mirror/docker-mailserver.docker-mailserver
1
0
Fork 0
mirror of https://github.com/docker-mailserver/docker-mailserver.git synced 2025-07-30 23:54:46 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

deploy: a0ee472501

Browse source
This commit is contained in:
github-actions[bot] 2021-09-22 23:30:04 +00:00
parent 07afd2c901
commit 4d20a99272
46 changed files with 847 additions and 862 deletions
Download patch file Download diff file Expand all files Collapse all files

50
edge/examples/uses-cases/forward-only-mailserver-with-ldap-authentication/index.html
View file

@ -6,7 +6,7 @@
<meta charset="utf-8">
<meta name="viewport" content="width=device-width,initial-scale=1">
<meta name="description" content="A fullstack but simple mail server (SMTP, IMAP, LDAP, Antispam, Antivirus, etc.) using Docker.">
<meta name="description" content="A fullstack but simple mail-server (SMTP, IMAP, LDAP, Antispam, Antivirus, etc.) using Docker.">
@ -16,15 +16,15 @@
<link rel="canonical" href="https://docker-mailserver.github.io/docker-mailserver/edge/examples/uses-cases/forward-only-mailserver-with-ldap-authentication/">
<link rel="icon" href="../../../assets/logo/favicon-32x32.png">
<meta name="generator" content="mkdocs-1.2.2, mkdocs-material-7.2.6">
<meta name="generator" content="mkdocs-1.2.2, mkdocs-material-7.2.8">
<title>Use Cases | Forward-Only Mailserver with LDAP - Docker Mailserver</title>
<title>Use Cases | Forward-Only Mail-Server with LDAP - Docker Mailserver</title>
<link rel="stylesheet" href="../../../assets/stylesheets/main.802231af.min.css">
<link rel="stylesheet" href="../../../assets/stylesheets/main.92558b1b.min.css">
<link rel="stylesheet" href="../../../assets/stylesheets/palette.3f5d1f46.min.css">
@ -73,7 +73,7 @@
<div data-md-component="skip">
<a href="#building-a-forward-only-mailserver" class="md-skip">
<a href="#building-a-forward-only-mail-server" class="md-skip">
Skip to content
</a>
@ -102,7 +102,7 @@
<div class="md-header__topic" data-md-component="header-topic">
<span class="md-ellipsis">
Use Cases | Forward-Only Mailserver with LDAP
Use Cases | Forward-Only Mail-Server with LDAP
</span>
</div>
@ -1030,7 +1030,7 @@
<li class="md-nav__item">
<a href="../../tutorials/mailserver-behind-proxy/" class="md-nav__link">
Mailserver behind Proxy
Mail-Server behind a Proxy
</a>
</li>
@ -1090,12 +1090,12 @@
<label class="md-nav__link md-nav__link--active" for="__toc">
Forward-Only Mailserver with LDAP
Forward-Only Mail-Server with LDAP
<span class="md-nav__icon md-icon"></span>
</label>
<a href="./" class="md-nav__link md-nav__link--active">
Forward-Only Mailserver with LDAP
Forward-Only Mail-Server with LDAP
</a>
@ -1111,8 +1111,8 @@
<ul class="md-nav__list" data-md-component="toc" data-md-scrollfix>
<li class="md-nav__item">
<a href="#building-a-forward-only-mailserver" class="md-nav__link">
Building a Forward-Only Mailserver
<a href="#building-a-forward-only-mail-server" class="md-nav__link">
Building a Forward-Only Mail-Server
</a>
</li>
@ -1303,8 +1303,8 @@
<ul class="md-nav__list" data-md-component="toc" data-md-scrollfix>
<li class="md-nav__item">
<a href="#building-a-forward-only-mailserver" class="md-nav__link">
Building a Forward-Only Mailserver
<a href="#building-a-forward-only-mail-server" class="md-nav__link">
Building a Forward-Only Mail-Server
</a>
</li>
@ -1333,10 +1333,10 @@
</a>
<h1>Forward-Only Mailserver with LDAP</h1>
<h1>Forward-Only Mail-Server with LDAP</h1>
<h2 id="building-a-forward-only-mailserver"><a class="toclink" href="#building-a-forward-only-mailserver">Building a Forward-Only Mailserver</a></h2>
<p>A <strong>forward-only</strong> mailserver does not have any local mailboxes. Instead, it has only aliases that forward emails to external email accounts (for example to a Gmail account). You can also send email from the localhost (the computer where the mailserver is installed), using as sender any of the alias addresses.</p>
<h2 id="building-a-forward-only-mail-server"><a class="toclink" href="#building-a-forward-only-mail-server">Building a Forward-Only Mail-Server</a></h2>
<p>A <strong>forward-only</strong> mail-server does not have any local mailboxes. Instead, it has only aliases that forward emails to external email accounts (for example to a Gmail account). You can also send email from the localhost (the computer where <code>docker-mailserver</code> is installed), using as sender any of the alias addresses.</p>
<p>The important settings for this setup (on <code>mailserver.env</code>) are these:</p>
<div class="highlight"><pre><span></span><code><span class="na">PERMIT_DOCKER</span><span class="o">=</span><span class="s">host</span>
<span class="na">ENABLE_POP3</span><span class="o">=</span>
@ -1350,7 +1350,7 @@
<div class="highlight"><pre><span></span><code>./setup.sh <span class="nb">alias</span> add &lt;alias-address&gt; &lt;external-email-account&gt;
</code></pre></div>
<h2 id="authenticating-with-ldap"><a class="toclink" href="#authenticating-with-ldap">Authenticating with LDAP</a></h2>
<p>If you want to send emails from outside the mailserver you have to authenticate somehow (with a username and password). One way of doing it is described in <a href="https://github.com/docker-mailserver/docker-mailserver/issues/1247">this discussion</a>. However if there are many user accounts, it is better to use authentication with LDAP. The settings for this on <code>mailserver.env</code> are:</p>
<p>If you want to send emails from outside the mail-server you have to authenticate somehow (with a username and password). One way of doing it is described in <a href="https://github.com/docker-mailserver/docker-mailserver/issues/1247">this discussion</a>. However if there are many user accounts, it is better to use authentication with LDAP. The settings for this on <code>mailserver.env</code> are:</p>
<div class="highlight"><pre><span></span><code><span class="na">ENABLE_LDAP</span><span class="o">=</span><span class="s">1</span>
<span class="na">LDAP_START_TLS</span><span class="o">=</span><span class="s">yes</span>
<span class="na">LDAP_SERVER_HOST</span><span class="o">=</span><span class="s">ldap.example.org</span>
@ -1367,16 +1367,16 @@
<span class="na">SASLAUTHD_LDAP_SEARCH_BASE</span><span class="o">=</span><span class="s">ou=users,dc=example,dc=org</span>
<span class="na">SASLAUTHD_LDAP_FILTER</span><span class="o">=</span><span class="s">(&amp;(uid=%U)(objectClass=inetOrgPerson))</span>
</code></pre></div>
<p>My LDAP data structure is very basic, containing only the username, password, and the external email address where to forward emails for this user. An entry looks like this</p>
<p>My LDAP data structure is very basic, containing only the username, password, and the external email address where to forward emails for this user. An entry looks like this:</p>
<div class="highlight"><pre><span></span><code><span class="na">add uid</span><span class="o">=</span><span class="s">username,ou=users,dc=example,dc=org</span>
<span class="na">uid</span><span class="o">:</span> <span class="s">username</span>
<span class="na">objectClass</span><span class="o">:</span> <span class="s">inetOrgPerson</span>
<span class="na">sn</span><span class="o">:</span> <span class="s">username</span>
<span class="na">cn</span><span class="o">:</span> <span class="s">username</span>
<span class="na">userPassword</span><span class="o">:</span> <span class="s">{SSHA}abcdefghi123456789</span>
<span class="na">email</span><span class="o">:</span> <span class="s">real-email-address@external-domain.com</span>
<span class="na">email</span><span class="o">:</span> <span class="s">external-account@gmail.com</span>
</code></pre></div>
<p>This structure is different from what is expected/assumed from the configuration scripts of the mailserver, so it doesn't work just by using the <code>LDAP_QUERY_FILTER_...</code> settings. Instead, I had to do <a href="https://github.com/docker-mailserver/docker-mailserver/blob/master/README.md#custom-user-changes--patches">custom configuration</a>. I created the script <code>config/user-patches.sh</code>, with a content like this:</p>
<p>This structure is different from what is expected/assumed from the configuration scripts of <code>docker-mailserver</code>, so it doesn't work just by using the <code>LDAP_QUERY_FILTER_...</code> settings. Instead, I had to use a custom configuration (<a href="./config/advanced/override-defaults/user-patches.md">via <code>user-patches.sh</code></a>). I created the script <code>docker-data/dms/config/user-patches.sh</code>, with content like this:</p>
<div class="highlight"><pre><span></span><code><span class="ch">#!/bin/bash</span>
rm -f /etc/postfix/<span class="o">{</span>ldap-groups.cf,ldap-domains.cf<span class="o">}</span>
@ -1409,13 +1409,13 @@ cat <span class="s">&lt;&lt;EOF &gt;&gt; /etc/postfix/ldap-aliases.cf</span>
postfix reload
</code></pre></div>
<p>You see that besides <code>query_filter</code>, I had to customize as well <code>result_attribute</code> and <code>result_format</code>.</p>
<div class="admonition seealso">
<div class="admonition note">
<p class="admonition-title">See also</p>
<p>For more details about using LDAP see: <a href="https://www.vennedey.net/resources/2-LDAP-managed-mail-server-with-Postfix-and-Dovecot-for-multiple-domains">LDAP managed mail server with Postfix and Dovecot for multiple domains</a></p>
<p>For more details about using LDAP see: <a href="https://www.vennedey.net/resources/2-LDAP-managed-mail-server-with-Postfix-and-Dovecot-for-multiple-domains">LDAP managed mail-server with Postfix and Dovecot for multiple domains</a></p>
</div>
<div class="admonition note">
<p class="admonition-title">Note</p>
<p>Another solution that serves as a forward-only mailserver is this: <a href="https://gitlab.com/docker-scripts/postfix">https://gitlab.com/docker-scripts/postfix</a></p>
<p>Another solution that serves as a forward-only mail-server is <a href="https://gitlab.com/docker-scripts/postfix">this</a>.</p>
</div>
<div class="admonition tip">
<p class="admonition-title">Tip</p>
@ -1502,10 +1502,10 @@ postfix reload
<div class="md-dialog" data-md-component="dialog">
<div class="md-dialog__inner md-typeset"></div>
</div>
<script id="__config" type="application/json">{"base": "../../..", "features": ["navigation.tabs", "navigation.top", "navigation.expand", "navigation.instant"], "translations": {"clipboard.copy": "Copy to clipboard", "clipboard.copied": "Copied to clipboard", "search.config.lang": "en", "search.config.pipeline": "trimmer, stopWordFilter", "search.config.separator": "[\\s\\-]+", "search.placeholder": "Search", "search.result.placeholder": "Type to start searching", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.term.missing": "Missing", "select.version.title": "Select version"}, "search": "../../../assets/javascripts/workers/search.409db549.min.js", "version": {"provider": "mike"}}</script>
<script id="__config" type="application/json">{"base": "../../..", "features": ["navigation.tabs", "navigation.top", "navigation.expand", "navigation.instant"], "translations": {"clipboard.copy": "Copy to clipboard", "clipboard.copied": "Copied to clipboard", "search.config.lang": "en", "search.config.pipeline": "trimmer, stopWordFilter", "search.config.separator": "[\\s\\-]+", "search.placeholder": "Search", "search.result.placeholder": "Type to start searching", "search.result.none": "No matching documents", "search.result.one": "1 matching document", "search.result.other": "# matching documents", "search.result.more.one": "1 more on this page", "search.result.more.other": "# more on this page", "search.result.term.missing": "Missing", "select.version.title": "Select version"}, "search": "../../../assets/javascripts/workers/search.94ec81fe.min.js", "version": {"provider": "mike"}}</script>
<script src="../../../assets/javascripts/bundle.756773cc.min.js"></script>
<script src="../../../assets/javascripts/bundle.48dfec6c.min.js"></script>
</body>