB 93818 B / Amtsgericht Berlin-Charlottenburg, 
Geschäftsführer: Peer Heinlein  -- Sitz: Berlin

-------------- next part --------------
A non-text attachment was scrubbed...
Name: dovecot.conf
Type: text/x-c++hdr
Size: 1594 bytes
Desc: not available
Url : http://dovecot.org/pipermail/dovecot/attachments/20100804/cfedaf5e/attachment.bin 


More information about the dovecot mailing list