Kolab policy with alias domains

Daniel Hoffend dh at dotlan.net
Tue Sep 2 16:25:44 CEST 2014


Didn't fully rewrote all command details to match your scenario
ldapsearch -xW -b "dc=example,dc=org" -D "cn=Directory Manager" 
"mail=john.doe at example.org" mail alias mailAlternateAddress
but you should get the trick anyhow.

Regards
Daniel

------ Originalnachricht ------
Von: "Daniel Hoffend" <dh at dotlan.net>
An: "Sebastian Walter" <mail at swalter-it.com>; users at lists.kolab.org
Gesendet: 02.09.2014 16:22:48
Betreff: Re[2]: Kolab policy with alias domains

>Okay. just to compare
>
>This is your full submission_sender_restrictions right?
>submission_sender_restrictions = reject_non_fqdn_sender, 
>check_policy_service unix:private/submission_policy, 
>permit_sasl_authenticated, reject
>One more question:
>is your mail address configured as "alias" or "mailAlternateAdress"
>the later one is only to add external mail addresses. Only mail and 
>alias
>should be used for internal mail addresses that the user is allowed to 
>use.
>
>I get the same error message when my Kolab Account and the mail 
>addresses are not configured properly! (use mail+alias not external)
>Please check your LDAP entry using the following command:
>
>ldapsearch -xW -b "dc=dotlan,dc=info" -D "cn=Directory Manager" 
>"mail=daniel.hoffend at dotlan.info" mail alias mailAlternateAddress
># doe, People, example.org
>dn: uid=doe,ou=People,dc=exampe,dc=org
>mail: john.doe at example.org
>alias: john at example.org
>alias: mail at myexample.org
>mailAlternateAddress: john.doe at gmail.com
>
>
>Results:
>* sending with john.doe at example.org -> OK
>* sending with john at example.org -> OK
>* sending with mail at myexample.org -> OK
>* sending with john.doe at gmail.com -> REJECT: Could not find envelope 
>sender user ...
>
>I hope this makes it clear.
>
>One more thing regaring the policies:
>You might want to reset your policy_result cache (once you fixed your 
>account) otherwise it can get wrong results;
>
>mysql -u root -p -D kolab -e "TRUNCATE TABLE policy_result";
>
>
>
>regards
>Daniel
>
>------ Originalnachricht ------
>Von: "Sebastian Walter" <mail at swalter-it.com>
>An: "Daniel Hoffend" <dh at dotlan.net>; users at lists.kolab.org
>Gesendet: 02.09.2014 14:33:16
>Betreff: Re: Kolab policy with alias domains
>
>>Hi Daniel,
>>
>>Thanks for helping me on this. Here are the answers to your questions.
>>
>>On 09/02/14 14:00, Daniel Hoffend wrote:
>>>  From what I understand:
>>>  * The user's primary_mail is withing the primary_domain of this
>>>  instance (user at example.org)
>>>  * You can send and authenticate via your primary mail yes?
>>>  * You can't send emails when choosing an alias from myexample.org as
>>>  from address
>>
>>Yes this is all true.
>>
>>>  Here are my questions:
>>>  * Do you have this problem when using roundcube or only when using a
>>>  external mail client
>>
>>I tried it using an external imap mail client (Thunderbird), roundcube
>>would be the next step in my opinion.
>>
>>>  * are you authenticating your primary_mail when trying to send from 
>>>an
>>>  alias (which should be the right/best way)
>>
>>yes, authenticating as joe at example.org but setting an email address as
>>mail at myexample.org (virtual example).
>>
>>>  * Most important: Are you using SMTP Port 587 (submission) for 
>>>sending
>>>  or do you try sending emails via Port 25?
>>
>>yes I'm using port 587 (STARTTLS). Here are the relevant lines from
>>/var/log/maillog:
>>
>>Sep 2 13:23:47 <host> postfix/submission/smtpd[17059]: connect from
>><clienthost>[xx.xx.xx.xx]
>>Sep 2 13:23:48 <host> postfix/submission/smtpd[17059]: 6720AE0882:
>>client=<clienthost>[xx.xx.xx.xx], sasl_method=PLAIN,
>>sasl_username=joe at example.org
>>Sep 2 13:23:48 <host> postfix/submission/smtpd[17059]: 6720AE0882:
>>reject: DATA from <clienthost>[xx.xx.xx.xx]: 554 5.7.1 <DATA>: Data
>>command rejected: Could not find envelope sender user
>>mail at myexample.org; from=<mail at myexample.org>
>>to=<receiver at virtual-example.org> proto=ESMTP helo=<[xx.xx.xx.xx]>
>>
>>The mails get accepted if I change "submission_data_restrictions = " 
>>to
>>an empty string in postfix' main.cf.
>>
>>Many regards,
>>Sebastian
>>_______________________________________________
>>users mailing list
>>users at lists.kolab.org
>>https://lists.kolab.org/mailman/listinfo/users



More information about the users mailing list