Also search on the domain name for the virtual domain name in the ldap (Solves: #638) (#642)

Added test to check email delivery for a other domain then the primary
of the mailserver.
This commit is contained in:
Johan Smits 2017-08-19 10:32:00 +02:00 committed by Thomas VIAL
parent 9e7959fafe
commit 04904e77c4
7 changed files with 89 additions and 3 deletions

View file

@ -113,7 +113,7 @@ RUN sed -i -e 's/include_try \/usr\/share\/dovecot\/protocols\.d/include_try \/e
# Configures LDAP # Configures LDAP
COPY target/dovecot/dovecot-ldap.conf.ext /etc/dovecot COPY target/dovecot/dovecot-ldap.conf.ext /etc/dovecot
COPY target/postfix/ldap-users.cf target/postfix/ldap-groups.cf target/postfix/ldap-aliases.cf /etc/postfix/ COPY target/postfix/ldap-users.cf target/postfix/ldap-groups.cf target/postfix/ldap-aliases.cf target/postfix/ldap-domains.cf /etc/postfix/
# Enables Spamassassin CRON updates # Enables Spamassassin CRON updates
RUN sed -i -r 's/^(CRON)=0/\1=1/g' /etc/default/spamassassin RUN sed -i -r 's/^(CRON)=0/\1=1/g' /etc/default/spamassassin

View file

@ -116,6 +116,7 @@ run:
-e LDAP_QUERY_FILTER_USER="(&(mail=%s)(mailEnabled=TRUE))" \ -e LDAP_QUERY_FILTER_USER="(&(mail=%s)(mailEnabled=TRUE))" \
-e LDAP_QUERY_FILTER_GROUP="(&(mailGroupMember=%s)(mailEnabled=TRUE))" \ -e LDAP_QUERY_FILTER_GROUP="(&(mailGroupMember=%s)(mailEnabled=TRUE))" \
-e LDAP_QUERY_FILTER_ALIAS="(&(mailAlias=%s)(mailEnabled=TRUE))" \ -e LDAP_QUERY_FILTER_ALIAS="(&(mailAlias=%s)(mailEnabled=TRUE))" \
-e LDAP_QUERY_FILTER_DOMAIN="(&(|(mail=*@%s)(mailalias=*@%s)(mailGroupMember=*@%s))(mailEnabled=TRUE))" \
-e DOVECOT_PASS_FILTER="(&(objectClass=PostfixBookMailAccount)(uniqueIdentifier=%n))" \ -e DOVECOT_PASS_FILTER="(&(objectClass=PostfixBookMailAccount)(uniqueIdentifier=%n))" \
-e DOVECOT_USER_FILTER="(&(objectClass=PostfixBookMailAccount)(uniqueIdentifier=%n))" \ -e DOVECOT_USER_FILTER="(&(objectClass=PostfixBookMailAccount)(uniqueIdentifier=%n))" \
-e ENABLE_SASLAUTHD=1 \ -e ENABLE_SASLAUTHD=1 \

View file

@ -0,0 +1,8 @@
bind = yes
bind_dn = cn=admin,dc=domain,dc=com
bind_pw = admin
query_filter = (&(|(mail=*@%s)(mailalias=*@%s))(mailEnabled=TRUE))
result_attribute = mail
search_base = ou=people,dc=domain,dc=com
server_host = mail.domain.com
version = 3

View file

@ -525,7 +525,7 @@ function _setup_ldap() {
notify 'inf' 'Checking for custom configs' notify 'inf' 'Checking for custom configs'
# cp config files if in place # cp config files if in place
for i in 'users' 'groups' 'aliases'; do for i in 'users' 'groups' 'aliases' 'domains'; do
fpath="/tmp/docker-mailserver/ldap-${i}.cf" fpath="/tmp/docker-mailserver/ldap-${i}.cf"
if [ -f $fpath ]; then if [ -f $fpath ]; then
cp ${fpath} /etc/postfix/ldap-${i}.cf cp ${fpath} /etc/postfix/ldap-${i}.cf
@ -533,11 +533,12 @@ function _setup_ldap() {
done done
notify 'inf' 'Starting to override configs' notify 'inf' 'Starting to override configs'
for f in /etc/postfix/ldap-users.cf /etc/postfix/ldap-groups.cf /etc/postfix/ldap-aliases.cf for f in /etc/postfix/ldap-users.cf /etc/postfix/ldap-groups.cf /etc/postfix/ldap-aliases.cf /etc/postfix/ldap-domains.cf
do do
[[ $f =~ ldap-user ]] && export LDAP_QUERY_FILTER="${LDAP_QUERY_FILTER_USER}" [[ $f =~ ldap-user ]] && export LDAP_QUERY_FILTER="${LDAP_QUERY_FILTER_USER}"
[[ $f =~ ldap-group ]] && export LDAP_QUERY_FILTER="${LDAP_QUERY_FILTER_GROUP}" [[ $f =~ ldap-group ]] && export LDAP_QUERY_FILTER="${LDAP_QUERY_FILTER_GROUP}"
[[ $f =~ ldap-aliases ]] && export LDAP_QUERY_FILTER="${LDAP_QUERY_FILTER_ALIAS}" [[ $f =~ ldap-aliases ]] && export LDAP_QUERY_FILTER="${LDAP_QUERY_FILTER_ALIAS}"
[[ $f =~ ldap-domains ]] && export LDAP_QUERY_FILTER="${LDAP_QUERY_FILTER_DOMAIN}"
configomat.sh "LDAP_" "${f}" configomat.sh "LDAP_" "${f}"
done done
@ -571,6 +572,10 @@ function _setup_ldap() {
postconf -e "virtual_mailbox_maps = ldap:/etc/postfix/ldap-users.cf" || \ postconf -e "virtual_mailbox_maps = ldap:/etc/postfix/ldap-users.cf" || \
notify 'inf' "==> Warning: /etc/postfix/ldap-user.cf not found" notify 'inf' "==> Warning: /etc/postfix/ldap-user.cf not found"
[ -f /etc/postfix/ldap-domains.cf ] && \
postconf -e "virtual_mailbox_domains = /etc/postfix/vhost, ldap:/etc/postfix/ldap-domains.cf" || \
notify 'inf' "==> Warning: /etc/postfix/ldap-domains.cf not found"
[ -f /etc/postfix/ldap-aliases.cf -a -f /etc/postfix/ldap-groups.cf ] && \ [ -f /etc/postfix/ldap-aliases.cf -a -f /etc/postfix/ldap-groups.cf ] && \
postconf -e "virtual_alias_maps = ldap:/etc/postfix/ldap-aliases.cf, ldap:/etc/postfix/ldap-groups.cf" || \ postconf -e "virtual_alias_maps = ldap:/etc/postfix/ldap-aliases.cf, ldap:/etc/postfix/ldap-groups.cf" || \
notify 'inf' "==> Warning: /etc/postfix/ldap-aliases.cf or /etc/postfix/ldap-groups.cf not found" notify 'inf' "==> Warning: /etc/postfix/ldap-aliases.cf or /etc/postfix/ldap-groups.cf not found"

View file

@ -0,0 +1,25 @@
# --------------------------------------------------------------------
# Create mail accounts
# --------------------------------------------------------------------
# Some User
dn: uniqueIdentifier=some.other.user,ou=people,dc=localhost,dc=localdomain
changetype: add
objectClass: organizationalPerson
objectClass: person
objectClass: top
objectClass: PostfixBookMailAccount
objectClass: extensibleObject
cn: Some Other User
givenName: Other User
mail: some.other.user@localhost.otherdomain
mailAlias: postmaster@localhost.otherdomain
mailGroupMember: employees@localhost.otherdomain
mailEnabled: TRUE
mailGidNumber: 5000
mailHomeDirectory: /var/mail/localhost.localdomain/some.other.user/
mailQuota: 10240
mailStorageDirectory: maildir:/var/mail/localhost.localdomain/some.other.user/
mailUidNumber: 5000
sn: Some
uniqueIdentifier: some.other.user
userPassword: {SSHA}eLtqGpid+hkSVhxvsdTPztv4uapRofGx

View file

@ -0,0 +1,23 @@
# --------------------------------------------------------------------
# Create mail accounts
# --------------------------------------------------------------------
# Some User
dn: uniqueIdentifier=some.user.id,ou=people,dc=localhost,dc=localdomain
changetype: add
objectClass: organizationalPerson
objectClass: person
objectClass: top
objectClass: PostfixBookMailAccount
objectClass: extensibleObject
cn: Some User
givenName: User
mail: some.user.email@localhost.localdomain
mailEnabled: TRUE
mailGidNumber: 5000
mailHomeDirectory: /var/mail/localhost.localdomain/some.user.id/
mailQuota: 10240
mailStorageDirectory: maildir:/var/mail/localhost.localdomain/some.user.id/
mailUidNumber: 5000
sn: Some
uniqueIdentifier: some.user.id
userPassword: {SSHA}eLtqGpid+hkSVhxvsdTPztv4uapRofGx

View file

@ -1051,6 +1051,22 @@ load 'test_helper/bats-assert/load'
run docker exec mail_with_ldap /bin/sh -c "postmap -q employees@localhost.localdomain ldap:/etc/postfix/ldap-groups.cf" run docker exec mail_with_ldap /bin/sh -c "postmap -q employees@localhost.localdomain ldap:/etc/postfix/ldap-groups.cf"
assert_success assert_success
assert_output "some.user@localhost.localdomain" assert_output "some.user@localhost.localdomain"
# Test of the user part of the domain is not the same as the uniqueIdentifier part in the ldap
run docker exec mail_with_ldap /bin/sh -c "postmap -q some.user.email@localhost.localdomain ldap:/etc/postfix/ldap-users.cf"
assert_success
assert_output "some.user.email@localhost.localdomain"
# Test email receiving from a other domain then the primary domain of the mailserver
run docker exec mail_with_ldap /bin/sh -c "postmap -q some.other.user@localhost.otherdomain ldap:/etc/postfix/ldap-users.cf"
assert_success
assert_output "some.other.user@localhost.otherdomain"
run docker exec mail_with_ldap /bin/sh -c "postmap -q postmaster@localhost.otherdomain ldap:/etc/postfix/ldap-aliases.cf"
assert_success
assert_output "some.other.user@localhost.otherdomain"
run docker exec mail_with_ldap /bin/sh -c "postmap -q employees@localhost.otherdomain ldap:/etc/postfix/ldap-groups.cf"
assert_success
assert_output "some.other.user@localhost.otherdomain"
} }
@test "checking postfix: ldap custom config files copied" { @test "checking postfix: ldap custom config files copied" {
@ -1099,6 +1115,14 @@ load 'test_helper/bats-assert/load'
assert_output 1 assert_output 1
} }
@test "checking dovecot: ldap mail delivery works for a different domain then the mailserver" {
run docker exec mail_with_ldap /bin/sh -c "sendmail -f user@external.tld some.other.user@localhost.otherdomain < /tmp/docker-mailserver-test/email-templates/test-email.txt"
sleep 10
run docker exec mail_with_ldap /bin/sh -c "ls -A /var/mail/localhost.localdomain/some.other.user/new | wc -l"
assert_success
assert_output 1
}
@test "checking dovecot: ldap config overwrites success" { @test "checking dovecot: ldap config overwrites success" {
run docker exec mail_with_ldap /bin/sh -c "grep 'hosts = ldap' /etc/dovecot/dovecot-ldap.conf.ext" run docker exec mail_with_ldap /bin/sh -c "grep 'hosts = ldap' /etc/dovecot/dovecot-ldap.conf.ext"
assert_success assert_success